urlscan.io logo urlscan.io
SecurityTrails logo

www.nhradiv3.com Open in urlscan Pro
2606:4700:3036::6815:1b50  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.nhradiv3.com/
Effective URL: https://www.nhradiv3.com/
Submission: On October 11 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 108 IPs in 7 countries across 81 domains to perform 372 HTTP transactions. The main IP is 2606:4700:3036::6815:1b50, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.nhradiv3.com.
TLS certificate: Issued by E1 on October 2nd 2022. Valid for: 3 months.
This is the only time www.nhradiv3.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 32 2606:4700:303... 13335 (CLOUDFLAR...)
12 2a00:1450:400... 15169 (GOOGLE)
1 18.66.122.33 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 52.175.198.241 8075 (MICROSOFT...)
29 2a03:2880:f02... 32934 (FACEBOOK)
9 172.66.41.9 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2620:116:800d... 16509 (AMAZON-02)
21 54.76.25.229 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
1 2600:9000:214... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 35.174.160.208 14618 (AMAZON-AES)
2 169.50.137.176 36351 (SOFTLAYER)
1 2 142.250.186.130 15169 (GOOGLE)
1 23.203.75.149 16625 (AKAMAI-AS)
1 2600:9000:223... 16509 (AMAZON-02)
2 9 23.203.77.3 16625 (AKAMAI-AS)
1 2600:9000:205... 16509 (AMAZON-02)
1 172.66.42.247 13335 (CLOUDFLAR...)
1 2 142.0.165.136 7160 (NETDYNAMICS)
1 3 2a00:1450:400... 15169 (GOOGLE)
6 130.211.115.4 396982 (GOOGLE-CL...)
14 205.185.216.42 20446 (STACKPATH...)
1 52.92.192.233 16509 (AMAZON-02)
2 34.95.69.49 396982 (GOOGLE-CL...)
2 69.166.1.9 27630 (AS-XFERNET)
1 34.149.20.76 15169 (GOOGLE)
3 8 37.252.173.38 29990 (ASN-APPNEX)
5 34.98.64.218 396982 (GOOGLE-CL...)
1 104.36.115.111 62713 (AS-PUBMATIC)
3 216.52.2.39 30282 (AS-INAPCD...)
1 3.73.155.254 16509 (AMAZON-02)
4 51.89.9.252 16276 (OVH)
1 2602:803:c004... 26667 (RUBICONPR...)
10 34.248.37.242 16509 (AMAZON-02)
1 3.123.131.30 16509 (AMAZON-02)
1 99.86.4.51 16509 (AMAZON-02)
2 3 147.75.85.234 54825 (PACKET)
7 159.89.246.130 14061 (DIGITALOC...)
12 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 88.221.168.248 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.120.133.55 396982 (GOOGLE-CL...)
7 3.33.220.150 16509 (AMAZON-02)
2 52.28.226.242 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 52.28.203.152 16509 (AMAZON-02)
1 185.94.180.123 35220 (SPOTX-AMS)
2 3.84.56.220 14618 (AMAZON-AES)
1 213.19.147.43 3356 (LEVEL3)
2 104.18.18.126 13335 (CLOUDFLAR...)
4 10 104.18.19.126 13335 (CLOUDFLAR...)
2 2a03:2880:f12... 32934 (FACEBOOK)
2 6 2600:9000:225... 16509 (AMAZON-02)
18 23 34.91.62.186 396982 (GOOGLE-CL...)
1 13.248.245.213 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 3 35.227.248.159 15169 (GOOGLE)
1 1 3.120.204.36 16509 (AMAZON-02)
1 1 3.124.130.212 16509 (AMAZON-02)
2 143.204.215.70 16509 (AMAZON-02)
2 2 2600:1901:0:8... 15169 (GOOGLE)
1 2 54.78.254.47 16509 (AMAZON-02)
1 3.230.66.159 14618 (AMAZON-AES)
1 69.192.160.219 16625 (AKAMAI-AS)
1 2 54.216.193.48 16509 (AMAZON-02)
2 3 216.52.2.48 30282 (AS-INAPCD...)
2 35.244.174.68 15169 (GOOGLE)
1 2 185.94.180.125 35220 (SPOTX-AMS)
6 69.173.144.165 26667 (RUBICONPR...)
7 9 142.250.186.162 15169 (GOOGLE)
1 52.214.200.155 16509 (AMAZON-02)
1 18.194.34.97 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
4 2a03:2880:f01... 32934 (FACEBOOK)
2 3.5.79.185 16509 (AMAZON-02)
2 184.24.9.113 16625 (AKAMAI-AS)
1 2001:4860:480... 15169 (GOOGLE)
1 18.158.3.76 16509 (AMAZON-02)
1 2600:1901:0:8... ()
1 162.19.138.117 ()
3 88.221.168.201 ()
1 151.101.65.108 ()
1 99.86.4.14 ()
2 13.32.27.101 ()
1 104.17.119.107 ()
1 2600:9000:21f... ()
1 185.64.190.78 ()
1 185.86.137.107 ()
1 1 52.200.250.89 ()
2 2 213.19.147.45 ()
1 1 193.0.160.128 ()
2 69.166.1.12 ()
6 6 3.126.56.137 ()
1 18.158.8.202 ()
1 35.227.252.103 ()
1 1 8.2.111.121 ()
1 1 3.66.143.217 ()
2 99.86.4.29 ()
1 80.77.87.161 ()
1 185.64.190.79 ()
1 66.155.71.25 ()
4 4 69.173.144.138 ()
1 2620:1ec:21::14 ()
1 2 2a05:d018:d29... ()
1 8.43.72.98 ()
2 10 185.80.39.216 ()
4 4 37.157.6.241 ()
1 1 2001:678:cb4:... ()
2 2 18.157.93.190 ()
1 2 34.250.104.41 ()
1 1 34.111.151.213 ()
2 2 151.101.194.49 ()
372 108
32    2606:4700:3036::6815:1b50 (United States)

ASN13335 (CLOUDFLARENET, US)
www.nhradiv3.com
12    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
pagead2.googlesyndication.com
1    18.66.122.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-33.fra60.r.cloudfront.net
c.jsrdn.com
3    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    52.175.198.241 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.nhra.net
29    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
scontent.xx.fbcdn.net
9    172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3060.infolinks.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
21    54.76.25.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
s.jsrdn.com
i.jsrdn.com
8    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2600:9000:2057:e400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2600:9000:214f:6a00:11:615:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)
pxl.qccerttest.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
dl.westseven.media
5    35.174.160.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-160-208.compute-1.amazonaws.com
pixel.westseven.media
2    169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com
i.simpli.fi
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
1    23.203.75.149 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-75-149.deploy.static.akamaitechnologies.com
img.en25.com
1    2600:9000:223e:1600:1:c325:9400:21 (United States)

ASN16509 (AMAZON-02, US)
d13l4u7pe64ymo.cloudfront.net
9    23.203.77.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
1    2600:9000:2057:6800:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.ad-score.com
1    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
rt3060.infolinks.com
2    142.0.165.136 (United States)

ASN7160 (NETDYNAMICS, US)
t.nhra.com
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
6    130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
14    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
c5x8i7c7.ssl.hwcdn.net
a.jsrdn.com
1    52.92.192.233 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com
distroscale.s3.amazonaws.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
2    69.166.1.9 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
1    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
8    37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
rtkio-d.openx.net
distroscale-d.openx.net
us-u.openx.net
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    3.73.155.254 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-155-254.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
4    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
10    34.248.37.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    3.123.131.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-131-30.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    99.86.4.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-51.fra6.r.cloudfront.net
hb.undertone.com
3    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
7    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
x.serverbid.com
12    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
5    2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    88.221.168.248 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-248.deploy.static.akamaitechnologies.com
js-sec.indexww.com
1    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ddca18801632163d7aa3aeeeed31408b.safeframe.googlesyndication.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
7    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    52.28.226.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-226-242.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
6    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
2    3.84.56.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-84-56-220.compute-1.amazonaws.com
reachms.bfmio.com
1    213.19.147.43 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
tag.1rx.io
2    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
10    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
as-sec.casalemedia.com
ssum-sec.casalemedia.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2600:9000:225e:c200:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
23    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2600:1f18:612b:4232:db70:d7f4:4d01:ba2d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
3    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    3.120.204.36 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-204-36.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    3.124.130.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-130-212.eu-central-1.compute.amazonaws.com
d.agkn.com
2    143.204.215.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-70.fra53.r.cloudfront.net
sync.intentiq.com
2    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    3.230.66.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-66-159.compute-1.amazonaws.com
sync.bfmio.com
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    54.216.193.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-193-48.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
3    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
6    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
9    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
1    52.214.200.155 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-200-155.eu-west-1.compute.amazonaws.com
d.adroll.com
1    18.194.34.97 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-34-97.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
scontent-frt3-2.xx.fbcdn.net
4    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
scontent-frt3-1.xx.fbcdn.net
2    3.5.79.185 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
2    184.24.9.113 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-9-113.deploy.static.akamaitechnologies.com
video-ads.rubiconproject.com
1    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    18.158.3.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-3-76.eu-central-1.compute.amazonaws.com
optimized-by.rubiconproject.com
1    2600:1901:0:8344:: (None, )

ASN- ()
lexicon.33across.com
1    162.19.138.117 (None, )

ASN- ()
id5-sync.com
3    88.221.168.201 (None, )

ASN- ()
ads.pubmatic.com
1    151.101.65.108 (None, )

ASN- ()
acdn.adnxs.com
1    99.86.4.14 (None, )

ASN- ()
public.servenobid.com
2    13.32.27.101 (None, )

ASN- ()
sync.serverbid.com
1    104.17.119.107 (None, )

ASN- ()
biddr.brealtime.com
1    2600:9000:21f3:7400:1f:2473:9080:93a1 (None, )

ASN- ()
cdn.undertone.com
1    185.64.190.78 (None, )

ASN- ()
image6.pubmatic.com
1    185.86.137.107 (None, )

ASN- ()
ssbsync.smartadserver.com
1    52.200.250.89 (None, )

ASN- ()
x.yieldlift.com
2    213.19.147.45 (None, )

ASN- ()
sync.1rx.io
1    193.0.160.128 (None, )

ASN- ()
p.rfihub.com
2    69.166.1.12 (None, )

ASN- ()
sync.go.sonobi.com
6    3.126.56.137 (None, )

ASN- ()
ups.analytics.yahoo.com
1    18.158.8.202 (None, )

ASN- ()
cs.emxdgt.com
1    35.227.252.103 (None, )

ASN- ()
rtb.openx.net
1    8.2.111.121 (None, )

ASN- ()
sync.colossusssp.com
1    3.66.143.217 (None, )

ASN- ()
pixel.advertising.com
2    99.86.4.29 (None, )

ASN- ()
usr.undertone.com
1    80.77.87.161 (None, )

ASN- ()
cs.admanmedia.com
1    185.64.190.79 (None, )

ASN- ()
image8.pubmatic.com
1    66.155.71.25 (None, )

ASN- ()
pixel-sync.sitescout.com
4    69.173.144.138 (None, )

ASN- ()
token.rubiconproject.com
1    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
2    2a05:d018:d29:3601:d9a0:8a83:a4c7:eb08 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
1    8.43.72.98 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
10    185.80.39.216 (None, )

ASN- ()
dsum-sec.casalemedia.com
dsum.casalemedia.com
4    37.157.6.241 (None, )

ASN- ()
c1.adform.net
1    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
2    18.157.93.190 (None, )

ASN- ()
pm.w55c.net
2    34.250.104.41 (None, )

ASN- ()
dpm.demdex.net
1    34.111.151.213 (None, )

ASN- ()
dmp.brand-display.com
2    151.101.194.49 (None, )

ASN- ()
sync-tm.everesttech.net
Apex Domain
Subdomains		 Transfer
34 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 611
scontent-frt3-2.xx.fbcdn.net — Cisco Umbrella Rank: 10558
scontent-frx5-1.xx.fbcdn.net — Cisco Umbrella Rank: 10413
scontent-frt3-1.xx.fbcdn.net — Cisco Umbrella Rank: 10042
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 268
396 KB
32 nhradiv3.com
www.nhradiv3.com
374 KB
29 jsrdn.com
c.jsrdn.com — Cisco Umbrella Rank: 31988
s.jsrdn.com — Cisco Umbrella Rank: 33238
i.jsrdn.com — Cisco Umbrella Rank: 33611
a.jsrdn.com — Cisco Umbrella Rank: 38655
3 MB
27 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 3516
fastlane.rubiconproject.com — Cisco Umbrella Rank: 701
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3615
pixel.rubiconproject.com — Cisco Umbrella Rank: 493
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1426
video-ads.rubiconproject.com — Cisco Umbrella Rank: 10187
optimized-by.rubiconproject.com — Cisco Umbrella Rank: 6657
eus.rubiconproject.com
secure-assets.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com
183 KB
25 simpli.fi
i.simpli.fi — Cisco Umbrella Rank: 5964
um.simpli.fi — Cisco Umbrella Rank: 1440
14 KB
22 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 754
as-sec.casalemedia.com — Cisco Umbrella Rank: 2214
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
17 KB
20 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
cm.g.doubleclick.net — Cisco Umbrella Rank: 304
271 KB
18 googlesyndication.com
a4914687c0347bbdb5e9d15adc86060a.safeframe.googlesyndication.com Failed
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
ddca18801632163d7aa3aeeeed31408b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 170
81 KB
12 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 456
2 MB
11 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2779
public.servenobid.com
8 KB
10 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1233
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
3 KB
10 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 9367
router.infolinks.com — Cisco Umbrella Rank: 4494
rt3060.infolinks.com — Cisco Umbrella Rank: 102345
235 KB
9 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 4612
sync.serverbid.com
x.serverbid.com
22 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 334
acdn.adnxs.com
25 KB
7 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3652
d.adroll.com — Cisco Umbrella Rank: 2343
21 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 463
2 KB
7 hwcdn.net
c5x8i7c7.ssl.hwcdn.net — Cisco Umbrella Rank: 42720
232 KB
7 ad-score.com
js.ad-score.com — Cisco Umbrella Rank: 6117
data.ad-score.com — Cisco Umbrella Rank: 5194
119 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 19
adservice.google.com — Cisco Umbrella Rank: 136
2 KB
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 869
ce.lijit.com — Cisco Umbrella Rank: 1406
3 KB
6 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 718
ads.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
18 KB
6 openx.net
rtkio-d.openx.net — Cisco Umbrella Rank: 166835
distroscale-d.openx.net — Cisco Umbrella Rank: 46827
us-u.openx.net — Cisco Umbrella Rank: 708
rtb.openx.net
1 KB
6 westseven.media
dl.westseven.media — Cisco Umbrella Rank: 306531
pixel.westseven.media — Cisco Umbrella Rank: 187082
4 KB
5 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 364
82 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 3460
adservice.google.de — Cisco Umbrella Rank: 5221
2 KB
4 adform.net
c1.adform.net
2 KB
4 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 4273
cdn.undertone.com Failed
usr.undertone.com
4 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1080
363 B
4 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2674
sync.go.sonobi.com
2 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 732
721 B
3 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 2524
sync.1rx.io
1 KB
3 bfmio.com
reachms.bfmio.com — Cisco Umbrella Rank: 9849
sync.bfmio.com — Cisco Umbrella Rank: 2633
858 B
3 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 706
sync.search.spotxchange.com — Cisco Umbrella Rank: 835
2 KB
3 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1094
idsync.rlcdn.com — Cisco Umbrella Rank: 596
id.rlcdn.com
501 B
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1451
535 B
3 amazonaws.com
distroscale.s3.amazonaws.com — Cisco Umbrella Rank: 193069
s3-us-west-2.amazonaws.com
96 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1449
pixel.quantserve.com — Cisco Umbrella Rank: 683
11 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 228
101 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1003
www.googleadservices.com — Cisco Umbrella Rank: 154
16 KB
2 everesttech.net
sync-tm.everesttech.net
436 B
2 demdex.net
dpm.demdex.net
2 KB
2 w55c.net
pm.w55c.net
1 KB
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1096
568 B
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 2615
2 KB
2 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 4000
849 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1925
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 791
d.agkn.com — Cisco Umbrella Rank: 916
fid.agkn.com Failed
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 115
35 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 965
26 KB
2 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 3410
cs.emxdgt.com
215 B
2 33across.com
ssc.33across.com — Cisco Umbrella Rank: 2917
lexicon.33across.com
ssc-cms.33across.com Failed
649 B
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 2180
15 B
2 nhra.com
t.nhra.com — Cisco Umbrella Rank: 503984
1005 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
103 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 203
89 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 403
17 KB
1 brand-display.com
dmp.brand-display.com
348 B
1 turn.com
ad.turn.com
425 B
1 linkedin.com
px.ads.linkedin.com
705 B
1 sitescout.com
pixel-sync.sitescout.com
191 B
1 admanmedia.com
cs.admanmedia.com
20 B
1 advertising.com
pixel.advertising.com
166 B
1 colossusssp.com
sync.colossusssp.com
708 B
1 rfihub.com
p.rfihub.com
733 B
1 yieldlift.com
x.yieldlift.com
389 B
1 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com Failed
1 KB
1 brealtime.com
biddr.brealtime.com
1 KB
1 id5-sync.com
id5-sync.com
626 B
1 gstatic.com
csi.gstatic.com
327 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 798
441 B
1 tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 10274
183 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 601
140 B
1 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1577
159 B
1 cloudfront.net
d13l4u7pe64ymo.cloudfront.net
42 KB
1 en25.com
img.en25.com — Cisco Umbrella Rank: 10390
3 KB
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 1356
550 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1200
681 B
1 nhra.net
www.nhra.net
17 KB
0 contextweb.com Failed
bh.contextweb.com Failed
0 amazon-adsystem.com Failed
s.amazon-adsystem.com Failed
aax-eu.amazon-adsystem.com Failed
0 gumgum.com Failed
g2.gumgum.com Failed
372 81
Domain Requested by
32 www.nhradiv3.com 1 redirects www.nhradiv3.com
23 um.simpli.fi 18 redirects
22 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
20 i.jsrdn.com www.nhradiv3.com
12 imasdk.googleapis.com resources.infolinks.com
c5x8i7c7.ssl.hwcdn.net
imasdk.googleapis.com
s3-us-west-2.amazonaws.com
11 pagead2.googlesyndication.com imasdk.googleapis.com
securepubads.g.doubleclick.net
www.nhradiv3.com
tpc.googlesyndication.com
d13l4u7pe64ymo.cloudfront.net
10 ads.servenobid.com ads.rubiconproject.com
public.servenobid.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
9 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
9 cm.g.doubleclick.net 7 redirects
8 ssum-sec.casalemedia.com 4 redirects public.servenobid.com
cdn.undertone.com
ssum-sec.casalemedia.com
8 ib.adnxs.com 3 redirects ads.rubiconproject.com
www.nhradiv3.com
acdn.adnxs.com
8 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.nhradiv3.com
d13l4u7pe64ymo.cloudfront.net
7 match.adsrvr.org js-sec.indexww.com
public.servenobid.com
sync.serverbid.com
cdn.undertone.com
ssum-sec.casalemedia.com
7 a.jsrdn.com www.nhradiv3.com
7 c5x8i7c7.ssl.hwcdn.net c.jsrdn.com
c5x8i7c7.ssl.hwcdn.net
www.nhradiv3.com
6 ups.analytics.yahoo.com 6 redirects
6 eus.rubiconproject.com d13l4u7pe64ymo.cloudfront.net
eus.rubiconproject.com
public.servenobid.com
cdn.undertone.com
6 pixel.rubiconproject.com public.servenobid.com
cdn.undertone.com
eus.rubiconproject.com
6 s.adroll.com 2 redirects www.nhradiv3.com
s.adroll.com
6 tpc.googlesyndication.com d13l4u7pe64ymo.cloudfront.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 data.ad-score.com js.ad-score.com
5 x.serverbid.com sync.serverbid.com
5 s0.2mdn.net imasdk.googleapis.com
5 pixel.westseven.media securepubads.g.doubleclick.net
www.nhradiv3.com
5 www.google.com 2 redirects www.nhradiv3.com
d13l4u7pe64ymo.cloudfront.net
tpc.googlesyndication.com
5 resources.infolinks.com www.nhradiv3.com
resources.infolinks.com
4 c1.adform.net 4 redirects
4 token.rubiconproject.com 4 redirects
4 scontent-frt3-1.xx.fbcdn.net www.facebook.com
4 scontent-frx5-1.xx.fbcdn.net www.facebook.com
4 onetag-sys.com ads.rubiconproject.com
d13l4u7pe64ymo.cloudfront.net
public.servenobid.com
sync.serverbid.com
3 ads.pubmatic.com d13l4u7pe64ymo.cloudfront.net
public.servenobid.com
sync.serverbid.com
3 scontent-frt3-2.xx.fbcdn.net www.facebook.com
3 ce.lijit.com 2 redirects
3 pixel.tapad.com 1 redirects resources.infolinks.com
3 prebid.a-mo.net 2 redirects ads.rubiconproject.com
3 ap.lijit.com ads.rubiconproject.com
public.servenobid.com
sync.serverbid.com
3 router.infolinks.com resources.infolinks.com
3 www.google.de www.nhradiv3.com
3 www.googletagservices.com www.nhradiv3.com
securepubads.g.doubleclick.net
dl.westseven.media
2 sync-tm.everesttech.net 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 pm.w55c.net 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
2 usr.undertone.com cdn.undertone.com
ssum-sec.casalemedia.com
2 sync.go.sonobi.com public.servenobid.com
sync.serverbid.com
2 sync.1rx.io 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 sync.serverbid.com d13l4u7pe64ymo.cloudfront.net
sync.serverbid.com
2 video-ads.rubiconproject.com imasdk.googleapis.com
2 s3-us-west-2.amazonaws.com c5x8i7c7.ssl.hwcdn.net
s3-us-west-2.amazonaws.com
2 us-u.openx.net cdn.undertone.com
2 sync.search.spotxchange.com 1 redirects
2 bcp.crwdcntrl.net 1 redirects
2 loadm.exelator.com 1 redirects
2 fei.pro-market.net 2 redirects
2 sync.intentiq.com
2 www.facebook.com connect.facebook.net
static.xx.fbcdn.net
2 as-sec.casalemedia.com js-sec.indexww.com
2 htlb.casalemedia.com www.nhradiv3.com
2 distroscale-d.openx.net www.nhradiv3.com
2 reachms.bfmio.com www.nhradiv3.com
2 c2shb.pubgw.yahoo.com www.nhradiv3.com
2 prebid-a.rubiconproject.com ads.rubiconproject.com
2 js-sec.indexww.com c5x8i7c7.ssl.hwcdn.net
2 e.serverbid.com ads.rubiconproject.com
sync.serverbid.com
2 apex.go.sonobi.com ads.rubiconproject.com
www.nhradiv3.com
2 i.clean.gg d13l4u7pe64ymo.cloudfront.net
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 t.nhra.com 1 redirects www.nhradiv3.com
2 rt3060.infolinks.com resources.infolinks.com
2 www.googleadservices.com 1 redirects www.googletagmanager.com
2 i.simpli.fi www.googletagmanager.com
i.simpli.fi
2 www.googletagmanager.com www.nhradiv3.com
www.googletagmanager.com
2 adservice.google.com securepubads.g.doubleclick.net
d13l4u7pe64ymo.cloudfront.net
2 adservice.google.de securepubads.g.doubleclick.net
d13l4u7pe64ymo.cloudfront.net
2 pixel.quantserve.com www.nhradiv3.com
2 connect.facebook.net www.nhradiv3.com
connect.facebook.net
2 ssl.google-analytics.com 1 redirects www.nhradiv3.com
1 id.rlcdn.com ssbsync.smartadserver.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 ad.turn.com 1 redirects
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 px.ads.linkedin.com
1 pixel-sync.sitescout.com cdn.undertone.com
1 image8.pubmatic.com cdn.undertone.com
1 cs.admanmedia.com cdn.undertone.com
1 pixel.advertising.com 1 redirects
1 sync.colossusssp.com 1 redirects
1 rtb.openx.net sync.serverbid.com
1 cs.emxdgt.com sync.serverbid.com
1 p.rfihub.com 1 redirects
1 x.yieldlift.com 1 redirects
1 ssbsync.smartadserver.com public.servenobid.com
1 image6.pubmatic.com ads.pubmatic.com
1 biddr.brealtime.com d13l4u7pe64ymo.cloudfront.net
1 public.servenobid.com d13l4u7pe64ymo.cloudfront.net
1 acdn.adnxs.com d13l4u7pe64ymo.cloudfront.net
1 cdn.undertone.com d13l4u7pe64ymo.cloudfront.net
1 id5-sync.com ads.rubiconproject.com
1 lexicon.33across.com ads.rubiconproject.com
1 optimized-by.rubiconproject.com video-ads.rubiconproject.com
1 csi.gstatic.com imasdk.googleapis.com
1 scontent.xx.fbcdn.net www.facebook.com
1 prebid-server.rubiconproject.com www.nhradiv3.com
1 d.adroll.com s.adroll.com
1 idsync.rlcdn.com
1 stags.bluekai.com
1 sync.bfmio.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 eb2.3lift.com
1 tag.1rx.io www.nhradiv3.com
1 search.spotxchange.com www.nhradiv3.com
1 api.rlcdn.com js-sec.indexww.com
ads.rubiconproject.com
1 ddca18801632163d7aa3aeeeed31408b.safeframe.googlesyndication.com d13l4u7pe64ymo.cloudfront.net
1 hb.undertone.com ads.rubiconproject.com
1 btlr.sharethrough.com ads.rubiconproject.com
1 fastlane.rubiconproject.com ads.rubiconproject.com
1 hb.emxdgt.com ads.rubiconproject.com
1 hbopenbid.pubmatic.com ads.rubiconproject.com
1 rtkio-d.openx.net ads.rubiconproject.com
1 ssc.33across.com ads.rubiconproject.com
1 distroscale.s3.amazonaws.com www.nhradiv3.com
1 js.ad-score.com dl.westseven.media
1 ads.rubiconproject.com dl.westseven.media
1 d13l4u7pe64ymo.cloudfront.net dl.westseven.media
1 img.en25.com www.nhradiv3.com
1 dl.westseven.media securepubads.g.doubleclick.net
1 pxl.qccerttest.com www.nhradiv3.com
1 rules.quantcount.com secure.quantserve.com
1 s.jsrdn.com c.jsrdn.com
1 secure.quantserve.com c.jsrdn.com
1 stats.g.doubleclick.net 1 redirects
1 www.nhra.net www.nhradiv3.com
1 c.jsrdn.com www.nhradiv3.com
1 partner.googleadservices.com www.nhradiv3.com
0 bh.contextweb.com Failed ssbsync.smartadserver.com
0 rtb-csync.smartadserver.com Failed ssbsync.smartadserver.com
0 aax-eu.amazon-adsystem.com Failed
0 s.amazon-adsystem.com Failed ssum-sec.casalemedia.com
0 g2.gumgum.com Failed public.servenobid.com
0 ssc-cms.33across.com Failed d13l4u7pe64ymo.cloudfront.net
0 fid.agkn.com Failed ads.rubiconproject.com
0 a4914687c0347bbdb5e9d15adc86060a.safeframe.googlesyndication.com Failed securepubads.g.doubleclick.net
372 147
Subject Issuer Validity Valid
*.nhradiv3.com
E1		 2022-10-02 -
2022-12-31		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.jsrdn.com
Amazon		 2021-11-16 -
2022-12-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
nhra.net
Sectigo RSA Domain Validation Secure Server CA		 2021-09-29 -
2022-10-30		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-20 -
2022-10-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-14 -
2023-06-14		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.westseven.media
Amazon		 2022-06-23 -
2023-07-22		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.en25.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-17 -
2023-07-18		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2022-09-02 -
2023-10-04		 a year crt.sh
*.ssl.hwcdn.net
Sectigo RSA Domain Validation Secure Server CA		 2021-12-22 -
2023-01-19		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh
a.jsrdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-22 -
2023-03-05		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2022-10-04 -
2023-01-02		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-09-14 -
2022-12-13		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.undertone.com
Amazon		 2022-09-03 -
2023-10-01		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.consumableaudio.com
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.bfmio.com
Amazon		 2022-04-16 -
2023-05-15		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
s.adroll.com
Amazon		 2022-07-03 -
2023-08-01		 a year crt.sh
adroll.mgr.consensu.org
Amazon		 2022-08-10 -
2023-09-08		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2021-12-17 -
2022-11-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2022-08-27 -
2022-11-25		 3 months crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
sync.serverbid.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2022-04-21 -
2023-05-23		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh

This page contains 42 frames:

Primary Page: https://www.nhradiv3.com/
Frame ID: B05AC0CF648D335DC3861D093B474BDF
Requests: 126 HTTP requests in this frame

Frame: https://a4914687c0347bbdb5e9d15adc86060a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C94AC0DD502F5C5F2FF1DD20780F8F4C
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3315867&wsid=12&pdom=www.nhradiv3.com&purl=https%3A%2F%2Fwww.nhradiv3.com%2F
Frame ID: B8BE90A682B80FF46AB64DACDF57EAE8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuE4pdNOKM1lSDuksZFW7ggkM1rIsZeh2JFD4sxi5LBB__C-L9OZoUBPo0OXDztrwZVTpLx1a0_WdIEWhlZ8kyoPq5WyVl6JD873l2WHTJIL-jBs1zPcYsGSPJEFVMJTtS5gZFgzRY-dKN-KQxvc2KOkiFzgnoBYkZut77zqOBmLfA7gUYw4bTt_Cm1618kQfPubqKFIeQFkQEJv1-PL5kvzAmMxcCkn8yeDOBg4QDei8Q3qMZfiMjKjarZOabPPeiJkTJ7L9AmH1D6Pqk4sK6gQk3Ozhh6bYaA-S0xm05wrqJgnXmVrl460uuE9hL18ScT_EmWsQvoD3nkkUL-HDzi&sai=AMfl-YQH0-LtRDwqcJiAIA7iERAd4oW0YnQZJTwG_LmhC0Ur6ywnsiSIES1wWi-1s0GzvFQM8NtHKocbEcAJQtp_T5RgPtHCDKIw1bUgQ8YspII28iM3TEq8MfgTJawEP4y9gFLQfg&sig=Cg0ArKJSzDS3rZ8pAcTpEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 43154605C3D252973EEA70C2B6EB6E2C
Requests: 55 HTTP requests in this frame

Frame: data://truncated
Frame ID: 609FBAB58A141224D8E2CC30111BD38F
Requests: 1 HTTP requests in this frame

Frame: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ima_html5/index.html
Frame ID: 71581455E9A51B17F76BCEF16C0C15D5
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.538.0_en.html
Frame ID: D9E47C4F496EDCDAF468F470811DE5B4
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 9E0DA24F82587FFAB4170B0BC1B6E36F
Requests: 16 HTTP requests in this frame

Frame: https://ddca18801632163d7aa3aeeeed31408b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 0C89BC08AE0B07ABD36E4BD1E6928E0C
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.538.0_en.html
Frame ID: 1FDAD80F8F656CCD872D540258BE3E41
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 72F98EB9E2F0C20493D4C2622629127B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B4C4B5E7E7B18ED5B44F5CC08297A762
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Frame ID: 0ED68262D0000A78B26C4DA33A24FF09
Requests: 37 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container-1.0.html
Frame ID: D3A8C61A01B5EEDB16CE8C406B45C048
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 795EBD1EDD44AE47DBCF33675A86AFBC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FE4F833D0D8EB99CB359E77116F3DADD
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 978E2A678C919FAD414459546C61BDBA
Requests: 10 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.538.0_en.html
Frame ID: 607167D084CEC286A45AE5BD95DA1F8C
Requests: 1 HTTP requests in this frame

Frame: https://s3-us-west-2.amazonaws.com/distroscale-public/vplayer-parallel/20220816_1919/ima_html5/index.html
Frame ID: C471BA4DA3E68586573EC74D575DDC75
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.538.0_en.html
Frame ID: 2F1F9A9B82549414814BD19779F62BD5
Requests: 2 HTTP requests in this frame

Frame: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ima_html5/index.html
Frame ID: 789C9749A94DF5505892441F099EC566
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.538.0_en.html
Frame ID: 69BBB0BC960FFD1349A7F4D82F8158BA
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: AE4D30A3C7A854859C22FA409978ED0F
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111
Frame ID: 177D2D2EDA0D4AD269FDA31F07EA0453
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B0A2E96E17355B5B23D62F7B8CAAA135
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1665473201087
Frame ID: 743668D6247D69B5E74F3AC698390F43
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 13A22C5628BE9A322B878D0AF735844B
Requests: 10 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aHkklUYZCr6BvoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined
Frame ID: D6ADE10E6CE8E042EC58D510BABF8F2D
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: F11249A47B4B6E8597CE2D07E2C1482C
Requests: 13 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000998.html
Frame ID: 3E26439E7614E1677EDA46432E80D4D9
Requests: 13 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 70584AB20D880CD45612ACE6AC47CD38
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: D92A3DE0E3129ABE60D1545F696C7B4E
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 0942234D2E03700789D42287751399AC
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 35AD6277DF791AC80BA944842E55BD2B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 295594DDE807FF9318997F46C6F39493
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 620B2061E1BFFCFBB1D4A028A654431F
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 285A5B6CE677093493D5E2052C49BF54
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: C0ADB0B8BA7C0BBF3D0F71FAFC20F573
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6c68086c0c61793
Frame ID: A79F84CA60DE9759D2F9AFA92020CDC2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 775EACD79439336C8B36AA4ACD9F41C9
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 57C7D7F08E23A04B1342DB4AAC666C22
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 35FBEBEAE69FF89C040C00770319C468
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NHRA North Central Division web site

Page URL History Show full URLs

  1. http://www.nhradiv3.com/ HTTP 301
    https://www.nhradiv3.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

372
Requests

81 %
HTTPS

29 %
IPv6

81
Domains

147
Subdomains

108
IPs

7
Countries

7178 kB
Transfer

15204 kB
Size

41
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.nhradiv3.com/ HTTP 301
    https://www.nhradiv3.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1129989205&utmhn=www.nhradiv3.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NHRA%20North%20Central%20Division%20web%20site&utmhid=90751245&utmr=-&utmp=%2F&utmht=1665473199933&utmac=UA-4277380-18&utmcc=__utma%3D195837427.1192785320.1665473200.1665473200.1665473200.1%3B%2B__utmz%3D195837427.1665473200.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1822381383&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4277380-18&cid=1192785320.1665473200&jid=1822381383&_v=5.7.2&z=1129989205 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4277380-18&cid=1192785320.1665473200&jid=1822381383&_v=5.7.2&z=1129989205 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4277380-18&cid=1192785320.1665473200&jid=1822381383&_v=5.7.2&z=1129989205&slf_rd=1&random=4293713787
Request Chain 72
  • https://t.nhra.com/visitor/v200/svrGP?pps=3&siteid=3690781&ref2=elqNone&tzo=0&ms=560&optin=disabled&firstPartyCookieDomain=t.nhra.com HTTP 302
  • https://t.nhra.com/visitor/v200/svrGP?pps=3&siteid=3690781&ref2=elqNone&tzo=0&ms=560&optin=disabled&elq1pcGUID=466719733CBF4A74B07F1E1DC64D3679
Request Chain 170
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=296F729EAA314D1DB5165856AC5F0422&dongle=yf3
Request Chain 171
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=296F729EAA314D1DB5165856AC5F0422
Request Chain 172
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=296F729EAA314D1DB5165856AC5F0422
Request Chain 173
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=296F729EAA314D1DB5165856AC5F0422 HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1665473202137&ip=193.27.14.10&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216633104301000709164 HTTP 302
  • https://um.simpli.fi/aa_px?sk=216633104301000709164 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 174
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=296F729EAA314D1DB5165856AC5F0422
Request Chain 177
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=296F729EAA314D1DB5165856AC5F0422;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=296F729EAA314D1DB5165856AC5F0422;mimetype=img;sr HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-9078385104242586880
Request Chain 178
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=296F729EAA314D1DB5165856AC5F0422&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=296F729EAA314D1DB5165856AC5F0422&j=0&xl8blockcheck=1
Request Chain 180
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=296F729EAA314D1DB5165856AC5F0422
Request Chain 181
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=296F729EAA314D1DB5165856AC5F0422
Request Chain 182
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=296F729EAA314D1DB5165856AC5F0422 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=296F729EAA314D1DB5165856AC5F0422
Request Chain 183
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=296F729EAA314D1DB5165856AC5F0422
Request Chain 184
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=296F729EAA314D1DB5165856AC5F0422
Request Chain 185
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1665473201947&cv=7&fst=1665473201947&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=186817335&cv=7&fst=1665473201947&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=shpFY9GGAozUb57FiIgJ&sscte=1&crd=CJqqsQI HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=186817335&cv=7&fst=1665473201947&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=shpFY9GGAozUb57FiIgJ&cid=CAQSKQDq26N9-XrVG06W5fG2e5EsI3GKJiEHReEZLj2qzhF1sqepxSuMaKkdIBM&random=2364437785 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=186817335&cv=7&fst=1665473201947&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=shpFY9GGAozUb57FiIgJ&cid=CAQSKQDq26N9-XrVG06W5fG2e5EsI3GKJiEHReEZLj2qzhF1sqepxSuMaKkdIBM&random=2364437785&ipr=y&prhg=0
Request Chain 186
  • https://um.simpli.fi/spotx_match HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=296F729EAA314D1DB5165856AC5F0422 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=296F729EAA314D1DB5165856AC5F0422&__user_check__=1&sync_id=0d9380d0-4936-11ed-81fa-1ee5b9e10206
Request Chain 187
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=296F729EAA314D1DB5165856AC5F0422
Request Chain 188
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=296F729EAA314D1DB5165856AC5F0422&expires=365
Request Chain 189
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=296F729EAA314D1DB5165856AC5F0422
Request Chain 190
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEFsuu4rNF0xlAkv3FUlDOb0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=296F729EAA314D1DB5165856AC5F0422 HTTP 302
  • https://um.simpli.fi/g_match?id=
Request Chain 191
  • https://pixel.tapad.com/idsync/ex/receive?partner_device_id=dcbb7b69-5170-41ad-b669-c8c1aae0db87=&partner_id=3337 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=dcbb7b69-5170-41ad-b669-c8c1aae0db87=&partner_id=3337
Request Chain 195
  • https://s.adroll.com/j/exp/CUHVY3OLUVBZPJTAWUVLYM/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 196
  • https://s.adroll.com/j/pre/CUHVY3OLUVBZPJTAWUVLYM/GGGXQ77VW5D5LL7AURJNOI/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js
Request Chain 303
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 304
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 306
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=371341291400357975
Request Chain 307
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=Fdj-tRZH7EFWC1yRTSqE3q_j
Request Chain 309
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=95a42f6a-617e-4f30-a5a6-c21658cd1615
Request Chain 310
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1665473206867 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2089505415
Request Chain 311
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5142336720139009633
Request Chain 313
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=422b68af-7f52-46ca-af9b-f4fdd1fef46f&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 314
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-u8OMKntE2uHb9MTXGBpXDcJiV_ZHTck4Kuar0rY-~A
Request Chain 315
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-0d9c2378-00d5-3e48-9ed5-3ae86c9e0340
Request Chain 316
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-u8OMKntE2uHb9MTXGBpXDcJiV_ZHTck4Kuar0rY-~A
Request Chain 320
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=35fd5867-5863-404c-bfff-e20bd33704dd&gdpr=&gdpr_consent=&us_privacy=
Request Chain 323
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y0UatnkrBqXqVF.LQqIQHwAA%265166
Request Chain 325
  • https://sync.colossusssp.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=35e3a160-0c7d-4eec-8b51-eac25f39a870
Request Chain 326
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=371341291400357975
Request Chain 328
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?verify=true HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Request Chain 329
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Request Chain 330
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 331
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=371341291400357975
Request Chain 333
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-qtZ5iSBE2uFheHl5af1Mmu6Nm0YhS9PI~A
Request Chain 339
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-u8OMKntE2uHb9MTXGBpXDcJiV_ZHTck4Kuar0rY-~A
Request Chain 343
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L93VQQGC-K-LE52
Request Chain 344
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWViYzZhMzM5NzRmNGNmZmNkMjdjZWY1YTg5NzNhYjUxMGY2ZmQ5OQ
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIohDE4h4si8itI4h4PaC0c&google_cver=1
Request Chain 347
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDkzVlFRR0MtSy1MRTUy
Request Chain 348
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Request Chain 349
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/bAfU2ZJF-Z31PqZw0rflpQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6058551009541296538
Request Chain 354
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0UatsleTwMceJ717G2WiAAAFCsAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEN6swIapX8l7HhC7CfQatxs&google_cver=1
Request Chain 356
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0UatnkrBqXqVF.LQqIQHwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEKrHdqI8oBmwLIepSz_u18&google_cver=1&google_hm=2
Request Chain 358
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4247532446704389249&expiration=1666655915
Request Chain 359
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3061077339493813758
Request Chain 360
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=9hxgKiiV1OI9F55
Request Chain 361
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y0UatsleTwMceJ717G2WiAAA%265163?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y0UatsleTwMceJ717G2WiAAA%265163
Request Chain 363
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0UatnkrBqXqVF.LQqIQHwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEKrHdqI8oBmwLIepSz_u18&google_cver=1&google_hm=2
Request Chain 364
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0UatnkrBqXqVF-LQqIQHwAAFC4AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEN6swIapX8l7HhC7CfQatxs&google_cver=1
Request Chain 367
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7259766758934301729&expiration=1666682807
Request Chain 368
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=00c3a511-ea30-5026-f8dd3cc1
Request Chain 369
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y0UatwAAAuKd1gAK HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0UatwAAAuKd1gAK&_test=Y0UatwAAAuKd1gAK
Request Chain 374
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y0UatwAA_-dLkABe HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y0UatwAA_-dLkABe&gdpr=0&gdpr_consent=&_test=Y0UatwAA_-dLkABe

372 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.nhradiv3.com/
Redirect Chain
  • http://www.nhradiv3.com/
  • https://www.nhradiv3.com/
22 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
597948e92d8d285af88f18c308dc6875e387e202efeff8d323ef02a54f9e63e9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private,private
cf-cache-status
DYNAMIC
cf-ray
7585de65baa46964-FRA
content-encoding
br
content-type
text/html
date
Tue, 11 Oct 2022 07:26:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDZpMy1tLSeMwW7zVPqUV96ykNRgUsmZb%2F7V5rbdZXnfZzVfuP%2Fdtmvn4uQW8uJJx2tUBgEaZ9UdESRFYi%2BdNoJWRD0fNf%2FY78EH4SlGQwMiRQMjT%2BL7RdWNBE%2BAfqpS2lbaFP5d9IFLrITHrA2R"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET

Redirect headers

CF-RAY
7585de653f08bbbc-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 11 Oct 2022 07:26:38 GMT
Expires
Tue, 11 Oct 2022 08:26:38 GMT
Location
https://www.nhradiv3.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e9dHduqjf%2BoidaBF%2FNsft48bA5p%2Bs1S3mybeJQmdwDepgDeSg7UBRjUO8lyuZM9%2BGNZI3qILM1NszxxiO4eLmesMLJOn3pOrC8amYy%2BleTsL3yqdPkh3Y03md8IavZl5KbrHC%2F%2BB4AEAfeN0gxeT"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
google_service.js
partner.googleadservices.com/gampad/ 		1 KB
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/google_service.js
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27860bbd92fc2f77d8f4c4b0c01ab7649cc8002ad183240e7289338d217b0566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 06:39:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
2805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
server
cafe
etag
953604975598805376
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 07:39:54 GMT
scripts.js
www.nhradiv3.com/inc/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nhradiv3.com/inc/scripts.js
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2201858ed70c2c137b991c9ef55e542211a7321c5ab8b9f5e1ef9459aea16bb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:39 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 29 Jan 2004 17:55:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"80a4681291e6c31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95rjovMeJ%2BiALUgsXZMv7vb%2BGY3US6ZtAZiG8Z%2FltkdnHCUdMaG4PoPkUlXVHj4rYQOQzezsYmhBLaSx9h008YKR0b8qyP6%2B4D0h8Rb3PfoA4j%2FZ9czCphwe2OoO4eiNsK8IiIfHpp1i6YGGrd%2Bk"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
private,max-age=3600
cf-ray
7585de6908996964-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css.js
www.nhradiv3.com/css/ 		947 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nhradiv3.com/css/css.js
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
09bfebef3ab9e81e4d60ce233d1c9c5cfd2adb7691c80a683db41cb66ccc03be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:39 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 04 Apr 2002 00:31:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"807a821470dbc11:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2B3r3XPPzQ7xSpVsfDDj8XMd8mjK3HaFiAZyC62Ngbpa5sTu%2F0WWy5mQPXllmdefXNseaF9XSdIiZo87F6nnfIRqBP%2Bivh8OLa3ULDYuqAF2fLZkBaiPDrgONqljAiSsL2Za8SVvK66uwyHS3er7"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
private,max-age=3600
cf-ray
7585de69089c6964-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cs.js
c.jsrdn.com/s/ 		70 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.jsrdn.com/s/cs.js?p=23066
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-33.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3dbf60ceccdb53078aafba7c52593670b5dd6d9257817e7f5387ff882cfab6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
n1BtgSmUZwM6YJUS9jzIBGZa_shYlN1x
content-encoding
gzip
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
date
Tue, 11 Oct 2022 06:33:56 GMT
x-amz-cf-pop
FRA60-P2
age
3164
x-cache
Hit from cloudfront
content-length
22984
last-modified
Fri, 29 Apr 2022 17:21:07 GMT
server
AmazonS3
etag
"c6ba12f002082951dd59aec8331594e8"
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache
accept-ranges
bytes
x-amz-cf-id
iqdeQTqfAEoJFtusqZpp0Xe1EqyEU4weAo_m3ADRG2kUmmqV0oeoWQ==
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
773c92391f50b9d96b85337afa1db9c6be81a4bf3c7bad28edd766cf2280f43c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27743
x-xss-protection
0
server
sffe
etag
"1360 / 488 of 1000 / last-modified: 1665439483"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 11 Oct 2022 07:26:39 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Oct 2022 06:50:52 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2147
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 11 Oct 2022 08:50:52 GMT
header01.jpg
www.nhradiv3.com/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/header01.jpg
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e5be34f84221bc8adcc1429b74b11bb2d2e8034461a6092e0904826ce353f0f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Fri, 09 Dec 2005 16:12:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0a61063dbfcc51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6DKR2OBgiuBqimxITDwB1DEdT8v3tBwtzxYayiYFFjnEVD4M6k1XpucAYAUMVUsE0h2CWWMcek4uitCNBu4E2VWmwT2kLnDdML%2BUeu7rp1lfb%2B%2FseK9R%2Fs1283cOqPCX5dBI6MupDxpVcJOHzQw"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a025c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21090
nav01.jpg
www.nhradiv3.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/nav01.jpg
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
00f3c1fd33c433a3282b8070325a29a69431d377374753fc9ad68d18a2825876

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Fri, 09 Dec 2005 16:12:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0d34164dbfcc51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qwEVCQQhUFjMX5WwucvjVnsxyR1Q%2FFlE8PItr6cuYm3doWJ2WbjsMMVnXPDQaAYX6lB%2Bp8vHwL0VkewaFFDJHSqKcIWH3fawGd10sTTTUvS3NIAytVgIGvzsNBaksBYuMfaezvtlHs2OKfXGQWG"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a045c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1702
nav02.jpg
www.nhradiv3.com/images/ 		848 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/nav02.jpg
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2c5d5f321e2acc7f8885685ddea6762577cda47a13aa0b3ca07d599681fcec51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Fri, 09 Dec 2005 16:12:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0d34164dbfcc51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJh2Ywp53%2FF2E75wFmVq8nsk2iWNYRxiHGEIzRKHHlnsPRDwk0Mq4GtKbsdAslgkLJcqwMfeZHkJe8DNG%2FlUuNawJbX35mcKwy8%2Fe9OtwBW1NCc17FPKojYJIRoQf3SRXbXFrFlLFHMkIEWOM0Kb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a065c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
848
nav03.jpg
www.nhradiv3.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/nav03.jpg
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4f6f93edd526b29a826d8b9574ef738479c04fff574ecb9237d4e76f1e045063

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Fri, 09 Dec 2005 16:12:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8069da64dbfcc51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1d9iBL7ry1qX8IU0J9Q1VHRKXdHkBd8wLv1NOlfJXR5zw%2BcduJeJnsfnCJkaLmegenyRmmm2DOIDWK4dEySYQkTsQlIDPClmKUov3SFeZcWMkD8F0mM0xsNNIZg0np1YgPIP675kxTQNEg6G%2F%2Ft"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a095c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1256
nav04.jpg
www.nhradiv3.com/images/ 		841 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/nav04.jpg
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
568677ea58d16bdebaa76ea6cb62952dbbf4a424f10c8ed71388da50cd067d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Fri, 09 Dec 2005 16:12:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"007365dbfcc51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIUmrQc7t2x8ivte5073lrCjll1Ebfz%2FmH5M1MRm9T1WO5XbVhXeDP4WvaF1x5Bs4FpFTtqmxjAnuzBuCJ8RfOYDLa7EQPUvc0YRzaut%2FvcvCjnmuCEmTVUoPlVFmMoW9gz4ZqQvsEwp2WJ6SWT9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a0b5c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
841
nav05.jpg
www.nhradiv3.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/nav05.jpg
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3755aaf2199e97118e0f6d1e1da5cde26628db0349cb7c6b3f861cdea9c15e8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Fri, 09 Dec 2005 16:12:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"007365dbfcc51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fe7g7sjZW%2FZxXu82i1yIFliNPvQBB4RQ8yiREM4r%2BNphsGHYEfloyWhRpAlDZ%2F4Tz6ZfACkXH5pckjA2fBiatsbSgg6hPBAr1oWotvfTEzZDqCi066sZ1mPF65Swf%2BSZ%2BJDCAlKLgb4CD6JbfGzt"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a0d5c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1394
nav06.jpg
www.nhradiv3.com/images/ 		997 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/nav06.jpg
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
00f8fe54fe21ece4173951889d11b493a50d91704dffb96704099b8a51d302c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Fri, 09 Dec 2005 16:12:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8096b66dbfcc51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAFAci%2Fdyop7rhcYYtAIf9roqhv%2F5n%2FAHYtVcHJyFMit%2FM00w%2FzmvAfHkiebXaTcsxufTE%2B5c%2FjynfhccSG4ZbxL9eL7mNUp%2FzEyomFZQ5PEUBVXb4B7TwxZviANnUYekEBFX5BsxrFaaFP5swUf"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a105c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
997
nav07.jpg
www.nhradiv3.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/nav07.jpg
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fc91d3398d51237f839282c9442a86327679eb2ae3190e191ea84a5079d6db76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Fri, 09 Dec 2005 16:12:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8096b66dbfcc51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pjqif32fEoYb09F2tArqzGCbD9YtCgiI9v7SCV2r44YdhARN5vCFYuvJNRAGAD674laBZBrAJxL9pPVQoh0mDDbnQnCyVyz8%2BM%2Fn4N%2BNT%2FP2GB%2FTTLRdRHqu%2FrohxoRCgmUC9kn2uUo4swXxIDNd"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a125c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1305
nav08.jpg
www.nhradiv3.com/images/ 		702 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/nav08.jpg
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c2e04b7d8e9504a713345b02df2bfd5cc241b78f53c1f0eb5ef549d83d84cbbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Fri, 09 Dec 2005 16:12:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"02da466dbfcc51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tv%2B%2BTKD%2FwEkjiZaYp5pxpxaXnqGe7hczrRUUxpQtzm9%2F8BnMqN8X2p08hA3gPJ15FZrICtxeKMo76cy3MIaSayqaiXGXxhc%2F4EZBeuzwK5FFGDJOxtpiyHvJcnvcc5zPFxdnGWuDToJsSnMTHzt%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a155c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
702
header02.jpg
www.nhradiv3.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/header02.jpg
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bde72f76a4afcf1381ae8e7bef6a5a916228798a73944c6b0185a5ff67c9c56a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Fri, 09 Dec 2005 16:12:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"803ca963dbfcc51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GgdCCwql3bffNp5cDWIBFtzpuo%2Fj5wbfeJ7F%2FjSu%2FQeASiYFDKjRYEl6zYl%2BHbD%2BB0m2KXAJ1yhqpm1AWEshym8tw4fPS5uoKuPDBt3giQtLtAEDIqrIdMQt%2BEn5Fv%2F%2B84AA%2BKBqUi%2FEJrJD86b"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a165c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2282
header03.jpg
www.nhradiv3.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/header03.jpg
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8ecd6521c5e5e413b55387d23e819743905d72ffbf5a770805b2373976535947

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Fri, 09 Dec 2005 16:12:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"803ca963dbfcc51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCLrtqyzzdiZ%2BU2TsSMgAjZh3lN8%2BDDrCwVvryNvlfbt5DxcqHdcfMfuL0Fhy4T2Q%2B47cMMUSuiKgigK7PeDxlbvE5%2Fk38xxhgi1PbyOG1uhS%2FUVnwg1CqSE9h5YwD7EOjtsWbx7Jt8jyHn4rYZg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a1a5c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4588
Twittericon.png
www.nhradiv3.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/Twittericon.png
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
885da2a870d07585756c1bc62e0b6c9aa45a799cf7e8646c6dd933fd90587b89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Mon, 19 Nov 2012 23:36:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"806456bcaec6cd1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVqFVlZVpua1EdZ3lORt9fBu78HPx7ohfSybwtayN5U6oeD7kYTb7dklrwJHnFtvzZTBTvc3iyDvSJ9AYGLJsH563BInOi%2FFWNXNHFvPUUnOGGTJGAGFLXm12gKWpufUhqi4FBDzMalBNfh4qHq6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a1b5c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3404
FBicon.png
www.nhradiv3.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/FBicon.png
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0feffac770a0daff6a903ae7d752927821130786ca7f678a7710540bae603007

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Mon, 19 Nov 2012 23:33:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"03a8844aec6cd1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnGufVTrFji7z9u0meClLCHvgSD6u5etuYzHatHSGIx9vvE%2BAipP6uEkFS3h9F%2BukHqTbwpsrmKNyANPLfYR84JLwZHf3VH7q8iTsaxxNMH7HFQpCrFA8J35kTyaFZF035K90PAfKnApRx44L65d"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a1d5c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3871
nhratv.png
www.nhradiv3.com/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/nhratv.png
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
66d966aa6b9290ac940d27ec02e524e2c263436de84f9b676e8ba378dfdcc5d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Mon, 18 Feb 2019 23:39:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"806dca2ae3c7d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7KjNnt8HmHB3K0UqUK%2FUgN0HyfAPH5hnRMssewNdX4E%2FVEBUbH6zdSoxHQsxAcUhKU3YyTvWTsHBiUFTsyvtdZhpf8J8qyj0ADnf2RgmFogc%2Fu9AxCXQ6XhP%2BTTSGkTFCUEvMcznl9O%2BwJCscGNR"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a1e5c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8694
LODRS-livetiming.png
www.nhra.net/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhra.net/images/LODRS-livetiming.png
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.175.198.241 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
6643419773399f35ea4422bfa8f1eaf37bb0d2c1855bbdd5fac482086a1e0b2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 07:26:41 GMT
Last-Modified
Thu, 21 Apr 2016 17:37:45 GMT
Server
Microsoft-IIS/7.5
ETag
"80fa7083f49bd11:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
private,max-age=3600
Accept-Ranges
bytes
Content-Length
16747
left_nav_top.gif
www.nhradiv3.com/images/ 		578 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/left_nav_top.gif
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bf090ca527777b9180254b2378d59ee5b8072248eae8b2e085ec74d7a3b74400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Fri, 09 Dec 2005 16:13:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0952d70dbfcc51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTQocr0LTA9k4h2opFaSCE8NNOeVOzjWiTLPy6Q2qS1bBIJKHIx2r1x1VW3KEhSr3JquU2dmLs1pKfCwVF1yMX%2BFdoYqUSDS9l92DcQ4kIis8IQ6TSqe8CUFa1a4qgpFgDWYsBOeSop23M%2F91zn8"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a205c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
578
complicno.jpg
www.nhradiv3.com/images/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/complicno.jpg
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d8c5a199bad5eee1aa84028454cc53d4f5e5d869e7a2b6b0faab991a81745cdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Thu, 18 Aug 2016 20:31:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0921c8b8ff9d11:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7tpof0vN9ilLcXnUUF6BfxJ3aIbDmVmcdPx4%2Bt%2Bf%2FcWn16pI6Msjz6O%2FwVt5zjLicg5gtSufNj1aZZ0djn%2BiRdjN6AnX8wN7LrkCWM6SgPTF1Bn2IrV1d%2BxaMnim0J0rN9bX7%2F0MiIh0LLf%2BqlTa"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a215c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
72611
left_nav_bottom.gif
www.nhradiv3.com/images/ 		428 B
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/left_nav_bottom.gif
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e730b7b19e0f9a88bc52e42a989d3a9a178391bfc640598342f46adf87e99a27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Fri, 09 Dec 2005 16:13:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"80fe946fdbfcc51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6pQOCrR1dPB2J0Kxf1hEM3mwp5L0W%2BSJqnv0g7UHANoQGQ%2FrIxOYE254T71whm8iZmDcnsm22RfxWeyKPPTNOEBcdP6Df5%2FA4ZzMjpLdt54THmdPGQQI1n0nyuiJurg4hMBwkIfhbG5PBU6yfss"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a225c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
428
lucas-oil-products.png
www.nhradiv3.com/images/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/lucas-oil-products.png
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b6aef553184ecd56a40aca2fa3ab1f70be1cd916bba5b9c3ebe76a12d590b3d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Fri, 19 Apr 2019 18:42:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0af95a4dff6d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRoS%2BsA7bBM6FhHZhSXeHNlZrE67IJhtYxo6%2Bf06rinvmjC%2B4%2BLO5%2BdAfzuJzqvSoecWcAyOVHxsSb52ryedSIPt873hxKIRhvps%2B2rcHrrf08Lh756UpQZFgpj3wKm3Ds0L0H9IrTZdh6KydGUW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a245c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65270
Summit.png
www.nhradiv3.com/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/Summit.png
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c8ad707b5566e617ea5386973198e0f83f91b196d26768b34a0e9f4dffaafb99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Fri, 19 Apr 2019 18:42:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0dcc6a5dff6d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vN1O66PqsOTOj6BrNwoLXr2mlX0IOH4wdcUiJeFyLO2AguZv6Hd8H3U7vWCa4cpF6Ml1Km6J1utqcslsYVYMtV6trpbxJDDwnhZ76D2MBk4J8zkqIPhr6IJohJHu7my%2B3GPIktL%2BU0T8pnPS4FRs"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a255c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30630
tande_nhradiv3_banner_sidebar.jpg
www.nhradiv3.com/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/tande_nhradiv3_banner_sidebar.jpg
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ff0422891d94af315ddead2900276fc49c69b0830875a8fc5fb9592ffdae63e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Fri, 13 Jul 2012 20:07:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0261c1e3361cd1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FrN7wMFt%2BB9h340R24%2BHH1%2FQg7ZNLKIuNuAW7ld%2FX564hShrfC7kxHMJLbJJ5yLmDUkqqhZx2biB%2FkdlvQ6cgPyAACvecG9lZ6DkJBADxOfFXhzR1983n33biT9ZCSYJWcnQakKGHlWqvLwb08T"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a275c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11413
oakleyms.png
www.nhradiv3.com/2018/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/2018/oakleyms.png
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
479ddcec56d4346b5b0ca3966649261a722f61d05c5f9de792caed8653f8d6a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Tue, 09 Jan 2018 23:36:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"80ab46b9a289d31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfCqjnNElWUCcVRUZmVOu0dSdfmE4pCmYHJKS0E6FP6Wc9KCBHeSnQAihl4Bn%2F7JZjQZt%2FkCGrJIdG2IiClWds38rEAKz8iAY6XATKPpHNq3YL%2Bxv0J8EsDglXOlIZwFsgWn1rX4f%2BNmm9qltilw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a295c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41455
diamondpiston.jpg
www.nhradiv3.com/2018/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/2018/diamondpiston.jpg
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3cb321beb4e1198c536e26a5539880ea0b01bdb15b4e1c3af20f599dbb3ca1bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Tue, 09 Jan 2018 23:38:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"80b3f5e8a289d31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67zDfyCqHmUJsUPgAxlpPEPG0bhBe3mw6JhU7hlaYs%2F62qNfCcTU%2FOjNJxHaRC5%2BhhnST2H3ogWQFs2E8WWWodbVHf0zAAwqiryr9pGZ3xE8zpyPCuzsIAmsCFLF%2FOmGm5McSC7%2Fqy2c%2BxRzxnhz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a2b5c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36443
FTI.png
www.nhradiv3.com/2018/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/2018/FTI.png
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5ddf107c589c8b282902b1fc3fede9df1f5bad0aa0fce25890ae9d789c1b5985

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Tue, 09 Jan 2018 23:43:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"05c23a1a389d31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKjw%2BSI6ZnQcdnCxx%2B2Dyf5oNIJQewTEzAsLdOO1itS5zfF8gXC2ynoXB5jGFYegnTP2uca6TqUYmmyzIcypUImRzHwBwDWsKdqZBS274NujWB4fpBR6GGQsh8V7XGO9Vnmz9XAiFOeNp%2Bx%2FEO0y"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a2d5c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41943
facebook-icon.png
www.nhradiv3.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/facebook-icon.png
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c079b05f2d85439c3dcd32b4983b8273ed5591525c19d45766e91ad44cf81676

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Fri, 26 Aug 2011 18:01:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"016ae1c1a64cc1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KO1XwswekzeCKftTvSF1oKxBERsR3wgSBSLmAxgtG1iOUAcRSaU2WiofTf88UTJ49FGqRF08BqNxNBaYKEjeFcRQBapiDU4hvsRFQjCiTz4rO%2BXH05XC9MHsx%2BWNIqudFTvyX%2FvPtDg7ckC%2B2mdz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6b2a325c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1681
email-decode.min.js
www.nhradiv3.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nhradiv3.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 07 Oct 2022 11:57:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63401421-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjUHMw9kilgnB8RFeJDBHsMeIFVDwWy5EQrEy%2FBhPtL2zjbC5FRm9911YNrFYvj5WKLv2Uuy3P%2F1O0CnQtps0eqBWVxwnOG3ySbQgZrOc9xy%2Fgjxk68%2FHfcOTjDO10irFjjsH2i%2BcAAyAcBNyJEa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7585de6b29e25c1a-FRA
expires
Thu, 13 Oct 2022 07:26:39 GMT
inAPCM.asp
www.nhradiv3.com/apcm/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nhradiv3.com/apcm/inAPCM.asp?z=18&ord=desc&h=10
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
29831e5bf5c6abf8b85b9d639ff851fc09a170efacca51141c579b4c916d4b0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7akjon8iUfiJaP4kg0dR9kafPxMz3VXmm4uyyg82nNptnIdC4U5kkvWQApzR5oDBUEeSr4BUO9H%2F5TTqMNHRQAwjpBTd6U8D89XRwvRU1yEkW9GMKaaJ%2B0thp91wVDsV%2Buzya5sZ0ZFnKIOOZH6"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
private
cf-ray
7585de6b29e45c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 11 Oct 2022 07:25:40 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4b1487311059b012bdb40fe2fc60cb474a95a40f5163a7c0037752f9edfd085e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Oct 2022 07:26:39 GMT
content-md5
n6SuaYll6gl2+I3BDtaibQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
KMOtXx/TYmLU5uCWAOeAsZ7ik1v2UMcv7tVwq6Ubuj+VFl+4cQyhDpDlmhv/CKj+UHzJECO+RsxjPO+0sVGa9g==
x-fb-trip-id
917726464
x-fb-content-md5
5713aa72f0556d22e5f8bba5649f05aa
cross-origin-opener-policy
same-origin-allow-popups
etag
"c9dd2a32d766ebff102259c4e3a7510d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Tue, 11 Oct 2022 07:42:23 GMT
infolinks_main.js
resources.infolinks.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de7d9b5228ada11d50850c72cd4c790b5891dec017aaa9c85085de852c404afc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:39 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 10 Oct 2022 07:56:40 GMT
server
cloudflare
age
12582
etag
W/"db3-5eaa97ff5e64b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7585de6b6d709a15-FRA
expires
Tue, 11 Oct 2022 04:56:57 GMT
netscape.css
www.nhradiv3.com/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nhradiv3.com/css/netscape.css
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/css/css.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8ae9ce416a33c08e0783a802898c49d8a6316985ef7556644b7f5b9f4d4b05fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 12 Mar 2004 19:42:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"8064de186a8c41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJV6aLPkxURD0PYuA2JMTFr%2F3lqoK86CJPYyQktzvuNMldk%2B6URBEncuQpRwQK3k1fEhlY%2FPXJGdYQxQ9xmwUCUHZYENBOvNsDY1029FK8aSuGGFPHdK%2BTAlseUkoGdJmDNG%2ByaXM%2Fad0K5MIWhB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
private,max-age=3600
cf-ray
7585de6b2a005c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1129989205&utmhn=www.nhradiv3.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&ut...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4277380-18&cid=1192785320.1665473200&jid=1822381383&_v=5.7.2&z=1129989205
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4277380-18&cid=1192785320.1665473200&jid=1822381383&_v=5.7.2&z=1129989205
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4277380-18&cid=1192785320.1665473200&jid=1822381383&_v=5.7.2&z=1129989205&slf_rd=1&random=4293713787
42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4277380-18&cid=1192785320.1665473200&jid=1822381383&_v=5.7.2&z=1129989205&slf_rd=1&random=4293713787
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:40 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4277380-18&cid=1192785320.1665473200&jid=1822381383&_v=5.7.2&z=1129989205&slf_rd=1&random=4293713787
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: c.jsrdn.com
URL: https://c.jsrdn.com/s/cs.js?p=23066
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:39 GMT
content-encoding
gzip
etag
"+b0B6ncQDCugPb96DWf2QA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 18 Oct 2022 07:26:39 GMT
1.js
s.jsrdn.com/s/ 		99 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.jsrdn.com/s/1.js?p=23066&r=anlf&k=dmMJMjAyMjA0MjkJdQljOTM3YWU2ZC02MGUxLTQ4N2UtOTE1Yy03ZTI3MmFiMjIwNjYJdW4JMQl2CTkxYWFmNGI5LTIxMDAtNGFkZi04ZDEyLWNhYzZlNzMxMTQyZgl0Zwljcy5qcwlidAkyMDIyLTEwLTExVDA3OjI2OjM5KzAwOjAwCWRjCXdpbmRvd3MtMTI1MglibAllbi11cwliZgkzCWR3CTE2MDAJZGgJMTIwMAliYwkxCWJwCTEJYmQJMjQJYncJMTYwMAliaAkxMjAwCWYJaHR0cHM6Ly93d3cubmhyYWRpdjMuY29tLwl1ZAkJcGIJMAlwdgkwCXBxCTAJY3cJCWFjcgl1bmRlZmluZWQJZHIJCWt3CW5ocmEgbm9ydGggY2VudHJhbCBkaXZpc2lvbiB3ZWIgc2l0ZQlwcmYJdW5kZWZpbmVk
Requested by
Host: c.jsrdn.com
URL: https://c.jsrdn.com/s/cs.js?p=23066
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
9c6828208be8cf3792c5f1997b7f46808a3dea1d5110874dc0f05af2fd405231

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:40 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
text/javascript
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
25228
expires
Mon, 26 Jul 1997 05:00:00 GMT
pubads_impl_2022100501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070223
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87c45fbd9445b4c8eb070c1fda1f5507515857c593fe5fb5041438b063171231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 13:01:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131414
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 08:35:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 10 Oct 2023 13:01:02 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		118 B
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nhradiv3.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78002f95b0b48199f5ef4956a0c69940cf47d68bf0ff0b5b955bec18e1d73128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99
x-xss-protection
0
expires
Tue, 11 Oct 2022 07:26:40 GMT
rules-p-w9vzu-sGKCA0U.js
rules.quantcount.com/ 		209 B
681 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-w9vzu-sGKCA0U.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cdee55a0f2c8717df6ca320512ab57001f4f9c30e6c6738b244c681bf8ec8e85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 06:47:31 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
2374
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Tue, 23 Aug 2022 14:05:55 GMT
server
AmazonS3
etag
"8ae7975745d11995771b72ad73395e5e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
01JpXVivGjOLD9IYXUu014wM6QMzXaBtJsKs1LhzhgQaOipDkN6ysA==
pixel
pxl.qccerttest.com/ 		35 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=1404487528;fpan=1;fpa=P0-616770960-1665473200076;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;ref=;cm=;gdpr=0;d=nhradiv3.com;dst=0;et=1665473200076;tzo=0;url=https%3A%2F%2Fwww.nhradiv3.com%2F;ogl=
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6a00:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 02:01:57 GMT
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA53-C1
age
19484
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/gif
accept-ranges
bytes
x-amz-cf-id
ByZ0KOIRlKs1RggMsar0MHHkUrcsfuVF2bKsRzJcD3HJoZVoIQD_hg==
pixel;r=844537482;labels=pub.23066%2Clang.en-us%2Cdomain.com.nhradiv3.www.root;rf=0;a=p-w9vzu-sGKCA0U;url=https%3A%2F%2Fwww.nhradiv3.com%2F;uht=2;fpan=0;fpa=P0-616770960-1665473200076;pbc=;ns=0;ce=...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=844537482;labels=pub.23066%2Clang.en-us%2Cdomain.com.nhradiv3.www.root;rf=0;a=p-w9vzu-sGKCA0U;url=https%3A%2F%2Fwww.nhradiv3.com%2F;uht=2;fpan=0;fpa=P0-616770960-1665473200076;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;cm=;gdpr=0;ref=;d=nhradiv3.com;dst=0;et=1665473200079;tzo=0;ogl=;ses=296a6ca8-6588-491a-a6d2-dce8df5c32a6
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.nhradiv3.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nhradiv3.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1757600911034922&correlator=687371173964322&eid=31068457%2C31070046%2C31070191%2C31070223%2C31069925&output=ldjh&gdfp_req=1&vrg=2022100501&ptt=17&impl=fifs&iu_parts=1012245%2CDiv3_Homepage_ATF_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=1260507949&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1665473200229&lmt=1665473200&dlt=1665473199505&idt=583&adxs=0&adys=4&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nhradiv3.com%2F&frm=20&vis=1&psz=728x98&msz=728x-1&fws=0&ohw=0&ga_vid=1192785320.1665473200&ga_sid=1665473200&ga_hid=90751245&ga_fc=true&ga_wpids=UA-4277380-18
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2ac6eb3979120e56bceea1fb3c439c1dd2197a49433bf7609d10162c3f3304f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10024
x-xss-protection
0
google-lineitem-id
5875088050
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138406654945
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nhradiv3.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a4914687c0347bbdb5e9d15adc86060a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C94A 		0
0
sdk.js
connect.facebook.net/en_US/ 		306 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=4fcba6ffbf556adaff306e4ca264a269
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fc7d3839cd9755d4ee4c8239f0246a00fc9b7db5d0d5ec8720c12be8680d3f6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.nhradiv3.com/
Origin
https://www.nhradiv3.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Oct 2022 07:26:40 GMT
content-md5
lEzGse82crTp1FmgQTpDNg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88420
x-fb-rlafr
0
x-fb-debug
9vIWYi2DhNOXF2NcC2ZzCbqMDHO4TJc2IkOZzvwyFIaJa1/TlqXsWEoLOAcWB8QOM0phq2q597A0Ph/wNrn/JQ==
x-fb-content-md5
96d2425320da2b9a2cb7d7ad086a72ec
cross-origin-opener-policy
same-origin-allow-popups
etag
"861451dbed4edf406c6256588f3d8af7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 11 Oct 2023 01:42:13 GMT
gtm.js
www.googletagmanager.com/ 		107 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K4XRCD6
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
13a8f3a0120b440cd2c9db11827363be32f67eecd8903bf3af135541c9ad2750
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42230
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 11 Oct 2022 07:26:40 GMT
ice.js
resources.infolinks.com/js/1826.004-3.025/ 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1826.004-3.025/ice.js
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3ea06ff6c2aed3937ddc8c79d050857ecb303192ae930efc0054df26f9bdc70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 26 Sep 2022 10:00:04 GMT
server
cloudflare
age
4598
etag
W/"2d126-5e9919773e9da"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7585de6d89979a15-FRA
expires
Thu, 10 Nov 2022 06:10:02 GMT
left_nav_cell.gif
www.nhradiv3.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nhradiv3.com/images/left_nav_cell.gif
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
28a4cd6f6005a5e95d8621052da5aaf6029eaf28ddcb4b8d7ef4c770ab07053d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
cf-cache-status
BYPASS
last-modified
Fri, 09 Dec 2005 16:13:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0952d70dbfcc51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTSf%2FWDO%2FSTGtlbBGpNddAGT8OKcOCCPoEbKp%2FddzOziNL2I61CIFA3037wPKPL817usmsls85RLUNxQKjNF2uui5xu8YCa9szgnPRW9QlcX1LpsGBugjix%2BQ0goz%2F0fOSg%2F1X4OpNiKE%2BCCM2WP"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
private,max-age=3600
accept-ranges
bytes
cf-ray
7585de6daf465c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1716
manage
router.infolinks.com/usync/ Frame B8BE 		0
43 B 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3315867&wsid=12&pdom=www.nhradiv3.com&purl=https%3A%2F%2Fwww.nhradiv3.com%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1826.004-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7585de6e2a9c9a15-FRA
content-length
0
date
Tue, 11 Oct 2022 07:26:40 GMT
server
cloudflare
via
1.1 google
lcmanage
router.infolinks.com/usync/ 		0
33 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3315867&wsid=12&pdom=www.nhradiv3.com&purl=https%3A%2F%2Fwww.nhradiv3.com%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1826.004-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7585de6e2a9e9a15-FRA
content-length
0
gsd
router.infolinks.com/ 		318 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3315867&wsid=12&pdom=www.nhradiv3.com&purl=https%3A%2F%2Fwww.nhradiv3.com%2F&jsv=1826.004-3.025&_cb=16654732003280
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1826.004-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca75a540508fdc3e4c0d7dd0a674d33598f0c08ebe9ed5fadb4131b131c6c0be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:40 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/javascript;charset=UTF-8
p3p
CP="NON DSP NID OUR COR"
cache-control
max-age=0
cf-ray
7585de6e2aa09a15-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4315 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuE4pdNOKM1lSDuksZFW7ggkM1rIsZeh2JFD4sxi5LBB__C-L9OZoUBPo0OXDztrwZVTpLx1a0_WdIEWhlZ8kyoPq5WyVl6JD873l2WHTJIL-jBs1zPcYsGSPJEFVMJTtS5gZFgzRY-dKN-KQxvc2KOkiFzgnoBYkZut77zqOBmLfA7gUYw4bTt_Cm1618kQfPubqKFIeQFkQEJv1-PL5kvzAmMxcCkn8yeDOBg4QDei8Q3qMZfiMjKjarZOabPPeiJkTJ7L9AmH1D6Pqk4sK6gQk3Ozhh6bYaA-S0xm05wrqJgnXmVrl460uuE9hL18ScT_EmWsQvoD3nkkUL-HDzi&sai=AMfl-YQH0-LtRDwqcJiAIA7iERAd4oW0YnQZJTwG_LmhC0Ur6ywnsiSIES1wWi-1s0GzvFQM8NtHKocbEcAJQtp_T5RgPtHCDKIw1bUgQ8YspII28iM3TEq8MfgTJawEP4y9gFLQfg&sig=Cg0ArKJSzDS3rZ8pAcTpEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 11 Oct 2022 07:26:40 GMT
nhra_728x90_1-3.js
dl.westseven.media/dist/ Frame 4315 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.westseven.media/dist/nhra_728x90_1-3.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49aab07e28efdc6849024544991908deb59711cc0d5c8dba3e9fbcd366fe8642

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TTCK0SB3ED9MPSAX
age
6331
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
EDteU6LR/NbC0lHk9VWTmzqWhRIWqnZtBLeVMevSvNKX8S7ZkP+S1StnnU1wE2xndYAAonIXM/0=
cf-bgj
minify
last-modified
Thu, 23 Jun 2022 02:39:18 GMT
server
cloudflare
etag
W/"9462cf973576567f2a485e973c0464fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7lAkGXgEUNWgBY0ltMMapD9xl3MS7I7Ia30U1XCYIFYdCa88YGiJkeVHZLaze2TrHFl9lzKw5BJosGt4kneVa1Wv%2FCiMUnmlx7WwmqQTrCFZXzcYsM8zs%2F3A60rvaKTCS0FC0W4wkTsekTWpuVOrDc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7585de6ede45bbd9-FRA
pixel.gif
pixel.westseven.media/ Frame 4315 		35 B
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.westseven.media/pixel.gif?key=nhra_728x901233266354
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070223
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.160.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-160-208.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 07:26:40 GMT
Cache-Control
private, no-cache, proxy-revalidate, max-age=0, no-cache="set-cookie"
Content-Disposition
inline
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4315 		151 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47122
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665402098278948"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 11 Oct 2022 07:26:40 GMT
dpx.js
i.simpli.fi/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/dpx.js?cid=62812&action=100&segment=maplegroveracewaysite&m=1&sifi_tuid=35523
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4XRCD6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b0.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Tue, 11 Oct 2022 07:26:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3095
x-request-id
FxzzDUAtAl64xTwYnNPi
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		167 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-939427171
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4XRCD6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b20a1c974ff3b1ed285cdb2e7e1847f27f9f35c772d89b76e1529bec82074c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62684
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 11 Oct 2022 07:26:40 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-939427171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15192
x-xss-protection
0
server
cafe
etag
699633608045481581
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 07:26:40 GMT
elqCfg.min.js
img.en25.com/i/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.en25.com/i/elqCfg.min.js
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.75.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-75-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 11 Oct 2022 07:26:40 GMT
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection
keep-alive
Content-Length
2183
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Tue, 12 Jul 2022 22:09:35 GMT
ETag
"a2d639123c96d81:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
no-store
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Tue, 11 Oct 2022 07:26:40 GMT
script.js
d13l4u7pe64ymo.cloudfront.net/ Frame 4315 		121 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d13l4u7pe64ymo.cloudfront.net/script.js
Requested by
Host: dl.westseven.media
URL: https://dl.westseven.media/dist/nhra_728x90_1-3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:1600:1:c325:9400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
113de9af6be5f372987d0a76d8d7ed5361057be93c01f8255417569e5ded6488

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
HXASI_VRi7Zb3eBAxwxP0Wu15y390pxT
content-encoding
gzip
via
1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
date
Tue, 11 Oct 2022 07:26:40 GMT
last-modified
Mon, 10 Oct 2022 17:50:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
206
etag
W/"e416b804c09b69ae1c7f5a5426394750"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
5Isddh1q0PH-N_Sskgz-Sb68C2LuWQnDDjHjV4HKIGcO-09iE7WKCA==
19984_NHRA.js
ads.rubiconproject.com/prebid/ Frame 4315 		412 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/19984_NHRA.js
Requested by
Host: dl.westseven.media
URL: https://dl.westseven.media/dist/nhra_728x90_1-3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
32a08506863a82e34414783be32a552ede148c823389374253f9c18769ab53e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 17:22:23 GMT
server
Apache
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
128564
expires
Tue, 11 Oct 2022 07:26:40 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 4315 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: dl.westseven.media
URL: https://dl.westseven.media/dist/nhra_728x90_1-3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6510ef653683c5505f61efcbc4e20c133b2a341e165910ff132d417fc036ecb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27725
x-xss-protection
0
server
sffe
etag
"1360 / 706 of 1000 / last-modified: 1665439483"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 11 Oct 2022 07:26:40 GMT
score.min.js
js.ad-score.com/ Frame 4315 		343 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000449&tt=g
Requested by
Host: dl.westseven.media
URL: https://dl.westseven.media/dist/nhra_728x90_1-3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:6800:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1a447c6458793f13aa9efa1c63b07560c595250306a2475d1434fe38bdd43aa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 10 Oct 2022 15:23:24 GMT
Content-Encoding
gzip
Via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Age
57796
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 10 Oct 2022 15:23:24 GMT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
w-Jfro82IKqzOxlfhHfcpztyq3NLLU-3hW4ULixU2mTSeyTUyAypjw==
Expires
Tue, 11 Oct 2022 15:23:24 GMT
pixel.gif
pixel.westseven.media/ Frame 4315 		35 B
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.westseven.media/pixel.gif?key=nhra_728x90_1-2&&r=0.23882233805669006
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.160.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-160-208.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 07:26:40 GMT
Cache-Control
private, no-cache, proxy-revalidate, max-age=0, no-cache="set-cookie"
Content-Disposition
inline
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
truncated
/ Frame 4315 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c40ecc8b5b38b70d900cc52fdd17a28e1decb10c20fea5628115e63db2aa3a63

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
doq.htm
rt3060.infolinks.com/action/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3060.infolinks.com/action/doq.htm?pcode=windows-1252&r=16654732005411
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1826.004-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa1a63a6d7a3ada257a3a65170334864a6f9bfb2ee281cf66a888f3f775f9700

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:40 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://www.nhradiv3.com
p3p
CP="NON DSP NID OUR COR"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-language
de-DE
cf-ray
7585de6feb41d6ca-CDG
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
pubads_impl_2022100301.js
securepubads.g.doubleclick.net/gpt/ Frame 4315 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070282
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 06:02:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5074
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130906
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 08:35:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Oct 2023 06:02:06 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 4315 		118 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nhradiv3.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78002f95b0b48199f5ef4956a0c69940cf47d68bf0ff0b5b955bec18e1d73128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99
x-xss-protection
0
expires
Tue, 11 Oct 2022 07:26:40 GMT
svrGP
t.nhra.com/visitor/v200/
Redirect Chain
  • https://t.nhra.com/visitor/v200/svrGP?pps=3&siteid=3690781&ref2=elqNone&tzo=0&ms=560&optin=disabled&firstPartyCookieDomain=t.nhra.com
  • https://t.nhra.com/visitor/v200/svrGP?pps=3&siteid=3690781&ref2=elqNone&tzo=0&ms=560&optin=disabled&elq1pcGUID=466719733CBF4A74B07F1E1DC64D3679
49 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.nhra.com/visitor/v200/svrGP?pps=3&siteid=3690781&ref2=elqNone&tzo=0&ms=560&optin=disabled&elq1pcGUID=466719733CBF4A74B07F1E1DC64D3679
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
HTTP/1.1
Server
142.0.165.136 , United States, ASN7160 (NETDYNAMICS, US),
Reverse DNS
Software
/
Resource Hash
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:40 GMT
X-Content-Type-Options
nosniff
Content-Type
image/gif
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-store
X-Robots-Tag
noindex, nofollow
Content-Length
49
X-Xss-Protection
1; mode=block
Expires
-1

Redirect headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:40 GMT
X-Content-Type-Options
nosniff
Content-Type
text/html; charset=utf-8
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location
https://t.nhra.com/visitor/v200/svrGP?pps=3&siteid=3690781&ref2=elqNone&tzo=0&ms=560&optin=disabled&elq1pcGUID=466719733CBF4A74B07F1E1DC64D3679
Cache-Control
no-store
X-Robots-Tag
noindex, nofollow
Content-Length
284
X-Xss-Protection
1; mode=block
Expires
-1
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/939427171/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/939427171/?random=1665473200636&cv=9&fst=1665473200636&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nhradiv3.com%2F&tiba=NHRA%20North%20Central%20Division%20web%20site&auid=1346386976.1665473200&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29abb6d5b0f62282c540854a86abc5ef15ca81b89404d220408c841947c77832
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1044
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cors
data.ad-score.com/data/ Frame 4315 		50 B
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=otgoVdnHWXLlXWrXujBSWxjuTHTEDWWG-FE7fPshldVrlKDwb3nLLG0rAPA==-E0zHOclmblbiMg==&pm_ct=c0105db3bfba3a686a9f3325&pm_pl=1665473200681&pm_td=5&pid=1000449&en=1.1&callback=__pm_glbl_1nj84NuI5zY2RYfB39umccKS._gc1&tt=g&v=e30e479
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000449&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
bb0cc36f540151ca95702377e442fe57f1333c497551d361b73d03ee0cc2ea4a

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:41 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://www.nhradiv3.com
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
50
truncated
/ Frame 609F 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 4315 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
4172a1d2-a8d7-4249-b9e2-7e16de9678d8
https://www.nhradiv3.com/ Frame 4315 		720 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.nhradiv3.com/4172a1d2-a8d7-4249-b9e2-7e16de9678d8
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length
720
Content-Type
application/javascript
cors
data.ad-score.com/data/ Frame 4315 		1 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=otgoVdnHWXLlXWrXujBSWxjuTHTEDWWG-FE7fPshldVrlKDwb3nLLG0rAPA==-E0zHOclmblbiMg==&pm_ct=c0105db3bfba3a686a9f3325&pm_pl=1665473200681&pm_td=162&pid=1000449&en=1.1&callback=__pm_glbl_1nj84NuI5zY2RYfB39umccKS._gc2&tt=g&v=e30e479
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000449&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.nhradiv3.com
Date
Tue, 11 Oct 2022 07:26:41 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
truncated
/ Frame 4315 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
ds_vplayer_detached.min.js
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ 		603 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ds_vplayer_detached.min.js
Requested by
Host: c.jsrdn.com
URL: https://c.jsrdn.com/s/cs.js?p=23066
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
c6aeac2edda18ddf18f3f335692c5e86a5510ad229fec7e2b8320932c2161f20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 19:19:30 GMT
etag
"1660677570"
x-hw
1665473200.dop218.lo4.t,1665473200.cds326.lo4.hn,1665473200.cds248.lo4.c
content-type
application/javascript
cache-control
max-age=13369
accept-ranges
bytes
content-length
218897
nhra.png
distroscale.s3.amazonaws.com/uploads/apps.distroscale.com/dc4087b3d220d289/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://distroscale.s3.amazonaws.com/uploads/apps.distroscale.com/dc4087b3d220d289/nhra.png
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.192.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c7297992a1ed78e9c1a6022bbfe2b20b49f6540df4c483d1c1881836ecab3a9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 07:26:42 GMT
x-amz-version-id
qVW6D31Y07W7CMpzCywKFE_U_RUhYXy.
Last-Modified
Thu, 21 Jul 2022 17:42:06 GMT
Server
AmazonS3
x-amz-request-id
BMYGDXZS93FZABEA
ETag
"39b20c21e18a17dd90a862ce2667dcc1"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
88782
x-amz-id-2
7JLwHjc84Pv5BRP8Cwik8EwLDNlaQVnsiTA7sfTooLSS7Ym2NDWOYEHx7PZIEkAFunfawuVzdpg=
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=1hln&k=ZQlpbQlhCTkwNwlkCWV1LXdlc3QtMWIJaAlpLTA1OTBlNjE0YWIyZTJlNTFkCXUJYzkzN2FlNmQtNjBlMS00ODdlLTkxNWMtN2UyNzJhYjIyMDY2CXYJOTFhYWY0YjktMjEwMC00YWRmLThkMTItY2FjNmU3MzExNDJmCXZsCTIwMjIxMDExLjA2NDAJdnQJMjAyMjEwMTEuMDY0MAl2cwkyMDIxMDUwNQl2YwkyMDIyMDQyOQlzdAkyMDIyMTAxMS4wNzI2NDAJaQllMjFkNTY2Ny05NzFhLTQxM2EtYjdkZC0yNjA1Mjc3M2M4MDQJZglodHRwczovL3d3dy5uaHJhZGl2My5jb20vCXEJN2FmNDkyYWYtM2MyYi00NTI2LTk1OWUtZDUwNmRhN2YxYjU5CW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk2MDgwCWMJNjEzNglsCTIxMDQ2CXoJMjAwODkJcwk3MDkzCXAJMjMwNjYJdwllbnRlcnRhaW5tZW50CWNzCUlBQjEJY3oJCWdjCURFCWdyCUhFCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAluaHJhZGl2My5jb20Jc2UJMzI0MzkwMzE2NgltYwkxMDEyMjQ1CW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JNDUxNQl2bgkxODg4MDg3
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:40 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
dslogo_sm.png
a.jsrdn.com/creatives/site_logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.jsrdn.com/creatives/site_logos/dslogo_sm.png
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
5ea71bd07e560ea69f4bf12e5e48de530ce4a977ee361ed45ddcb581b060fd6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
last-modified
Tue, 11 Apr 2017 20:07:40 GMT
etag
"1491941260"
x-hw
1665473200.dop202.lo4.t,1665473200.cds246.lo4.hn,1665473200.cds235.lo4.c
content-type
image/png
cache-control
max-age=80201
accept-ranges
bytes
content-length
2119
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=1xnv&k=ZQlyZAlhCTkxMAlkCWV1LXdlc3QtMWIJaAlpLTA1OTBlNjE0YWIyZTJlNTFkCXUJYzkzN2FlNmQtNjBlMS00ODdlLTkxNWMtN2UyNzJhYjIyMDY2CXYJOTFhYWY0YjktMjEwMC00YWRmLThkMTItY2FjNmU3MzExNDJmCXZsCTIwMjIxMDExLjA2NDAJdnQJMjAyMjEwMTEuMDY0MAl2cwkyMDIxMDUwNQl2YwkyMDIyMDQyOQlzdAkyMDIyMTAxMS4wNzI2NDAJaQllMjFkNTY2Ny05NzFhLTQxM2EtYjdkZC0yNjA1Mjc3M2M4MDQJZglodHRwczovL3d3dy5uaHJhZGl2My5jb20vCXEJN2FmNDkyYWYtM2MyYi00NTI2LTk1OWUtZDUwNmRhN2YxYjU5CW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk2MDgwCWMJNjEzNglsCTIxMDQ2CXoJMjAwODkJcwk3MDkzCXAJMjMwNjYJdwllbnRlcnRhaW5tZW50CWNzCUlBQjEJY3oJCWdjCURFCWdyCUhFCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAluaHJhZGl2My5jb20Jc2UJMzI0MzkwMzE2NgltYwkxMDEyMjQ1CW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JNDUxNQl2bgkxODg4MDg3
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:40 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=motf&k=ZQlodglhCTkxMAlkCWV1LXdlc3QtMWIJaAlpLTA1OTBlNjE0YWIyZTJlNTFkCXUJYzkzN2FlNmQtNjBlMS00ODdlLTkxNWMtN2UyNzJhYjIyMDY2CXYJOTFhYWY0YjktMjEwMC00YWRmLThkMTItY2FjNmU3MzExNDJmCXZsCTIwMjIxMDExLjA2NDAJdnQJMjAyMjEwMTEuMDY0MAl2cwkyMDIxMDUwNQl2YwkyMDIyMDQyOQlzdAkyMDIyMTAxMS4wNzI2NDAJaQllMjFkNTY2Ny05NzFhLTQxM2EtYjdkZC0yNjA1Mjc3M2M4MDQJZglodHRwczovL3d3dy5uaHJhZGl2My5jb20vCXEJN2FmNDkyYWYtM2MyYi00NTI2LTk1OWUtZDUwNmRhN2YxYjU5CW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk2MDgwCWMJNjEzNglsCTIxMDQ2CXoJMjAwODkJcwk3MDkzCXAJMjMwNjYJdwllbnRlcnRhaW5tZW50CWNzCUlBQjEJY3oJCWdjCURFCWdyCUhFCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAluaHJhZGl2My5jb20Jc2UJMzI0MzkwMzE2NgltYwkxMDEyMjQ1CW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JNDUxNQl2bgkxODg4MDg3
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:40 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=ra3o&k=ZQl3cwlhCTkxNwlkCWV1LXdlc3QtMWIJaAlpLTA1OTBlNjE0YWIyZTJlNTFkCXUJYzkzN2FlNmQtNjBlMS00ODdlLTkxNWMtN2UyNzJhYjIyMDY2CXYJOTFhYWY0YjktMjEwMC00YWRmLThkMTItY2FjNmU3MzExNDJmCXZsCTIwMjIxMDExLjA2NDAJdnQJMjAyMjEwMTEuMDY0MAl2cwkyMDIxMDUwNQl2YwkyMDIyMDQyOQlzdAkyMDIyMTAxMS4wNzI2NDAJaQllMjFkNTY2Ny05NzFhLTQxM2EtYjdkZC0yNjA1Mjc3M2M4MDQJZglodHRwczovL3d3dy5uaHJhZGl2My5jb20vCXEJN2FmNDkyYWYtM2MyYi00NTI2LTk1OWUtZDUwNmRhN2YxYjU5CW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk2MDgwCWMJNjEzNglsCTIxMDQ2CXoJMjAwODkJcwk3MDkzCXAJMjMwNjYJdwllbnRlcnRhaW5tZW50CWNzCUlBQjEJY3oJCWdjCURFCWdyCUhFCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAluaHJhZGl2My5jb20Jc2UJMzI0MzkwMzE2NgltYwkxMDEyMjQ1CW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JNDUxNQl2bgkxODg4MDg3CXdzCTAwOiBzaXplIDgwMCw0NTA
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:40 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=xcxe&k=ZQl3dwlhCTkxOAlkCWV1LXdlc3QtMWIJaAlpLTA1OTBlNjE0YWIyZTJlNTFkCXUJYzkzN2FlNmQtNjBlMS00ODdlLTkxNWMtN2UyNzJhYjIyMDY2CXYJOTFhYWY0YjktMjEwMC00YWRmLThkMTItY2FjNmU3MzExNDJmCXZsCTIwMjIxMDExLjA2NDAJdnQJMjAyMjEwMTEuMDY0MAl2cwkyMDIxMDUwNQl2YwkyMDIyMDQyOQlzdAkyMDIyMTAxMS4wNzI2NDAJaQllMjFkNTY2Ny05NzFhLTQxM2EtYjdkZC0yNjA1Mjc3M2M4MDQJZglodHRwczovL3d3dy5uaHJhZGl2My5jb20vCXEJN2FmNDkyYWYtM2MyYi00NTI2LTk1OWUtZDUwNmRhN2YxYjU5CW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk2MDgwCWMJNjEzNglsCTIxMDQ2CXoJMjAwODkJcwk3MDkzCXAJMjMwNjYJdwllbnRlcnRhaW5tZW50CWNzCUlBQjEJY3oJCWdjCURFCWdyCUhFCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAluaHJhZGl2My5jb20Jc2UJMzI0MzkwMzE2NgltYwkxMDEyMjQ1CW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JNDUxNQl2bgkxODg4MDg3CXd3CUdEUFI6MTo6MDpDQ1BBOjA6
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:40 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=o18r&k=ZQltYwlhCTkxOAlkCWV1LXdlc3QtMWIJaAlpLTA1OTBlNjE0YWIyZTJlNTFkCXUJYzkzN2FlNmQtNjBlMS00ODdlLTkxNWMtN2UyNzJhYjIyMDY2CXYJOTFhYWY0YjktMjEwMC00YWRmLThkMTItY2FjNmU3MzExNDJmCXZsCTIwMjIxMDExLjA2NDAJdnQJMjAyMjEwMTEuMDY0MAl2cwkyMDIxMDUwNQl2YwkyMDIyMDQyOQlzdAkyMDIyMTAxMS4wNzI2NDAJaQllMjFkNTY2Ny05NzFhLTQxM2EtYjdkZC0yNjA1Mjc3M2M4MDQJZglodHRwczovL3d3dy5uaHJhZGl2My5jb20vCXEJN2FmNDkyYWYtM2MyYi00NTI2LTk1OWUtZDUwNmRhN2YxYjU5CW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk2MDgwCWMJNjEzNglsCTIxMDQ2CXoJMjAwODkJcwk3MDkzCXAJMjMwNjYJdwllbnRlcnRhaW5tZW50CWNzCUlBQjEJY3oJCWdjCURFCWdyCUhFCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAluaHJhZGl2My5jb20Jc2UJMzI0MzkwMzE2NgluZglpdglxcAk1MAlxdAkyNTAwCXBuCTQ1MTUJdm4JMTg4ODA4NwltYwlhbHJlYWR5LC8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM_aXU9LzIxODc0MTU1MTMzLDEwMTIyNDUvMjMwNjZfMjA4Mzc0MjA2OSZkZXNjcmlwdGlvbl91cmw9aHR0cHMlM0ElMkYlMkZ3d3cubmhyYWRpdjMuY29tJTJGJnRmY2Q9MCZucGE9MCZzej02NDB4NDgwJTdDMTI4MHg3MjAlN0MxOTIweDEwODAlN0M0MDB4MzAwJmN1c3RfcGFyYW1zPWRzbWNtJTNEMSUyNmRzZCUzRG5ocmFkaXYzLmNvbSZnZGZwX3JlcT0xJm91dHB1dD12YXN0JnVudmlld2VkX3Bvc2l0aW9uX3N0YXJ0PTEmZW52PXZwJmltcGw9cyZjb3JyZWxhdG9yPTczMjkzMCZnZHByPTEmZ2Rwcl9jb25zZW50PSZ1c19wcml2YWN5PQ
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:40 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=5dsg&k=ZQltYwlhCTkxOAlkCWV1LXdlc3QtMWIJaAlpLTA1OTBlNjE0YWIyZTJlNTFkCXUJYzkzN2FlNmQtNjBlMS00ODdlLTkxNWMtN2UyNzJhYjIyMDY2CXYJOTFhYWY0YjktMjEwMC00YWRmLThkMTItY2FjNmU3MzExNDJmCXZsCTIwMjIxMDExLjA2NDAJdnQJMjAyMjEwMTEuMDY0MAl2cwkyMDIxMDUwNQl2YwkyMDIyMDQyOQlzdAkyMDIyMTAxMS4wNzI2NDAJaQllMjFkNTY2Ny05NzFhLTQxM2EtYjdkZC0yNjA1Mjc3M2M4MDQJZglodHRwczovL3d3dy5uaHJhZGl2My5jb20vCXEJN2FmNDkyYWYtM2MyYi00NTI2LTk1OWUtZDUwNmRhN2YxYjU5CW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk2MDgwCWMJNjEzNglsCTIxMDQ2CXoJMjAwODkJcwk3MDkzCXAJMjMwNjYJdwllbnRlcnRhaW5tZW50CWNzCUlBQjEJY3oJCWdjCURFCWdyCUhFCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAluaHJhZGl2My5jb20Jc2UJMzI0MzkwMzE2NgluZglpdglxcAk1MAlxdAkyNTAwCXBuCTQ1MTUJdm4JMTg4ODA4NwltYwlkZnBfbWNtXywvL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS8zNDIzMDEwOSwxMDEyMjQ1LzIzMDY2Xzc3MTY1NjIxNjgmZGVzY3JpcHRpb25fdXJsPWh0dHBzJTNBJTJGJTJGd3d3Lm5ocmFkaXYzLmNvbSUyRiZ0ZmNkPTAmbnBhPTAmc3o9NjQweDQ4MCU3QzEyODB4NzIwJTdDMTkyMHgxMDgwJTdDNDAweDMwMCZjdXN0X3BhcmFtcz1kc21jbSUzRDElMjZkc2QlM0RuaHJhZGl2My5jb20mZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmVudj12cCZpbXBsPXMmY29ycmVsYXRvcj0yNjk1NTkmZ2Rwcj1fX0lTX0dEUFJfXyZnZHByX2NvbnNlbnQ9X19HRFBSX0NPTlNFTlRfXyZ1c19wcml2YWN5PV9fQ0NQQV9GTEFHX18
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:40 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
1a
i.clean.gg/ Frame 4315 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.nhradiv3.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 11 Oct 2022 07:26:40 GMT
server
nginx/1.21.6
via
1.1 google
trinity.json
apex.go.sonobi.com/ Frame 4315 		94 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2224ce6d7a07d3a8%22%3A%2253d714f8b04bbc214870%7C728x90%2C468x60%2C300x75%2C320x50%2C300x50%2C234x60%2C216x54%2C120x90%2C216x36%2C120x60%2C168x28%2C120x30%2C120x20%2C2x2%2C1x1%7Cgpid%3D%2F25756908%2C1012245%2FWSM%2Fnhra_728x90_1-2%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.nhradiv3.com%2F&s=15a2bf4e-6486-4434-ba61-3ade63cc75d8&pv=e4c52f85-f723-4371-84a3-6e14441713bd&vp=mobile&lib_name=prebid&lib_v=7.11.0-PPI&us=3&fpd=%7B%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22westseven.media%22%2C%22sid%22%3A%224e9ff6ac6ba2%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%2244f236fb-03ec-4146-9837-1c2f093c7747%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2244f236fb-03ec-4146-9837-1c2f093c7747%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_NHRA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
f633cabe0542a793ac431805f2316d0bb6e4a42431689764508b30eaca42bfa6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:41 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-30
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.nhradiv3.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
119
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ Frame 4315 		87 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aHkklUYZCr6BvoaKkGJozW
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_NHRA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
0fe1d30c889f6f022c60764c0561d1d6a6bb2e76a5a70bd53bd34e913ba4c85d

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.nhradiv3.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/ Frame 4315 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_NHRA.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a9373fa8fd8e7335fb14a36ea9a27e28b7bd7eddd5fce53fa73a9432b66b0daf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:41 GMT
AN-X-Request-Uuid
905c4144-77ae-40ba-8189-9c6ed9cf7a27
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nhradiv3.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
rtkio-d.openx.net/w/1.0/ Frame 4315 		73 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtkio-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.nhradiv3.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8ea446d2-d89b-46b9-b32e-944839e74ecf&nocache=1665473200919&pubcid=44f236fb-03ec-4146-9837-1c2f093c7747&schain=1.0%2C1!westseven.media%2C4e9ff6ac6ba2%2C1%2C%2C%2C&aus=728x90%2C468x60%2C300x75%2C320x50%2C300x50%2C234x60%2C216x54%2C120x90%2C216x36%2C120x60%2C168x28%2C120x30%2C120x20%2C2x2%2C1x1&divids=25586b6&aucs=%252F25756908%252C1012245%252FWSM%252Fnhra_728x90_1-2&auid=549583328
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_NHRA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4bf3ed33c46fc01b4e9e88a7a471246795a6409a599cb494897b22dab8fa9a14

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:40 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.nhradiv3.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 4315 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_NHRA.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nhradiv3.com
date
Tue, 11 Oct 2022 07:26:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 4315 		24 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.11.0-PPI
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_NHRA.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
6674d72a10a639ac255748dbf5276d5631d4627a57a07f790aa9a06dc375329d

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
pod
X-Sovrn-Pod: ad_ap7ams1
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://www.nhradiv3.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
/
hb.emxdgt.com/ Frame 4315 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=2000&ts=1665473200923&src=pbjs
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_NHRA.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.155.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-155-254.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nhradiv3.com
date
Tue, 11 Oct 2022 07:26:40 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
prebid-request
onetag-sys.com/ Frame 4315 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_NHRA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.nhradiv3.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4315 		427 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19984&site_id=282024&zone_id=2151534&size_id=2&alt_size_ids=1%2C5%2C43%2C44%2C221%2C251&rp_schain=1.0,1!westseven.media,4e9ff6ac6ba2,1,,,&eid_pubcid.org=44f236fb-03ec-4146-9837-1c2f093c7747%5E1&rf=https%3A%2F%2Fwww.nhradiv3.com%2F&tg_i.elementid=nhra_728x90_1-2&tg_i.pbadslot=%2F25756908%2C1012245%2FWSM%2Fnhra_728x90_1-2&tg_i.aupName=WSM%2Fnhra_728x90_1-2&tk_flint=dmpbjs_v7.11.0-PPI&x_source.tid=8ea446d2-d89b-46b9-b32e-944839e74ecf&l_pb_bid_id=184742745335d0e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F25756908%2C1012245%2FWSM%2Fnhra_728x90_1-2&slots=1&rand=0.5059336223849011
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_NHRA.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b74e3a5cbb025fd5c94d8ec8218fafd0a5fec13a264aab8e98a4a2bbcdf143b3

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:41 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.nhradiv3.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
427
Expires
Wed, 17 Sep 1975 21:32:10 GMT
adreq
ads.servenobid.com/ Frame 4315 		745 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5351
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_NHRA.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
acfb10ea6d2de34921a847e61ee9deab4bf80d30be1c6b7a56657dc5823dff3e

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.nhradiv3.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ Frame 4315 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_NHRA.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.131.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-131-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nhradiv3.com
date
Tue, 11 Oct 2022 07:26:41 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
hb
hb.undertone.com/ Frame 4315 		0
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3989&domain=nhradiv3.com
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_NHRA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-51.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:40 GMT
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.nhradiv3.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
x-amz-cf-id
z6IWG1No5GU-hF8-wZIIRnDMYOC5UiF5_6W57tx55XIBmtSMIRvC_Q==
expires
Mon, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ Frame 4315 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_NHRA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nhradiv3.com
date
Tue, 11 Oct 2022 07:26:40 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
v2
e.serverbid.com/api/ Frame 4315 		16 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_NHRA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 11 Oct 2022 07:26:40 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.nhradiv3.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
prebid
ib.adnxs.com/ut/v3/ Frame 4315 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_NHRA.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
552cb0774e5fc38e620aa708c6863f3a81f798a2f72d793eba342d15f2e313d9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:41 GMT
AN-X-Request-Uuid
63a56ab5-98ee-4e8f-8d56-3911eec89357
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nhradiv3.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel.gif
pixel.westseven.media/ Frame 4315 		35 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.westseven.media/pixel.gif?key=nhra_728x90_1-2&ao&r=0.7740748670128508
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.160.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-160-208.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 07:26:40 GMT
Cache-Control
private, no-cache, proxy-revalidate, max-age=0
Content-Disposition
inline
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
pixel;r=974553749;labels=campaign.22342.262.410.6080;event=refresh;rf=0;a=p-w9vzu-sGKCA0U;url=https%3A%2F%2Fwww.nhradiv3.com%2F;uht=2;fpan=0;fpa=P0-616770960-1665473200076;pbc=;ns=0;ce=1;qjs=1;qv=3...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=974553749;labels=campaign.22342.262.410.6080;event=refresh;rf=0;a=p-w9vzu-sGKCA0U;url=https%3A%2F%2Fwww.nhradiv3.com%2F;uht=2;fpan=0;fpa=P0-616770960-1665473200076;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;cm=;gdpr=0;ref=;d=nhradiv3.com;dst=0;et=1665473201012;tzo=0;ogl=;ses=296a6ca8-6588-491a-a6d2-dce8df5c32a6
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 11 Oct 2022 07:26:41 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
in_search.js
resources.infolinks.com/js/1826.004-3.025/ 		222 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1826.004-3.025/in_search.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1826.004-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae938820655d8afb2bcaac1a4c8e03cb464fd7cf04c3f4c9f9ce7917eae728c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 26 Sep 2022 10:00:04 GMT
server
cloudflare
age
4206
etag
W/"3762b-5e9919773e5f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7585de72691d9a15-FRA
expires
Thu, 10 Nov 2022 06:16:35 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		380 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1826.004-3.025/ice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10ab3f3fd4aec35a9f26e104e9a33b7dc6a2e09dc7a27a718daf8c40ad3c7740
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129615
x-xss-protection
0
expires
Tue, 11 Oct 2022 07:26:41 GMT
cors
data.ad-score.com/data/ Frame 4315 		1 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=otgoVdnHWXLlXWrXujBSWxjuTHTEDWWG-FE7fPshldVrlKDwb3nLLG0rAPA==-E0zHOclmblbiMg==&pm_ct=c0105db3bfba3a686a9f3325&pm_pl=1665473200681&pm_td=354&pid=1000449&en=1.1&callback=__pm_glbl_1nj84NuI5zY2RYfB39umccKS._gc3&tt=g&v=e30e479
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000449&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.nhradiv3.com
Date
Tue, 11 Oct 2022 07:26:41 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
/
www.google.com/pagead/1p-user-list/939427171/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/939427171/?random=1665473200636&cv=9&fst=1665471600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nhradiv3.com%2F&tiba=NHRA%20North%20Central%20Division%20web%20site&async=1&fmt=3&is_vtc=1&random=1493931045&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:41 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/939427171/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/939427171/?random=1665473200636&cv=9&fst=1665471600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nhradiv3.com%2F&tiba=NHRA%20North%20Central%20Division%20web%20site&async=1&fmt=3&is_vtc=1&random=1493931045&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:41 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
85312cf9-3046-4161-879f-d3ba98182296
https://www.nhradiv3.com/ Frame 4315 		288 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.nhradiv3.com/85312cf9-3046-4161-879f-d3ba98182296
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length
288
Content-Type
text/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame 4315 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuP_SI_rr8gXkJ79VmNsGjaLBNfgQwuGgbOEN4h7thRsnSnjJ0uU-uWTyDBzeG07KdrzqFbOp3TSgtvFusy0gHdolQeeGK0Z_3LbCHzUoaNSyhOiUglEx6ZHDcerGCWqvIyCzBvKFjwqixW4YcfERXYjycWj0lyYqHSMav3Pnfx6MdOV5EP6qEWzAoLFlOupZEpLbinJKclfLpES-RnswkiK5EX5rTZAla012SwmozPqP6NK2c3Ssw0smwn41tBWMw-0sPZQMuvKohMDpnE8n4HLtWI_Y4yTd10fkL4Bo9u_yeA37LQIW6LVTHZ4t_cXKDtYMwhzVifMpPEwkkAzVaYGGc&sai=AMfl-YQPFpJVpZU2IRkYNm_ag2c0_9_VfbbNWIofJ5HfFC1UEwiWGibVyeVnk5P4LE6TY5T984Mm5FixVzLAdA30HIQKPrqPIrkRHgtYfmfGVU7uR3sc5BElKK51WUHbdWzhCtscsA&sig=Cg0ArKJSzPepk3pUyA4_EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 11 Oct 2022 07:26:41 GMT
getads.htm
rt3060.infolinks.com/action/ 		139 B
267 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3060.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22arkansas%22%2C%22scs%22%3A%22uGuXgmwFTL%22%7D%5D&rid=776eea68-8329-4f23-a640-77a61df34565&jsv=1826.004-3.025&sr=1600X1200&rts=1665473201100&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=106.0.5249.91&dv=p&ce=t&purl=https%3A%2F%2Fwww.nhradiv3.com%2F&tzo=-0000&c=c&strg=true&rsd=6mUdRi2T5q0vDCmYcrgY2_MqVoe_cIpEefrHh2pcJlSI9X50Ig96kTwA-fHifZ4MwIlXs9NXZ6rqB_E2HksOY6seow2W4QxK-fazSqdUuY-YyngeHEbq_g_dY8ArRTCdpOlKCTvyQrZEw-rK4_WbyCIkA3EL7J14&rsk=64&rcs=pIrnnHC175qGHycCPSuDCw&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1826.004-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed7ea80e39acd0f81e4efd2153c97474ab5aceb7b29e5d3e895b718ba40cc155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
de-DE
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7585de72e9db9a15-FRA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
cors
data.ad-score.com/data/ Frame 4315 		1 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=otgoVdnHWXLlXWrXujBSWxjuTHTEDWWG-FE7fPshldVrlKDwb3nLLG0rAPA==-E0zHOclmblbiMg==&pm_ct=c0105db3bfba3a686a9f3325&pm_pl=1665473200681&pm_td=436&pid=1000449&en=1.1&callback=__pm_glbl_1nj84NuI5zY2RYfB39umccKS._gc4&tt=g&v=e30e479
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000449&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.nhradiv3.com
Date
Tue, 11 Oct 2022 07:26:41 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
vidice.js
resources.infolinks.com/js/vidice/2.0/ 		333 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/vidice/2.0/vidice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1826.004-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 25 Jan 2022 09:20:02 GMT
server
cloudflare
age
13587
etag
W/"5344d-5d6649709d511"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7585de734a769a15-FRA
expires
Thu, 10 Nov 2022 03:40:14 GMT
index.html
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ima_html5/ Frame 7158 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ima_html5/index.html
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ds_vplayer_detached.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
9d84e609f83ce654233e71c1a1ea7321f73479b0126d2cbbf216e18add331d23

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=12384
content-encoding
gzip
content-length
7033
content-type
text/html
date
Tue, 11 Oct 2022 07:26:41 GMT
etag
"1660677621"
last-modified
Tue, 16 Aug 2022 19:20:21 GMT
x-hw
1665473201.dop218.lo4.t,1665473201.cds326.lo4.hn,1665473201.cds316.lo4.c
truncated
/ 		226 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e8db71249f82bb7584f1a2b6744275d18a4b5940ec8d48da133c65e81d5a23b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
dgv_nhra_trending_articles_20221010143518_634424966da93_new.jpg
a.jsrdn.com/videos/23066/dgv_nhra/20221010143518_634424966da93/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.jsrdn.com/videos/23066/dgv_nhra/20221010143518_634424966da93/dgv_nhra_trending_articles_20221010143518_634424966da93_new.jpg
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2ef7df6d42699a874e46ca5645621a3f6f73fbd739d0cd35414c952f579a65f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
last-modified
Mon, 10 Oct 2022 14:35:25 GMT
etag
"1665412525"
x-hw
1665473201.dop202.lo4.t,1665473201.cds246.lo4.hn,1665473201.cds240.lo4.c
content-type
image/jpeg
cache-control
max-age=25996
accept-ranges
bytes
content-length
21485
dgv_nhra_trending_articles_20221010143518_634424966da93_new.mp4
a.jsrdn.com/videos/23066/dgv_nhra/20221010143518_634424966da93/ 		48 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/videos/23066/dgv_nhra/20221010143518_634424966da93/dgv_nhra_trending_articles_20221010143518_634424966da93_new.mp4
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash

Request headers

Referer
https://www.nhradiv3.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
last-modified
Mon, 10 Oct 2022 14:35:22 GMT
etag
"1665412522"
x-hw
1665473201.dop202.lo4.t,1665473201.cds246.lo4.hn,1665473201.cds317.lo4.c
content-type
video/mp4
Content-Range
bytes 0-2531563/2531564
cache-control
max-age=25996
accept-ranges
bytes
Content-Length
2531564
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 7158 		380 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ima_html5/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10ab3f3fd4aec35a9f26e104e9a33b7dc6a2e09dc7a27a718daf8c40ad3c7740
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129615
x-xss-protection
0
expires
Tue, 11 Oct 2022 07:26:41 GMT
minimal.mp4
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ima_html5/ Frame 7158 		843 B
996 B 		Media
General
Check archive.org
Download Go to
Full URL
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ima_html5/minimal.mp4
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ima_html5/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ima_html5/index.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
last-modified
Tue, 16 Aug 2022 19:20:22 GMT
etag
"1660677622"
x-hw
1665473201.dop218.lo4.t,1665473201.cds326.lo4.hn,1665473201.cds103.lo4.c
content-type
video/mp4
Content-Range
bytes 0-842/843
cache-control
max-age=12385
accept-ranges
bytes
Content-Length
843
dgv_nhra_trending_articles_20221010143518_634424966da93_new.mp4
a.jsrdn.com/videos/23066/dgv_nhra/20221010143518_634424966da93/ 		104 KB
104 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/videos/23066/dgv_nhra/20221010143518_634424966da93/dgv_nhra_trending_articles_20221010143518_634424966da93_new.mp4
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
013c21084c7d32c57dbf56e6e77eb90449139f4e521b4c22e792f863ecfe3315

Request headers

Referer
https://www.nhradiv3.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range
bytes=2424832-

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
last-modified
Mon, 10 Oct 2022 14:35:22 GMT
etag
"1665412522"
x-hw
1665473201.dop202.lo4.t,1665473201.cds246.lo4.hn,1665473201.cds317.lo4.c
content-type
video/mp4
Content-Range
bytes 2424832-2531563/2531564
cache-control
max-age=25996
accept-ranges
bytes
Content-Length
106732
bridge3.538.0_en.html
imasdk.googleapis.com/js/core/ Frame D9E4 		687 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.538.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f45c8486e50b0bb2fbc647301b45bd39a54beeb23a28e0f0d53048daebbb3868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5x8i7c7.ssl.hwcdn.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
410271
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Oct 2022 13:28:50 GMT
expires
Fri, 06 Oct 2023 13:28:50 GMT
last-modified
Thu, 06 Oct 2022 13:26:08 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 7158 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Oct 2022 07:26:41 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=2znj&k=ZQl3YQlhCTE0MTkJZAlldS13ZXN0LTFiCWgJaS0wNTkwZTYxNGFiMmUyZTUxZAl1CWM5MzdhZTZkLTYwZTEtNDg3ZS05MTVjLTdlMjcyYWIyMjA2Ngl2CTkxYWFmNGI5LTIxMDAtNGFkZi04ZDEyLWNhYzZlNzMxMTQyZgl2bAkyMDIyMTAxMS4wNjQwCXZ0CTIwMjIxMDExLjA2NDAJdnMJMjAyMTA1MDUJdmMJMjAyMjA0MjkJc3QJMjAyMjEwMTEuMDcyNjQwCWkJZTIxZDU2NjctOTcxYS00MTNhLWI3ZGQtMjYwNTI3NzNjODA0CWYJaHR0cHM6Ly93d3cubmhyYWRpdjMuY29tLwlxCTdhZjQ5MmFmLTNjMmItNDUyNi05NTllLWQ1MDZkYTdmMWI1OQltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNjA4MAljCTYxMzYJbAkyMTA0Ngl6CTIwMDg5CXMJNzA5MwlwCTIzMDY2CXcJZW50ZXJ0YWlubWVudAljcwlJQUIxCWN6CQlnYwlERQlncglIRQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJbmhyYWRpdjMuY29tCXNlCTMyNDM5MDMxNjYJbWMJMTAxMjI0NQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTQ1MTUJdm4JMTg4ODA4Nwl2cAkxCXZnCXByCWNpCWQzNDExODNkLTk2MjYtZmRiYS1iN2JjLTg2ODdmMWYzMGZiYgljcAlnMgl2dgkyMDIyMDgxNl8xOTE5OmltYV9odG1sNTozLjUzOC4wCXd0CTUzOAlhZFRhZwkvL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS8yMTg3NDE1NTEzMywxMDEyMjQ1LzIzMDY2XzIwODM3NDIwNjkmZGVzY3JpcHRpb25fdXJsPWh0dHBzJTNBJTJGJTJGd3d3Lm5ocmFkaXYzLmNvbSUyRiZ0ZmNkPTAmbnBhPTAmc3o9NjQweDQ4MCU3QzEyODB4NzIwJTdDMTkyMHgxMDgwJTdDNDAweDMwMCZjdXN0X3BhcmFtcz1kc21jbSUzRDElMjZkc2QlM0RuaHJhZGl2My5jb20mZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmVudj12cCZpbXBsPXMmY29ycmVsYXRvcj03MzI5MzAmZ2Rwcj0xJmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:41 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
dgv_nhra_trending_articles_20221010143518_634424966da93_new.mp4
a.jsrdn.com/videos/23066/dgv_nhra/20221010143518_634424966da93/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/videos/23066/dgv_nhra/20221010143518_634424966da93/dgv_nhra_trending_articles_20221010143518_634424966da93_new.mp4
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
c66106e28104a8921e6bb9324d7b6ecf0db9495c86d3f89ffa09a84ded47aa05

Request headers

Referer
https://www.nhradiv3.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range
bytes=32768-

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
last-modified
Mon, 10 Oct 2022 14:35:22 GMT
etag
"1665412522"
x-hw
1665473201.dop202.lo4.t,1665473201.cds246.lo4.hn,1665473201.cds317.lo4.c
content-type
video/mp4
Content-Range
bytes 32768-2531563/2531564
cache-control
max-age=25996
accept-ranges
bytes
Content-Length
2498796
cors
data.ad-score.com/data/ Frame 4315 		1 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=otgoVdnHWXLlXWrXujBSWxjuTHTEDWWG-FE7fPshldVrlKDwb3nLLG0rAPA==-E0zHOclmblbiMg==&pm_ct=c0105db3bfba3a686a9f3325&pm_pl=1665473200681&pm_td=756&pid=1000449&en=1.1&callback=__pm_glbl_1nj84NuI5zY2RYfB39umccKS._gc5&tt=g&v=e30e479
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000449&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.nhradiv3.com
Date
Tue, 11 Oct 2022 07:26:41 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
ads
pagead2.googlesyndication.com/gampad/ Frame D9E4 		124 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21874155133%2C1012245%2F23066_2083742069&description_url=https%3A%2F%2Fwww.nhradiv3.com%2F&tfcd=0&npa=0&sz=640x480%7C1280x720%7C1920x1080%7C400x300&cust_params=dsmcm%3D1%26dsd%3Dnhradiv3.com&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2602870021600983&gdpr=1&gdpr_consent&us_privacy&vpa=auto&vpmute=1&sdkv=h.3.538.0&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=3422544580&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.538.0&media_url=https%3A%2F%2Fc5x8i7c7.ssl.hwcdn.net%2Fvplayer-parallel%2F20220816_1919%2Fima_html5%2Fminimal.mp4&sid=23FDD7D7-E91F-4F70-A231-1C944C8C3C7E&nel=0&eid=44748969%2C44750824%2C44760950%2C44765701%2C44770823&ref=https%3A%2F%2Fwww.nhradiv3.com%2F&url=https%3A%2F%2Fwww.nhradiv3.com%2F&dt=1665473201464&scor=656218997194752&ged=ve4_td0_er0.0.154.300_vi0.0.450.800_vp100_eb24424
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.538.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 9E0D 		380 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ds_vplayer_detached.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10ab3f3fd4aec35a9f26e104e9a33b7dc6a2e09dc7a27a718daf8c40ad3c7740
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129615
x-xss-protection
0
expires
Tue, 11 Oct 2022 07:26:41 GMT
191231-96143263832481.js
js-sec.indexww.com/ht/p/ Frame 9E0D 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/191231-96143263832481.js
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ds_vplayer_detached.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-248.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3eb6b450e09da3c00ba344a44a690b004402dc62ddf0d3cf3bbdec5ab33310e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 07:26:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2022 07:06:50 GMT
Server
Apache
ETag
"da3fe3-930a-5eabceb95fa3c"
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2435
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12789
Expires
Tue, 11 Oct 2022 08:07:16 GMT
integrator.js
adservice.google.de/adsid/ Frame 4315 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.nhradiv3.com
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4315 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nhradiv3.com
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4315 		565 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2973159580489977&correlator=3621499446080861&eid=31069634%2C31070193%2C31070282%2C44769661&output=ldjh&gdfp_req=1&vrg=2022100301&ptt=17&impl=fifs&iu_parts=25756908%3A1012245%2CWSM%2Cnhra_728x90_1-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C300x75%7C320x50%7C300x50%7C234x60%7C216x54%7C120x90%7C216x36%7C120x60%7C168x28%7C120x30%7C120x20%7C2x2%7C1x1&ifi=1&adks=3991539168&sfv=1-0-38&fsapi=false&eri=1&sc=1&cookie=ID%3Da68206ccf6e6692b-227559d442ce001e%3AT%3D1665473200%3AS%3DALNI_Ma5C6mrkpQ_oY14K23zK0SCNvdt0g&abxe=1&dt=1665473201644&lmt=1665473201&dlt=1665473200353&idt=586&adxs=0&adys=4&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=xsr8zhi5uwmv&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.nhradiv3.com%2F&ref=https%3A%2F%2Fwww.nhradiv3.com%2F&top=https%3A%2F%2Fwww.nhradiv3.com%2F&frm=23&vis=1&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1192785320.1665473200&ga_sid=1665473200&ga_hid=2122249209&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46f95482bdc400cf976607354fdd5538310f23c62b86ba71feec100923a6333f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
308
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nhradiv3.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4315 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022100301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
080cf118febb9e5723fb94d1f1a4f8f9523bb8b4c7f0d7760bb9a1b745559815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11105
x-xss-protection
0
container.html
ddca18801632163d7aa3aeeeed31408b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0C89 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ddca18801632163d7aa3aeeeed31408b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 07:26:41 GMT
expires
Wed, 11 Oct 2023 07:26:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
minimal.mp4
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/pd1_html5/ Frame 9E0D 		843 B
976 B 		Media
General
Check archive.org
Download Go to
Full URL
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/pd1_html5/minimal.mp4
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer
https://www.nhradiv3.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
last-modified
Tue, 16 Aug 2022 19:19:27 GMT
etag
"1660677567"
x-hw
1665473201.dop218.lo4.t,1665473201.cds326.lo4.hn,1665473201.cds247.lo4.c
content-type
video/mp4
Content-Range
bytes 0-842/843
cache-control
max-age=45651
accept-ranges
bytes
Content-Length
843
bridge3.538.0_en.html
imasdk.googleapis.com/js/core/ Frame 1FDA 		687 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.538.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f45c8486e50b0bb2fbc647301b45bd39a54beeb23a28e0f0d53048daebbb3868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
410271
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Oct 2022 13:28:50 GMT
expires
Fri, 06 Oct 2023 13:28:50 GMT
last-modified
Thu, 06 Oct 2022 13:26:08 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 9E0D 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Oct 2022 07:26:41 GMT
p23066-ds-desktop.json
a.jsrdn.com/prebid/tags/ Frame 9E0D 		19 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/prebid/tags/p23066-ds-desktop.json?aca=1&env.sd=nhradiv3.com&env.gc=DE
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
5055d789e446e7d2e813897e76d9cc349957122687cc0efda766042db6780c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
content-encoding
gzip
last-modified
Tue, 11 Oct 2022 06:42:36 GMT
etag
"1665470556"
access-control-max-age
3600
x-hw
1665473201.dop062.lo4.t,1665473201.cds300.lo4.hn,1665473201.cds073.lo4.c
content-type
application/json
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
cache-control
max-age=85132
access-control-allow-credentials
true
access-control-allow-origin
https://www.nhradiv3.com
accept-ranges
bytes
content-length
1952
identity
api.rlcdn.com/api/ Frame 9E0D 		44 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/191231-96143263832481.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.nhradiv3.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/ Frame 9E0D 		63 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=191231
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/191231-96143263832481.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
db98c3c94cf1b7046dd5c41d263f75a283bde2f3eb797bbedb8afe8c26cb3799

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nhradiv3.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 10 Nov 2022 07:26:41 GMT
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.226.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-226-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.nhradiv3.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 11 Oct 2022 07:26:41 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 4315 		61 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_NHRA.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.226.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-226-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 11 Oct 2022 07:26:41 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4315 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 11 Oct 2022 07:26:41 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=rs2e&k=ZQl3YQlhCTE4NzQJZAlldS13ZXN0LTFiCWgJaS0wNTkwZTYxNGFiMmUyZTUxZAl1CWM5MzdhZTZkLTYwZTEtNDg3ZS05MTVjLTdlMjcyYWIyMjA2Ngl2CTkxYWFmNGI5LTIxMDAtNGFkZi04ZDEyLWNhYzZlNzMxMTQyZgl2bAkyMDIyMTAxMS4wNjQwCXZ0CTIwMjIxMDExLjA2NDAJdnMJMjAyMTA1MDUJdmMJMjAyMjA0MjkJc3QJMjAyMjEwMTEuMDcyNjQwCWkJZTIxZDU2NjctOTcxYS00MTNhLWI3ZGQtMjYwNTI3NzNjODA0CWYJaHR0cHM6Ly93d3cubmhyYWRpdjMuY29tLwlxCTdhZjQ5MmFmLTNjMmItNDUyNi05NTllLWQ1MDZkYTdmMWI1OQltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNjA4MAljCTYxMzYJbAkyMTA0Ngl6CTIwMDg5CXMJNzA5MwlwCTIzMDY2CXcJZW50ZXJ0YWlubWVudAljcwlJQUIxCWN6CQlnYwlERQlncglIRQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJbmhyYWRpdjMuY29tCXNlCTMyNDM5MDMxNjYJbWMJMTAxMjI0NQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTQ1MTUJdm4JMTg4ODA4Nwl2cAkxCXZnCXByCWNpCTcxYmJiMjA3LTE0YjQtM2JjZC1hMmU0LWY3MWMzN2QwZThiZQljcAlwZAl2dgkyMDIyMDgxNl8xOTE5OnBkMV9odG1sNTozLjUzOC4wCXd0CTUxOAlhZFRhZwkvL2EuanNyZG4uY29tL3ByZWJpZC90YWdzL3AyMzA2Ni1kcy1kZXNrdG9wLmpzb24_YWNhPTEmZW52LnNkPW5ocmFkaXYzLmNvbSZlbnYuZ2M9REU
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:41 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.nhradiv3.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.nhradiv3.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 11 Oct 2022 07:26:41 GMT
server
ATS/9.1.10.25
312200
search.spotxchange.com/openrtb/2.3/dados/ Frame 9E0D 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/312200?src_sys=prebid
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Tue, 11 Oct 2022 07:26:42 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.002817
X-SpotX-Timing-Transform
0.000433
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.002817
X-SpotX-Timing-Page-Require
0.000488
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.002689
X-fe
087
X-SpotX-Timing-Page-Cookie
0.000005
X-SpotX-Timing-Page
0.007835
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000381
Last-Modified
Tue, 11 Oct 2022 07:26:42 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.nhradiv3.com
X-SpotX-Timing-Page-Exception
0.000018
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000014
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000990
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 9E0D 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nhradiv3.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nhradiv3.com
date
Tue, 11 Oct 2022 07:26:42 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
bid.json
reachms.bfmio.com/ Frame 9E0D 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reachms.bfmio.com/bid.json?exchange_id=a8e8a036-e72c-4434-ba5a-29f69009ec76
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.84.56.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-84-56-220.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nhradiv3.com
date
Tue, 11 Oct 2022 07:26:42 GMT
access-control-expose-headers
location
access-control-allow-credentials
true
vary
Origin
expires
Thu, 01 Jan 1970 00:00:00 GMT
avjp
distroscale-d.openx.net/v/1.0/ Frame 9E0D 		106 B
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://distroscale-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.nhradiv3.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=43b1b126-623e-4be0-888a-2ae4458b1a92&nocache=1665473201822&schain=1.0%2C1!distroscale.com%2C3243903166%2C1%2C374d4a6c-4dc4-4677-88cb-5a146a2e1ac4%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A640%2C%22h%22%3A480%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fogg%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22api%22%3A%5B2%5D%2C%22maxduration%22%3A60%2C%22linearity%22%3A1%2C%22minduration%22%3A0%2C%22startdelay%22%3A0%2C%22placement%22%3A1%7D%7D%5D%7D&auid=540884776&vwd=640&vht=480&vmimes=video%2Fmp4%2Cvideo%2Fogg%2Cvideo%2Fwebm%2Capplication%2Fjavascript
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:41 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.nhradiv3.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 9E0D 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
971af732735583e44dc15f2dab13e776493306a083ea65872a220249d506c2af
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:41 GMT
AN-X-Request-Uuid
6e52e7ef-58d9-46de-b97f-923190249b5a
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nhradiv3.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/233488/0/ Frame 9E0D 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/233488/0/mvo?z=1r&hbv=6.29,2.1
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nhradiv3.com
pragma
no-cache
date
Tue, 11 Oct 2022 07:26:41 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame 9E0D 		94 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2214026486b891f1%22%3A%226f6428ecc72a92ae0cca%7C%7Cgpid%3D6f6428ecc72a92ae0cca%22%7D&ref=https%3A%2F%2Fwww.nhradiv3.com%2F&s=497eb187-8ccf-47b2-8f44-d71b71b31d0f&pv=ce9cf68e-f07b-455d-b821-f6fb5f0763a1&vp=tablet&lib_name=prebid&lib_v=6.29.0&us=3&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22distroscale.com%22%2C%22sid%22%3A%223243903166%22%2C%22hp%22%3A1%2C%22rid%22%3A%22374d4a6c-4dc4-4677-88cb-5a146a2e1ac4%22%7D%5D%7D&coppa=0
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
bf13f47eaa9fcb43ebdee6f32e56efa6db08b3e3fc27c80bdc1703a461070242
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:41 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-30
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.nhradiv3.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
119
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 9E0D 		37 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=858943&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22153ecb2c61abe58%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.nhradiv3.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.nhradiv3.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.nhradiv3.com%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216b3057b1f559f3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22858943%22%2C%22sid%22%3A%22640x480%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fogg%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A60%2C%22playerSize%22%3A%5B%5B640%2C480%5D%5D%2C%22linearity%22%3A1%2C%22startdelay%22%3A0%2C%22placement%22%3A1%2C%22w%22%3A640%2C%22h%22%3A480%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22distroscale.com%22%2C%22sid%22%3A%223243903166%22%2C%22hp%22%3A1%2C%22rid%22%3A%22374d4a6c-4dc4-4677-88cb-5a146a2e1ac4%22%7D%5D%7D%7D%7D%7D
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b10eb49fffbf252ba2221eacdae39b09a21a457c32aa27dbcf7d7e6e5ef99b6

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8bvIAsdaYWWy4k2RN0%2BAYmKIzDSM%2BeUFao9U3kRFqp06u3OfDj9mbdTRMh4AGgHdJHCmGPGhwYSONiZKjDSV221oAZ1vLuqF2GTCvPyKappZt1hySsAZviNLuGcYZ0wsTlQyRtr"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.nhradiv3.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7585de780fae7a6b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=hcsl&k=ZQl3d2EJYQkxODkzCWQJZXUtd2VzdC0xYgloCWktMDU5MGU2MTRhYjJlMmU1MWQJdQljOTM3YWU2ZC02MGUxLTQ4N2UtOTE1Yy03ZTI3MmFiMjIwNjYJdgk5MWFhZjRiOS0yMTAwLTRhZGYtOGQxMi1jYWM2ZTczMTE0MmYJdmwJMjAyMjEwMTEuMDY0MAl2dAkyMDIyMTAxMS4wNjQwCXZzCTIwMjEwNTA1CXZjCTIwMjIwNDI5CXN0CTIwMjIxMDExLjA3MjY0MAlpCWUyMWQ1NjY3LTk3MWEtNDEzYS1iN2RkLTI2MDUyNzczYzgwNAlmCWh0dHBzOi8vd3d3Lm5ocmFkaXYzLmNvbS8JcQk3YWY0OTJhZi0zYzJiLTQ1MjYtOTU5ZS1kNTA2ZGE3ZjFiNTkJbQkyMjM0MgliCTI2MglnCTQxMAl0CTYwODAJYwk2MTM2CWwJMjEwNDYJegkyMDA4OQlzCTcwOTMJcAkyMzA2Ngl3CWVudGVydGFpbm1lbnQJY3MJSUFCMQljegkJZ2MJREUJZ3IJSEUJZ2QJZmFsc2UJZ24JQ29ycG9yYXRlCW5lCWl2CW5kCWl2CXNkCW5ocmFkaXYzLmNvbQlzZQkzMjQzOTAzMTY2CW1jCTEwMTIyNDUJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgk0NTE1CXZuCTE4ODgwODcJdnAJMQl2ZwlwcgljaQk3MWJiYjIwNy0xNGI0LTNiY2QtYTJlNC1mNzFjMzdkMGU4YmUJY3AJcGQJdnYJMjAyMjA4MTZfMTkxOTpwZDFfaHRtbDU6My41MzguMAl3dAk1MTgJd3dhCWJpZGRlcjpzcG90eHx5YWhvb3NzcHxiZWFjaGZyb250fG9wZW54fGFwcG5leHVzfHJoeXRobW9uZXxzb25vYml8aXgJYWRUYWcJLy9hLmpzcmRuLmNvbS9wcmViaWQvdGFncy9wMjMwNjYtZHMtZGVza3RvcC5qc29uP2FjYT0xJmVudi5zZD1uaHJhZGl2My5jb20mZW52LmdjPURF
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:41 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
headerstats
as-sec.casalemedia.com/ Frame 9E0D 		0
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=476694&u=https%3A%2F%2Fwww.nhradiv3.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/191231-96143263832481.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAEF4LXmVmjh3vtwDoMoBaYDMp5vV4%2BwpqLrNb9I%2BVIzgIliAqa0Me7Ggn82RIe6JcGS7oW5C9f3XeAQrUVPX4Uz%2BvvznWwDJxNd85xX0TNklO87N6oRGM8HgGSqFQE9aSOYeH%2FcWu0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.nhradiv3.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7585de77e856bc04-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 72F9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
41149
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 10 Oct 2022 20:00:52 GMT
expires
Tue, 10 Oct 2023 20:00:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B4C4 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
503c356c452675784d5146c730e538ee5ecb6d55a3d0df952dc48206b7da4bf8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7mBfYJAQXm4bEqwkUSR15Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-7mBfYJAQXm4bEqwkUSR15Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 07:26:41 GMT
expires
Tue, 11 Oct 2022 07:26:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame B4C4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022100301&jk=2973159580489977&rc=
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022100501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b96d3e212909435e29f51cf57dff176d7b33082622adb969ee9fee6d23825d66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11147
x-xss-protection
0
like_box.php
www.facebook.com/v2.12/plugins/ Frame 0ED6 		109 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4fcba6ffbf556adaff306e4ca264a269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bcc8fe6e663527cb12acf8c959541d03a8598fdc10f815cc5d49f30398ef3bb8
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Tue, 11 Oct 2022 07:26:42 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v8.0
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
A06KNPd7CfwryhoHYVwt7hBVIr2fMDZJGb8mG0Xmz/JyBdyppQ/uS+78YOM1IIVfXDoYZrAbGgMqR1OHYJu3Ag==
x-fb-rlafr
0
x-xss-protection
0
roundtrip.js
s.adroll.com/j/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:c200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36b8ba6d8daab27f21a23b6f0deb326d45c7ffa2ca328f7149e0022297101006

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-Amz-Version-Id
BoYN70bwO4jmpUvp4IBqP7NBSb_YQqPb
Content-Encoding
gzip
Via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
Date
Tue, 11 Oct 2022 06:53:45 GMT
Age
1979
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 06 Oct 2022 17:51:49 GMT
Server
AmazonS3
Etag
W/"4d72aaf67e0afed0a192e314091617b3"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
WwzbA2eguYn7K6UhgFRU8sadhAEmcrA7v9u7pnV0stfGyUkvAADPng==
p
i.simpli.fi/ 		750 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=&cb=sifi_att_42656._hp
Requested by
Host: i.simpli.fi
URL: https://i.simpli.fi/dpx.js?cid=62812&action=100&segment=maplegroveracewaysite&m=1&sifi_tuid=35523
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b0.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
c646700cb82cfb8e4b1914efbc7d3d360beca16530bd984ee353ed8693a965a4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Tue, 11 Oct 2022 07:26:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
container-1.0.html
resources.infolinks.com/static/ Frame D3A8 		430 B
433 B 		Document
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/container-1.0.html
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1826.004-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3586
cache-control
max-age=2592000
cf-cache-status
HIT
cf-ray
7585de782a589a15-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 11 Oct 2022 07:26:41 GMT
expires
Thu, 10 Nov 2022 06:26:55 GMT
last-modified
Wed, 17 Nov 2021 13:25:02 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 google
YGBXjHGFrvOS8X60wpRSOm_fLYxf6hdhmLaY3J7KaRQ.js
pagead2.googlesyndication.com/bg/ Frame 72F9 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YGBXjHGFrvOS8X60wpRSOm_fLYxf6hdhmLaY3J7KaRQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6060578c7185aef392f17eb4c294523a6fdf2d8c5fea176198b698dc9eca6914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 19:58:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41295
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16102
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Oct 2023 19:58:26 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 11 Oct 2022 07:26:41 GMT
xuid
eb2.3lift.com/
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=296F729EAA314D1DB5165856AC5F0422&dongle=yf3
37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=296F729EAA314D1DB5165856AC5F0422&dongle=yf3
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

date
Tue, 11 Oct 2022 07:26:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=296F729EAA314D1DB5165856AC5F0422&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 10 Oct 2022 07:26:42 GMT
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=296F729EAA314D1DB5165856AC5F0422
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=296F729EAA314D1DB5165856AC5F0422
Protocol
H2
Server
2600:1f18:612b:4232:db70:d7f4:4d01:ba2d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 11 Oct 2022 07:26:42 GMT
server
Apache-Coyote/1.1
content-type
image/gif

Redirect headers

date
Tue, 11 Oct 2022 07:26:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://simplifi.partners.tremorhub.com/sync?UISF=296F729EAA314D1DB5165856AC5F0422
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 10 Oct 2022 07:26:42 GMT
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=296F729EAA314D1DB5165856AC5F0422
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=296F729EAA314D1DB5165856AC5F0422
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/png
date
Tue, 11 Oct 2022 07:26:42 GMT
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

date
Tue, 11 Oct 2022 07:26:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=296F729EAA314D1DB5165856AC5F0422
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 10 Oct 2022 07:26:42 GMT
empty.gif
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=296F729EAA314D1DB5165856AC5F0422
  • https://d.agkn.com/pixel/10751/?che=1665473202137&ip=193.27.14.10&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216633104301000709164
  • https://um.simpli.fi/aa_px?sk=216633104301000709164
  • https://um.simpli.fi/empty.gif
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43

Redirect headers

date
Tue, 11 Oct 2022 07:26:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
/empty.gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=296F729EAA314D1DB5165856AC5F0422
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=296F729EAA314D1DB5165856AC5F0422
Protocol
H2
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Redirect headers

date
Tue, 11 Oct 2022 07:26:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=296F729EAA314D1DB5165856AC5F0422
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 10 Oct 2022 07:26:42 GMT
pubmatic
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 10 Oct 2022 07:26:42 GMT
freewheel
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 10 Oct 2022 07:26:42 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=296F729EAA314D1DB5165856AC5F0422;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=296F729EAA314D1DB5165856AC5F0422;mimetype=img;sr
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-9078385104242586880
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-9078385104242586880
Protocol
H2
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:41 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp-eu-5.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-9078385104242586880
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=296F729EAA314D1DB5165856AC5F0422&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=296F729EAA314D1DB5165856AC5F0422&j=0&xl8blockcheck=1
0
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=296F729EAA314D1DB5165856AC5F0422&j=0&xl8blockcheck=1
Protocol
H2
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Tue, 11 Oct 2022 07:26:42 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=296F729EAA314D1DB5165856AC5F0422&j=0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
yahoo
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/yahoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 10 Oct 2022 07:26:42 GMT
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=296F729EAA314D1DB5165856AC5F0422
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=296F729EAA314D1DB5165856AC5F0422
Protocol
HTTP/1.1
Server
3.230.66.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-66-159.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 11 Oct 2022 07:26:42 GMT

Redirect headers

date
Tue, 11 Oct 2022 07:26:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.bfmio.com/sync?pid=141&uid=296F729EAA314D1DB5165856AC5F0422
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 10 Oct 2022 07:26:42 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=296F729EAA314D1DB5165856AC5F0422
62 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=296F729EAA314D1DB5165856AC5F0422
Protocol
H2
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 11 Oct 2022 07:26:42 GMT
content-length
62
content-type
image/gif

Redirect headers

date
Tue, 11 Oct 2022 07:26:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://stags.bluekai.com/site/29931?id=296F729EAA314D1DB5165856AC5F0422
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 10 Oct 2022 07:26:42 GMT
tpid=296F729EAA314D1DB5165856AC5F0422
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=296F729EAA314D1DB5165856AC5F0422
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=296F729EAA314D1DB5165856AC5F0422
49 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=296F729EAA314D1DB5165856AC5F0422
Protocol
H2
Server
54.216.193.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-193-48.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Tue, 11 Oct 2022 07:26:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.7.129
content-length
49
x-consent
absent

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:42 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=296F729EAA314D1DB5165856AC5F0422
cache-control
no-cache
x-server
10.45.10.106
content-length
0
expires
0
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=296F729EAA314D1DB5165856AC5F0422
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=296F729EAA314D1DB5165856AC5F0422
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires
Fri, 20 Mar 2009 00:00:00 GMT
pragma
no-cache
date
Tue, 11 Oct 2022 07:26:42 GMT
x-merge
GDPR Optout true
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"

Redirect headers

date
Tue, 11 Oct 2022 07:26:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=296F729EAA314D1DB5165856AC5F0422
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 10 Oct 2022 07:26:42 GMT
419566.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=296F729EAA314D1DB5165856AC5F0422
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/419566.gif?partner_uid=296F729EAA314D1DB5165856AC5F0422
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Tue, 11 Oct 2022 07:26:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://idsync.rlcdn.com/419566.gif?partner_uid=296F729EAA314D1DB5165856AC5F0422
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 10 Oct 2022 07:26:42 GMT
/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1665473201947&cv=7&fst=1665473201947&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=186817335&cv=7&fst=1665473201947&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cooki...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=186817335&cv=7&fst=1665473201947&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=186817335&cv=7&fst=1665473201947&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1026675585/?random=186817335&cv=7&fst=1665473201947&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=shpFY9GGAozUb57FiIgJ&cid=CAQSKQDq26N9-XrVG06W5fG2e5EsI3GKJiEHReEZLj2qzhF1sqepxSuMaKkdIBM&random=2364437785&ipr=y&prhg=0
Protocol
H3
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:42 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:42 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/1026675585/?random=186817335&cv=7&fst=1665473201947&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=shpFY9GGAozUb57FiIgJ&cid=CAQSKQDq26N9-XrVG06W5fG2e5EsI3GKJiEHReEZLj2qzhF1sqepxSuMaKkdIBM&random=2364437785&ipr=y&prhg=0
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://um.simpli.fi/spotx_match
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=296F729EAA314D1DB5165856AC5F0422
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=296F729EAA314D1DB5165856AC5F0422&__user_check__=1&sync_id=0d9380d0-4936-11ed-81fa-1ee5b9e10206
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=296F729EAA314D1DB5165856AC5F0422&__user_check__=1&sync_id=0d9380d0-4936-11ed-81fa-1ee5b9e10206
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 07:26:42 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
10
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Tue, 11 Oct 2022 07:26:42 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=7797&uid=296F729EAA314D1DB5165856AC5F0422&__user_check__=1&sync_id=0d9380d0-4936-11ed-81fa-1ee5b9e10206
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
113
Connection
keep-alive
Content-Length
0
setuid
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=296F729EAA314D1DB5165856AC5F0422
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=66&code=296F729EAA314D1DB5165856AC5F0422
Protocol
HTTP/1.1
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:42 GMT
AN-X-Request-Uuid
9da984d8-7b34-4bfa-a7c3-f0c66d15f607
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date
Tue, 11 Oct 2022 07:26:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ib.adnxs.com/setuid?entity=66&code=296F729EAA314D1DB5165856AC5F0422
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 10 Oct 2022 07:26:42 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=296F729EAA314D1DB5165856AC5F0422&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=296F729EAA314D1DB5165856AC5F0422&expires=365
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 11 Oct 2022 07:26:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=296F729EAA314D1DB5165856AC5F0422&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 10 Oct 2022 07:26:42 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=296F729EAA314D1DB5165856AC5F0422
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=296F729EAA314D1DB5165856AC5F0422
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 11 Oct 2022 07:26:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=296F729EAA314D1DB5165856AC5F0422
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 10 Oct 2022 07:26:42 GMT
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEFsuu4rNF0xlAkv3FUlDOb0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=296F729EAA314D1DB5165856AC5F0422
  • https://um.simpli.fi/g_match?id=
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Mon, 10 Oct 2022 07:26:42 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://um.simpli.fi/g_match?id=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame D3A8
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_device_id=dcbb7b69-5170-41ad-b669-c8c1aae0db87=&partner_id=3337
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=dcbb7b69-5170-41ad-b669-c8c1aae0db87=&partner_id=3337
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=dcbb7b69-5170-41ad-b669-c8c1aae0db87=&partner_id=3337
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/container-1.0.html
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resources.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/png
date
Tue, 11 Oct 2022 07:26:42 GMT
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=dcbb7b69-5170-41ad-b669-c8c1aae0db87=&partner_id=3337
date
Tue, 11 Oct 2022 07:26:42 GMT
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 795E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
41150
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 10 Oct 2022 20:00:52 GMT
expires
Tue, 10 Oct 2023 20:00:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FE4F 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
95cad8180ece1b86a94589c2cb685a2dd04488a3100f9dad74d9206016fb7b97
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eoSuD1ZjFqetpYjNFAry_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-eoSuD1ZjFqetpYjNFAry_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 07:26:42 GMT
expires
Tue, 11 Oct 2022 07:26:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cors
data.ad-score.com/data/ Frame 4315 		1 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=otgoVdnHWXLlXWrXujBSWxjuTHTEDWWG-FE7fPshldVrlKDwb3nLLG0rAPA==-E0zHOclmblbiMg==&pm_ct=c0105db3bfba3a686a9f3325&pm_pl=1665473200681&pm_td=1349&pid=1000449&en=1.1&callback=__pm_glbl_1nj84NuI5zY2RYfB39umccKS._gc6&tt=g&v=e30e479
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000449&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.nhradiv3.com
Date
Tue, 11 Oct 2022 07:26:42 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/CUHVY3OLUVBZPJTAWUVLYM/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
784 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Server
2600:9000:225e:c200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-Amz-Version-Id
U3dsSGRYl2soVpEEAxBIaMUfj33DKRpK
Date
Tue, 11 Oct 2022 04:55:53 GMT
Via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
Age
9051
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Wed, 21 Sep 2022 22:19:29 GMT
Server
AmazonS3
Etag
"5816cced8568d223aa09d889f300692b"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
3eEm7zFrDx_2BJRX9ZeCVR8ocGcxwQSUUtIQfUHZT6a3DSIj0Wqctw==

Redirect headers

Date
Mon, 10 Oct 2022 22:54:29 GMT
Via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
Age
30732
X-Amz-Cf-Pop
FRA60-P4
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
jnxnYtFPF4OVI3uM0fQmH6TWjWBPrY3t4Lg87p--2WnRoHsQq2F6zg==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/CUHVY3OLUVBZPJTAWUVLYM/GGGXQ77VW5D5LL7AURJNOI/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Server
2600:9000:225e:c200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date
Tue, 11 Oct 2022 02:43:11 GMT
Via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
Age
17017
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
BRID5fb03tH_bqVNW861HsIvtx40HxqxTk84TzmK88PsF49FkSNWbw==

Redirect headers

Date
Tue, 11 Oct 2022 04:14:07 GMT
Via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
Age
11555
X-Amz-Cf-Pop
FRA60-P4
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
VhqvsD-gAmWhOnp-Zx7uryeoRRsHahF66jlcaoIn_PdLt5jfqM-RRg==
index.js
s.adroll.com/j/pre/CUHVY3OLUVBZPJTAWUVLYM/GGGXQ77VW5D5LL7AURJNOI/ 		0
808 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/CUHVY3OLUVBZPJTAWUVLYM/GGGXQ77VW5D5LL7AURJNOI/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:c200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-Amz-Version-Id
TgzwTQMXzyTsNM_af6fgVpMSLG.TZr_r
Date
Tue, 11 Oct 2022 07:26:42 GMT
Via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
Age
543
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Thu, 06 Oct 2022 00:00:09 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
8nGJNhde_yk7UuTx07RrD-QcrlPUThIx1AOxUeAji0WSjnXtcjhNlg==
generate_204
tpc.googlesyndication.com/ Frame 72F9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?QuRaVQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame FE4F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022100501&jk=1757600911034922&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
YGBXjHGFrvOS8X60wpRSOm_fLYxf6hdhmLaY3J7KaRQ.js
pagead2.googlesyndication.com/bg/ Frame 795E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YGBXjHGFrvOS8X60wpRSOm_fLYxf6hdhmLaY3J7KaRQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6060578c7185aef392f17eb4c294523a6fdf2d8c5fea176198b698dc9eca6914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 19:58:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41296
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16102
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Oct 2023 19:58:26 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4315 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjriqigSK76kz8XEcUw9skc_SE1NWJRZkFBdW8KVgXdiJbu-bWCnOkRljljnoJLo_7Q7Rd07Gvb8ZQWtPwCNi40IYlQe0ySRsMhUx1hUYc90VJEDq66K17NFBVdAM9pidTRpeuQa1B5gKljdSaaUY1oaCq5ufiwd-OEvbIC2GT_lkzP33Ya4BWuDPYMhOBVs2wdhwOd8H6iLQIhreyRVRFNNoUtrUosvFCB9n9TL7U6QguNVEw85468bJkyoeYhBhhmglz2Nb6-KWDGDuxpuGGSjFlGbb5GdrjxgAbVFrVXdZMCcnDzUZcFbVsPgTT-OkZpe2mCt26II9uRpCMjE70AHNlDfyXL-A&sai=AMfl-YRKcY6LIbB2n7uXipHXjPPjH0-P5doru3JBIxBy7k4wwDDVmOrPYTOsNpYhRZ2evFVHCJagVMJ75Htoc0mzZ74aTipOYt_SI8koffc8-_Ii5yD087oQ4oPHCS_X_V0EVsD89g&sig=Cg0ArKJSzP2UV-75eZyBEAE&id=lidar2&mcvt=1001&p=4,0,94,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221010&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1260507949&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665473200353&rpt=725&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 795E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?izV5Zw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
CUHVY3OLUVBZPJTAWUVLYM
d.adroll.com/consent/check/ 		449 B
542 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/CUHVY3OLUVBZPJTAWUVLYM?arrfrr=https%3A%2F%2Fwww.nhradiv3.com%2F&_s=eb0f47dc1001c746826335b5497326fc&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.200.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-200-155.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
a27b468a2df8a5bde60b849ac90200941abca02ff82b5c2d2db1ee4b63d2805c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
server
nginx/1.20.0
content-length
449
content-type
application/javascript
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=rkga&k=ZQl3d2gJYQkyMzMwCWQJZXUtd2VzdC0xYgloCWktMDU5MGU2MTRhYjJlMmU1MWQJdQljOTM3YWU2ZC02MGUxLTQ4N2UtOTE1Yy03ZTI3MmFiMjIwNjYJdgk5MWFhZjRiOS0yMTAwLTRhZGYtOGQxMi1jYWM2ZTczMTE0MmYJdmwJMjAyMjEwMTEuMDY0MAl2dAkyMDIyMTAxMS4wNjQwCXZzCTIwMjEwNTA1CXZjCTIwMjIwNDI5CXN0CTIwMjIxMDExLjA3MjY0MAlpCWUyMWQ1NjY3LTk3MWEtNDEzYS1iN2RkLTI2MDUyNzczYzgwNAlmCWh0dHBzOi8vd3d3Lm5ocmFkaXYzLmNvbS8JcQk3YWY0OTJhZi0zYzJiLTQ1MjYtOTU5ZS1kNTA2ZGE3ZjFiNTkJbQkyMjM0MgliCTI2MglnCTQxMAl0CTYwODAJYwk2MTM2CWwJMjEwNDYJegkyMDA4OQlzCTcwOTMJcAkyMzA2Ngl3CWVudGVydGFpbm1lbnQJY3MJSUFCMQljegkJZ2MJREUJZ3IJSEUJZ2QJZmFsc2UJZ24JQ29ycG9yYXRlCW5lCWl2CW5kCWl2CXNkCW5ocmFkaXYzLmNvbQlzZQkzMjQzOTAzMTY2CW1jCTEwMTIyNDUJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgk0NTE1CXZuCTE4ODgwODcJdnAJMQl2ZwlwcgljaQk3MWJiYjIwNy0xNGI0LTNiY2QtYTJlNC1mNzFjMzdkMGU4YmUJY3AJcGQJdnYJMjAyMjA4MTZfMTkxOTpwZDFfaHRtbDU6My41MzguMAl3dAk1MTgJd3doCWJpZGRlcjpub25lLGNwbTowCWFkVGFnCS8vYS5qc3Jkbi5jb20vcHJlYmlkL3RhZ3MvcDIzMDY2LWRzLWRlc2t0b3AuanNvbj9hY2E9MSZlbnYuc2Q9bmhyYWRpdjMuY29tJmVudi5nYz1ERQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:42 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 978E 		380 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ds_vplayer_detached.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10ab3f3fd4aec35a9f26e104e9a33b7dc6a2e09dc7a27a718daf8c40ad3c7740
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129615
x-xss-protection
0
expires
Tue, 11 Oct 2022 07:26:42 GMT
191231-96143263832481.js
js-sec.indexww.com/ht/p/ Frame 978E 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/191231-96143263832481.js
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ds_vplayer_detached.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-248.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3eb6b450e09da3c00ba344a44a690b004402dc62ddf0d3cf3bbdec5ab33310e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 07:26:42 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2022 07:06:50 GMT
Server
Apache
ETag
"da3fe3-930a-5eabceb95fa3c"
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2434
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12789
Expires
Tue, 11 Oct 2022 08:07:16 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=sops&k=ZQl3ZQlhCTIzNTMJZAlldS13ZXN0LTFiCWgJaS0wNTkwZTYxNGFiMmUyZTUxZAl1CWM5MzdhZTZkLTYwZTEtNDg3ZS05MTVjLTdlMjcyYWIyMjA2Ngl2CTkxYWFmNGI5LTIxMDAtNGFkZi04ZDEyLWNhYzZlNzMxMTQyZgl2bAkyMDIyMTAxMS4wNjQwCXZ0CTIwMjIxMDExLjA2NDAJdnMJMjAyMTA1MDUJdmMJMjAyMjA0MjkJc3QJMjAyMjEwMTEuMDcyNjQwCWkJZTIxZDU2NjctOTcxYS00MTNhLWI3ZGQtMjYwNTI3NzNjODA0CWYJaHR0cHM6Ly93d3cubmhyYWRpdjMuY29tLwlxCTdhZjQ5MmFmLTNjMmItNDUyNi05NTllLWQ1MDZkYTdmMWI1OQltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNjA4MAljCTYxMzYJbAkyMTA0Ngl6CTIwMDg5CXMJNzA5MwlwCTIzMDY2CXcJZW50ZXJ0YWlubWVudAljcwlJQUIxCWN6CQlnYwlERQlncglIRQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJbmhyYWRpdjMuY29tCXNlCTMyNDM5MDMxNjYJbWMJMTAxMjI0NQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTQ1MTUJdm4JMTg4ODA4Nwl2cAkxCXZnCXByCWNpCTcxYmJiMjA3LTE0YjQtM2JjZC1hMmU0LWY3MWMzN2QwZThiZQljcAlwZAl2dgkyMDIyMDgxNl8xOTE5OnBkMV9odG1sNTozLjUzOC4wCXd0CTUxOAl3ZQlbd2VdIGVycm9yOk5vIHZhbGlkIGJpZHMgcmVjZWl2ZWQJYWRUYWcJLy9hLmpzcmRuLmNvbS9wcmViaWQvdGFncy9wMjMwNjYtZHMtZGVza3RvcC5qc29uP2FjYT0xJmVudi5zZD1uaHJhZGl2My5jb20mZW52LmdjPURF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:42 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
minimal.mp4
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/pd1_html5/ Frame 978E 		843 B
988 B 		Media
General
Check archive.org
Download Go to
Full URL
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/pd1_html5/minimal.mp4
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer
https://www.nhradiv3.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
last-modified
Tue, 16 Aug 2022 19:19:27 GMT
etag
"1660677567"
x-hw
1665473202.dop218.lo4.t,1665473202.cds326.lo4.hn,1665473202.cds247.lo4.c
content-type
video/mp4
Content-Range
bytes 0-842/843
cache-control
max-age=45650
accept-ranges
bytes
Content-Length
843
headerstats
as-sec.casalemedia.com/ Frame 978E 		0
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=476694&u=https%3A%2F%2Fwww.nhradiv3.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/191231-96143263832481.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkGJEr5LejO0ARl7NoZCvlJpkS8BEBl4Vk2qkapPw6N%2BZ66O6iYeLcZbqOAvek%2Fe0s3BGv2dz9gEhQ0DNs4hjTgn84mpExeypEYc4OkKKougrv4SPuRw6CLeoz8gonfyq%2FoD52xda%2Bo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.nhradiv3.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7585de7b1d43d4fe-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
bridge3.538.0_en.html
imasdk.googleapis.com/js/core/ Frame 6071 		687 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.538.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f45c8486e50b0bb2fbc647301b45bd39a54beeb23a28e0f0d53048daebbb3868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
410272
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Oct 2022 13:28:50 GMT
expires
Fri, 06 Oct 2023 13:28:50 GMT
last-modified
Thu, 06 Oct 2022 13:26:08 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 978E 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Oct 2022 07:26:42 GMT
p23066-ds-desktop-os.json
a.jsrdn.com/prebid/tags/os/ Frame 978E 		12 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/prebid/tags/os/p23066-ds-desktop-os.json?aca=1&env.sd=nhradiv3.com&env.gc=DE&env.se=3243903166
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
ffaa2aed5c7db3e8173c1d27de726b447707cbb6b7852f131cce65f595a7c2ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
gzip
last-modified
Tue, 11 Oct 2022 06:42:34 GMT
etag
"1665470554"
access-control-max-age
3600
x-hw
1665473202.dop062.lo4.t,1665473202.cds300.lo4.hn,1665473202.cds074.lo4.c
content-type
application/json
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
cache-control
max-age=85132
access-control-allow-credentials
true
access-control-allow-origin
https://www.nhradiv3.com
accept-ranges
bytes
content-length
1618
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=56ij&k=ZQl3YQlhCTI1MjQJZAlldS13ZXN0LTFiCWgJaS0wNTkwZTYxNGFiMmUyZTUxZAl1CWM5MzdhZTZkLTYwZTEtNDg3ZS05MTVjLTdlMjcyYWIyMjA2Ngl2CTkxYWFmNGI5LTIxMDAtNGFkZi04ZDEyLWNhYzZlNzMxMTQyZgl2bAkyMDIyMTAxMS4wNjQwCXZ0CTIwMjIxMDExLjA2NDAJdnMJMjAyMTA1MDUJdmMJMjAyMjA0MjkJc3QJMjAyMjEwMTEuMDcyNjQwCWkJZTIxZDU2NjctOTcxYS00MTNhLWI3ZGQtMjYwNTI3NzNjODA0CWYJaHR0cHM6Ly93d3cubmhyYWRpdjMuY29tLwlxCTdhZjQ5MmFmLTNjMmItNDUyNi05NTllLWQ1MDZkYTdmMWI1OQltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNjA4MAljCTYxMzYJbAkyMTA0Ngl6CTIwMDg5CXMJNzA5MwlwCTIzMDY2CXcJZW50ZXJ0YWlubWVudAljcwlJQUIxCWN6CQlnYwlERQlncglIRQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJbmhyYWRpdjMuY29tCXNlCTMyNDM5MDMxNjYJbWMJMTAxMjI0NQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTQ1MTUJdm4JMTg4ODA4Nwl2cAkxCXZnCXByCWNpCTAwM2E4ZDUyLWYzYTktOTRmNC00ZTRkLWVjZjgyM2MwNmUwNwljcAl0ZAl2dgkyMDIyMDgxNl8xOTE5OnBkMV9odG1sNTozLjUzOC4wCXd0CTcwOQlhZFRhZwkvL2EuanNyZG4uY29tL3ByZWJpZC90YWdzL29zL3AyMzA2Ni1kcy1kZXNrdG9wLW9zLmpzb24_YWNhPTEmZW52LnNkPW5ocmFkaXYzLmNvbSZlbnYuZ2M9REUmZW52LnNlPTMyNDM5MDMxNjY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:42 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid.json
reachms.bfmio.com/ Frame 978E 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reachms.bfmio.com/bid.json?exchange_id=3c9cb0ab-4555-4bb2-c02a-e13f487c95ab
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.84.56.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-84-56-220.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nhradiv3.com
date
Tue, 11 Oct 2022 07:26:42 GMT
access-control-expose-headers
location
access-control-allow-credentials
true
vary
Origin
expires
Thu, 01 Jan 1970 00:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 978E 		36 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=859575&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22325bfb19389b45%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.nhradiv3.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.nhradiv3.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%226.29.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.nhradiv3.com%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22469f8d52d3b7b9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22859575%22%2C%22sid%22%3A%22640x480%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fogg%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A60%2C%22playerSize%22%3A%5B%5B640%2C480%5D%5D%2C%22linearity%22%3A1%2C%22startdelay%22%3A0%2C%22placement%22%3A3%2C%22w%22%3A640%2C%22h%22%3A480%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22distroscale.com%22%2C%22sid%22%3A%223243903166%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e028311dfa947caaab7d59ce535b7a7557ed0ada0692862a20987e934bf816

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejuFry%2BobtaaGa91OUOHK2bUuP5Hv8OQdzkRKXzbLcsMtDWW2W6VzfQddLVZJ9hs%2BmcDFn0eq8uZ4VVUCaW8vBpAxjwl0FZMZW3wmtOA%2Bkd92Mlx7x%2BmKO8NmMHTLSt54Gq%2FiBAG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.nhradiv3.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7585de7b9e4cbbfe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 978E 		173 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.34.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-34-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
af961d5af0618c1a63864bde4f25b67b83150cc1430d3f4bfb6f7d6e197f42a3

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
gzip
x-prebid
pbs-java/1.101.0
content-type
application/json
access-control-allow-origin
https://www.nhradiv3.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
avjp
distroscale-d.openx.net/v/1.0/ Frame 978E 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://distroscale-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.nhradiv3.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6881cca8-54b8-4a93-b342-043a41d01b3f&nocache=1665473202470&schain=1.0%2C1!distroscale.com%2C3243903166%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A640%2C%22h%22%3A480%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fogg%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22api%22%3A%5B2%5D%2C%22maxduration%22%3A60%2C%22linearity%22%3A1%2C%22minduration%22%3A0%2C%22startdelay%22%3A0%2C%22placement%22%3A3%7D%7D%5D%7D&auid=557556880&vwd=640&vht=480&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fogg%2Cvideo%2Fwebm%2Capplication%2Fjavascript
Requested by
Host: www.nhradiv3.com
URL: https://www.nhradiv3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:42 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.nhradiv3.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=g27s&k=ZQl3d2EJYQkyNTMzCWQJZXUtd2VzdC0xYgloCWktMDU5MGU2MTRhYjJlMmU1MWQJdQljOTM3YWU2ZC02MGUxLTQ4N2UtOTE1Yy03ZTI3MmFiMjIwNjYJdgk5MWFhZjRiOS0yMTAwLTRhZGYtOGQxMi1jYWM2ZTczMTE0MmYJdmwJMjAyMjEwMTEuMDY0MAl2dAkyMDIyMTAxMS4wNjQwCXZzCTIwMjEwNTA1CXZjCTIwMjIwNDI5CXN0CTIwMjIxMDExLjA3MjY0MAlpCWUyMWQ1NjY3LTk3MWEtNDEzYS1iN2RkLTI2MDUyNzczYzgwNAlmCWh0dHBzOi8vd3d3Lm5ocmFkaXYzLmNvbS8JcQk3YWY0OTJhZi0zYzJiLTQ1MjYtOTU5ZS1kNTA2ZGE3ZjFiNTkJbQkyMjM0MgliCTI2MglnCTQxMAl0CTYwODAJYwk2MTM2CWwJMjEwNDYJegkyMDA4OQlzCTcwOTMJcAkyMzA2Ngl3CWVudGVydGFpbm1lbnQJY3MJSUFCMQljegkJZ2MJREUJZ3IJSEUJZ2QJZmFsc2UJZ24JQ29ycG9yYXRlCW5lCWl2CW5kCWl2CXNkCW5ocmFkaXYzLmNvbQlzZQkzMjQzOTAzMTY2CW1jCTEwMTIyNDUJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgk0NTE1CXZuCTE4ODgwODcJdnAJMQl2ZwlwcgljaQkwMDNhOGQ1Mi1mM2E5LTk0ZjQtNGU0ZC1lY2Y4MjNjMDZlMDcJY3AJdGQJdnYJMjAyMjA4MTZfMTkxOTpwZDFfaHRtbDU6My41MzguMAl3dAk3MDkJd3dhCWJpZGRlcjpiZWFjaGZyb250LW9zfGl4LW9zfHJ1Ymljb24tb3N8b3Blbngtb3MJYWRUYWcJLy9hLmpzcmRuLmNvbS9wcmViaWQvdGFncy9vcy9wMjMwNjYtZHMtZGVza3RvcC1vcy5qc29uP2FjYT0xJmVudi5zZD1uaHJhZGl2My5jb20mZW52LmdjPURFJmVudi5zZT0zMjQzOTAzMTY2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:42 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
Dg-zvGCDr50.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ Frame 0ED6 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/Dg-zvGCDr50.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
16aa6fa9cafd57e49fdc06346467d51a96cd4852d0a40dd7a29785ed62a9a23d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
DtHBJj7lYovCW0pvzIZHsg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4957
x-fb-rlafr
0
x-fb-debug
2dDtuRcd97cve7G01x0TTz4gRyCYoE3i6E6mZ3M/okLtVIg1nt+hjUjUX3P0ieSxJIfzrGbbusq6tG4FfxP5kw==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 10 Oct 2023 15:08:50 GMT
2qJRjrlwTog.css
static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/ Frame 0ED6 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/2qJRjrlwTog.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eaca0fb0be4c00a5add8575e92bddc641057ee578b8c75641cf8c36018543142
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
lGfaiydoxOwSQubOhXstPA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4581
x-fb-rlafr
0
x-fb-debug
YrBROSo40EnUbtLhb4VWwTSj2F4WD/XWOpTZ4r6b6ZhmXbeXNYsvHL2ruCWGSNBg5m1EJZksUM0vy8HvNo2idg==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 30 Sep 2023 17:30:29 GMT
5d4eZbVHxAY.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ Frame 0ED6 		2 KB
1021 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/5d4eZbVHxAY.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qp62alFG777So/ro/wbkaA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
829
x-fb-rlafr
0
x-fb-debug
vSjYciL2qABDsh1QHF0cHcJxUaOkjAL01NN70G+Z5cFdyGD175dQFMO+QqIxrGDYq5k0dWXcRNnduEH7wmWJLA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 05 Oct 2023 15:32:30 GMT
Po6DZYgATVU.js
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame 0ED6 		322 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/Po6DZYgATVU.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4889509b33a1f28a706f744883f0dbbc6a07df7df4ab6298d89665a5614f4aba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
S8+GVWFpgfgRVt/D5tI75w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88915
x-fb-rlafr
0
x-fb-debug
78bzOK+SxXECeaen8wYrAPiObhuUhWK8Osupqhn/NiLg3vVNBdmoHnOSlIQ+06sxe9KfB6/fdBLyDyCffm7FSg==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 11 Oct 2023 00:33:10 GMT
WOLN5pzG8JN.js
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame 0ED6 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/WOLN5pzG8JN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cebc7a80f5ac30f4c8c7e298fe437356fb12ea8a2d639fb0945e985969ca90ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
7yLS2P1qnNtFYRYaR3NAgQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
12270
x-fb-rlafr
0
x-fb-debug
X/R2iFn7gBoXxWlj8vS5vxsHRW6Xs3O0fh5FW+NFNJeJgg2egMdgag5aU6Z/VgjnYaLZVrO/FaXSq14Qa+H6xg==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 04 Oct 2023 07:24:22 GMT
q6VzhXzzuec.js
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ Frame 0ED6 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/q6VzhXzzuec.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4ba8f26f2981d7e02030eaff9c6869eedd2de20e9d261dae7bcb8535f84d7b50
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
vtbxyXN1YCqPhJgBCTQobw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
16189
x-fb-rlafr
0
x-fb-debug
YXh7IXH3eyO2Oz2RCR0sZZeCiyTQW5FUORw30p6ThoBv4MO9UzNDGt5lhcGu4YE41k/D6PfibFu7W8pGltmEfQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 30 Sep 2023 02:46:31 GMT
5_SUQAbK5E-.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yd/l/en_US/ Frame 0ED6 		83 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yd/l/en_US/5_SUQAbK5E-.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ca87ed3e3483f6943adebcc7bdebf198e6d5b2e0bdaa01ca1bec9338c3dd7c3a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
rbFLrmPjIRBvUP8rCAZ+Xg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
23347
x-fb-rlafr
0
x-fb-debug
oQlEbG9JxAEnoidCDsNKAVQsTeqkrk++tvauADKAE3Z4HhBYgEGX/fxQ+U4AnF+WlKLaFQbjSblkI9ttG9hWpA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1,i
expires
Sat, 07 Oct 2023 17:36:18 GMT
iiDbYMCPtB3.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame 0ED6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/iiDbYMCPtB3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4c01bda88c70f4508fe21057233d32a63b91052cac425a9027a1f930866d4e33
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Uz/0UZ4sf3f6xy7wRFf48w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1657
x-fb-rlafr
0
x-fb-debug
pF6EwBrotHVthVuyUeJQ5W2qLrPAmpvOMOXuTC0TEzuAF9hpvi/A+ng7t8YNIy4q4pYTVVBD9lcKOgj7FUjnUQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 08 Oct 2023 20:15:36 GMT
cW4xeH6kBL9.js
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ Frame 0ED6 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/cW4xeH6kBL9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
82daa5ee932366c92aa98d1394cb275ca0052cdabbd4f0329ba76c8c6799419d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4+41KP9AMxGEqT98s1EAAQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7298
x-fb-rlafr
0
x-fb-debug
kAJtqS99JnQ3szeSx+jwWjvaGqmSWd5n+nkA30dMDsX+bTAgeBNEh6gRLOqSgM4D31Ge8/hv+s9iUZxLDoeJiQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 10 Oct 2023 15:09:36 GMT
POn0OhPkTde.js
static.xx.fbcdn.net/rsrc.php/v3/yK/r/ Frame 0ED6 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yK/r/POn0OhPkTde.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
58ec48e97331b23e6812cd4e9f7b4361792963c8d4c4a24d431fec6304d7ebce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
lwmFLAouFmxK5d1noLbNIg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
6099
x-fb-rlafr
0
x-fb-debug
LI0QmcijOpLzLDfrxGbi4eTtVSIk9cZynL6ptY4qTcIuIcWSsbHW4AaN5j7fTzVBkArfmW3UpLYLCKTzA6tpkw==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 10 Oct 2023 15:09:36 GMT
1lYRIUv3fB9.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 0ED6 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/1lYRIUv3fB9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
faf79cb9e29372a0c931d3c576f286c1ae40f22a5c24c089ab51e06685775660
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5PIhxmQubFGcokYgJ6FXEg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7237
x-fb-rlafr
0
x-fb-debug
HXVt9TU0MRe0Z52hKhRt6/80UErcTdXn6/D42TP7d7hlqoWCQxplCyjtDI0udgEN25TTd4XzlCLmfhSYFe5rog==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 30 Sep 2023 02:46:31 GMT
irCgPB7CJbM.js
static.xx.fbcdn.net/rsrc.php/v3iLl54/yL/l/en_US/ Frame 0ED6 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yL/l/en_US/irCgPB7CJbM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
688c6682aaecc286cace7203222da7ecb12375f4be079315082da50c7e461fc1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
44RU101IiCxtOOhee+gWpA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
8360
x-fb-rlafr
0
x-fb-debug
2bWEEvwjlpqUnhLdb0cpaFcl/g5EsfRJ6X6np1X3LFoN6MiN9oUhElj3lcf58Ls8xSC/L1CAE/1epYVQQGYMHQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 30 Sep 2023 02:46:31 GMT
AIP4IIfacYm.js
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame 0ED6 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/AIP4IIfacYm.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b7cd53cdc07547dca816c9adea434b071d4b0698cd4bcf807c2cb1e63c646f71
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
LkE47MZwYTngAK1Z7uN+JQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
8953
x-fb-rlafr
0
x-fb-debug
7xGXZrUPUUEjlBssn6SOAT5HKHwR9xZPaMmpKk4uXFStrZ8E4Z/e2vqUsYILeQe3o9xpskqqY7xD5WGE/LaQ3A==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1,i
expires
Sun, 08 Oct 2023 00:26:54 GMT
SixM03AXEw8.js
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame 0ED6 		584 B
530 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/SixM03AXEw8.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e05e1947b97d645f4408f770bc810f726e4557b616bd7334a3d6e7515963af1f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
+C2PYVokhPDFxOTg9V6LXQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
336
x-fb-rlafr
0
x-fb-debug
s27AqaDR7s05VVkVXi4Wx7WwlHDqwvroZcSXvQC/B7G3vGEm/9llQplX7RVhr0earN+SOWorlv+1JLNv2Sf9jA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 01 Oct 2023 05:58:48 GMT
6NWFpg-EZsH.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame 0ED6 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/6NWFpg-EZsH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
89ac04739a9b5dbb57db5daf5f4646f2cbbe1617cc1a94f589c024c8ab9e241b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
pNgXpXvKpdXXglRo+T0umg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
16319
x-fb-rlafr
0
x-fb-debug
C1HGnHHBq+fNFQ33wWv3dm8eSoS1P+dMLFYucbTFVMP1P0o/K69N+VgXj37CwTLc0w5idilXdDGEEMskoamVEg==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 30 Sep 2023 04:49:16 GMT
Nq8nSHiYqQL.js
static.xx.fbcdn.net/rsrc.php/v3iEBX4/yy/l/en_US/ Frame 0ED6 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEBX4/yy/l/en_US/Nq8nSHiYqQL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5e4a359f6a75eb1d6d2bfeeb9eec2cceb8542ef7e06e075fb5eff08e15b91acf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
joQSUQB8cu0bNGohvXNU8w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
8449
x-fb-rlafr
0
x-fb-debug
b9m10vui5Pv/OP9m2IByHF5lrjcucHy2GmXgwKGNxNIggIN6pzQBajxcJ8CxCROo0amR104Z3+5yWTWQz9WaeQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 30 Sep 2023 04:55:15 GMT
CQlBeOnkWyU.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 0ED6 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/CQlBeOnkWyU.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
571d45abc44429e513c9497298c9440a02f2130cbce5bd2ddc15b059ccbf89af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
7WDRNMxU/WgXPYFtgx1s9A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5514
x-fb-rlafr
0
x-fb-debug
NU/90GMYFzVD3fwHP5E8YRJJXYWk0LhcN86sTOI1N8NUxUoNIlbhwr88ixBtQTBqnTUJWw7D/h7tnijgC8yBAg==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 06 Oct 2023 15:56:04 GMT
kllmdWKFTV2.js
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ Frame 0ED6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/kllmdWKFTV2.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
665b576bb6ec0b57622637f11b20028288c6318d06180e45a4722cf293c832ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ClkWV45qMGlOgeGq7blemQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1285
x-fb-rlafr
0
x-fb-debug
4Ny/DOaipQnCWBBsNmGtaD28p2jda991WaVNwqy6tScwSPlVjuNY7SeiLo572/RIDQGhK7meNukMWwKH4tOF0w==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 30 Sep 2023 04:49:16 GMT
308788523_520386110089583_2907720265567543101_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t39.30808-6/ Frame 0ED6 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-2.xx.fbcdn.net/v/t39.30808-6/308788523_520386110089583_2907720265567543101_n.jpg?stp=dst-jpg_s526x296&_nc_cat=101&ccb=1-7&_nc_sid=dd9801&_nc_ohc=UlTGJs9LmFEAX91uOt3&_nc_ht=scontent-frt3-2.xx&edm=AGggysMEAAAA&oh=00_AT9RGa8CBUVX9PxRXke5Qj-Kh5OKJUTeYTs61l1j0k6Y1w&oe=63494D53
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bc74a8c9acd7b3d25a0e79efcf37b1cddbdeef3cde338e5a8e487b012daea8da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-haystack-needlechecksum
381769955
date
Tue, 11 Oct 2022 07:26:42 GMT
x-fb-trip-id
686109401
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Mon, 26 Sep 2022 19:16:26 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1995386955
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3333176251
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
24835
162528649_129499445844920_4183381313066709972_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/ Frame 0ED6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/162528649_129499445844920_4183381313066709972_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=105&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=L6e6A4s6FcUAX_rwd3Q&_nc_ht=scontent-frx5-1.xx&edm=AGggysMEAAAA&oh=00_AT8dCUxM-R_Q4x3vIAMG4M5qpgTsFrV-Sqc275dBzZoOqA&oe=6369B68F
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9b73ce322de806369e6127542882897aaf57d5f74ddeace9639752da86343937

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-haystack-needlechecksum
3167997119
date
Tue, 11 Oct 2022 07:26:42 GMT
x-fb-trip-id
917726464
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Sat, 20 Mar 2021 12:13:56 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=458435845
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1479765428
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
2160
310266526_532406775554183_787478383015264156_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t39.30808-6/ Frame 0ED6 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frx5-1.xx.fbcdn.net/v/t39.30808-6/310266526_532406775554183_787478383015264156_n.jpg?stp=dst-jpg_p130x130&_nc_cat=110&ccb=1-7&_nc_sid=8024bb&_nc_ohc=kwSJr_I1HMUAX9J18t9&_nc_ht=scontent-frx5-1.xx&edm=AGggysMEAAAA&oh=00_AT9LVJBP9WK1gM25qYn9mcBuT6WggrBXrAA5w5e-T1HbvA&oe=634A5F03
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a8469d54de753d0d34184e3c351f43fc0898e55fcafceae4a1e7f9708d65553f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-haystack-needlechecksum
3669301612
date
Tue, 11 Oct 2022 07:26:42 GMT
x-fb-trip-id
917726464
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Sun, 09 Oct 2022 15:04:59 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2538164022
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4167477628
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
9921
310773520_531910582270469_5228323974969478301_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t39.30808-6/ Frame 0ED6 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-2.xx.fbcdn.net/v/t39.30808-6/310773520_531910582270469_5228323974969478301_n.jpg?stp=dst-jpg_p235x165&_nc_cat=103&ccb=1-7&_nc_sid=8024bb&_nc_ohc=TBQqAmwzsL8AX-I9V_a&_nc_ht=scontent-frt3-2.xx&edm=AGggysMEAAAA&oh=00_AT9ta1LmAM3-e5kYNmqbejlZqD6p9ghsz6GGqV5MFB7L7A&oe=6349EF78
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1ef3f69f8a075599b94a919bc7fe788bd04007d9eaee72ed385ad2d74f774ab8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-haystack-needlechecksum
1004695582
date
Tue, 11 Oct 2022 07:26:42 GMT
x-fb-trip-id
686109401
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Sun, 09 Oct 2022 03:20:21 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1497746125
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1938003757
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
18609
truncated
/ Frame 0ED6 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
310267174_531742332287294_1833758401178596904_n.jpg
scontent-frt3-1.xx.fbcdn.net/v/t39.30808-6/ Frame 0ED6 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-1.xx.fbcdn.net/v/t39.30808-6/310267174_531742332287294_1833758401178596904_n.jpg?stp=dst-jpg_p118x90&_nc_cat=104&ccb=1-7&_nc_sid=8024bb&_nc_ohc=PT4_sNEK65EAX9BRStl&_nc_oc=AQllSc4ej1uu09MbeSBoVjLvlwnRopweQMxhJLAmLcyiwyhjA1PJ0F5byxGZczXQvFkXUqpE4w3LPiI-hBIFuF4U&_nc_ht=scontent-frt3-1.xx&edm=AGggysMEAAAA&oh=00_AT9nK_pZhMAwrFFXFhuPO_AT8YfhNHhACKjKRwhng1ABsw&oe=634A33DD
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
01ff58a54c4b3d018ad5a03373dc771769293669b06df3ca8aafa2ff5d1586fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-haystack-needlechecksum
2565362191
date
Tue, 11 Oct 2022 07:26:42 GMT
x-fb-trip-id
686109401
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Sat, 08 Oct 2022 22:32:20 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1371433501
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3125486490
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
3781
310226595_531745845620276_2980860985584254330_n.jpg
scontent-frt3-1.xx.fbcdn.net/v/t39.30808-6/ Frame 0ED6 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-1.xx.fbcdn.net/v/t39.30808-6/310226595_531745845620276_2980860985584254330_n.jpg?stp=cp1_dst-jpg_p118x118&_nc_cat=104&ccb=1-7&_nc_sid=8024bb&_nc_ohc=GR8x7JNInSYAX_lBaNf&_nc_ht=scontent-frt3-1.xx&edm=AGggysMEAAAA&oh=00_AT9h7Ec6Aa1tGymtBuhpK630n4IWw0JtDDXdZ8fD7XbCeg&oe=634A9275
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bf24e6b91790fe431ac197de3245922f64ae9ff253297d6993b24082c1451b69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-haystack-needlechecksum
3795914781
date
Tue, 11 Oct 2022 07:26:42 GMT
x-fb-trip-id
686109401
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Sat, 08 Oct 2022 22:39:29 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=68964773
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1494692015
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7642
309716701_531745938953600_6653679679021264897_n.jpg
scontent-frt3-1.xx.fbcdn.net/v/t39.30808-6/ Frame 0ED6 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-1.xx.fbcdn.net/v/t39.30808-6/309716701_531745938953600_6653679679021264897_n.jpg?stp=cp1_dst-jpg_s118x90&_nc_cat=106&ccb=1-7&_nc_sid=8024bb&_nc_ohc=AP4FZislhNwAX_6-a2e&_nc_ht=scontent-frt3-1.xx&edm=AGggysMEAAAA&oh=00_AT81CaOKXHJ8DLmGAJvdlgvkpoaYFZWRtb7jtpeb2MoXWQ&oe=6349E320
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
abf54698be78bc9150977ec37944810ffab3c5de90ebd8e5a0864949a3c52b29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-haystack-needlechecksum
1149277947
date
Tue, 11 Oct 2022 07:26:42 GMT
x-fb-trip-id
686109401
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Sat, 08 Oct 2022 22:39:44 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=362706352
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1114578924
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4622
310256359_531746052286922_7795805017665416094_n.jpg
scontent-frt3-1.xx.fbcdn.net/v/t39.30808-6/ Frame 0ED6 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-1.xx.fbcdn.net/v/t39.30808-6/310256359_531746052286922_7795805017665416094_n.jpg?stp=cp1_dst-jpg_s118x90&_nc_cat=104&ccb=1-7&_nc_sid=8024bb&_nc_ohc=-XGhH2CZ8tkAX9PNre5&_nc_ht=scontent-frt3-1.xx&edm=AGggysMEAAAA&oh=00_AT-jg46s1zQ3IZRvXrQI2KvCd7eMnHEfYj5JEs9ScfaAyg&oe=634ADF84
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6a0913cd9397f187662a491ca08dcf87340fc98f5d97795747f4ed94581bb604

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-haystack-needlechecksum
3571153041
date
Tue, 11 Oct 2022 07:26:42 GMT
x-fb-trip-id
686109401
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Sat, 08 Oct 2022 22:39:57 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3426974797
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
792970721
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4125
310823958_531746162286911_4839841043246288830_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t39.30808-6/ Frame 0ED6 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frx5-1.xx.fbcdn.net/v/t39.30808-6/310823958_531746162286911_4839841043246288830_n.jpg?stp=cp1_dst-jpg_s118x90&_nc_cat=111&ccb=1-7&_nc_sid=8024bb&_nc_ohc=N2ex8uRmSWAAX8sUykt&_nc_ht=scontent-frx5-1.xx&edm=AGggysMEAAAA&oh=00_AT8SIUKdE41Cy6073hFKX4pfwwpwCZNreDQ5BKyDe2wOTw&oe=634A9BBE
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e760f8892fd5a20e96cedae24c3cff0a9d8078fa9c3b5fcfb956bc131b1a7e62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-haystack-needlechecksum
4215276072
date
Tue, 11 Oct 2022 07:26:42 GMT
x-fb-trip-id
917726464
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Sat, 08 Oct 2022 22:40:11 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1391709582
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1216688629
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4327
310986486_530997289028465_3172203917781516820_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t39.30808-6/ Frame 0ED6 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-2.xx.fbcdn.net/v/t39.30808-6/310986486_530997289028465_3172203917781516820_n.jpg?stp=dst-jpg_p235x165&_nc_cat=101&ccb=1-7&_nc_sid=8024bb&_nc_ohc=a88BY9yiM_sAX-y6spz&_nc_ht=scontent-frt3-2.xx&edm=AGggysMEAAAA&oh=00_AT_QJ12Acpz0nY5-7XagDhCOYDKTa1b23dRxXV_2RYK7EQ&oe=63499828
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f495cb2f022e8ff68082dd36850fac9e9c4116cd75a4adb6d9be16763c111246

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-haystack-needlechecksum
1992573555
date
Tue, 11 Oct 2022 07:26:42 GMT
x-fb-trip-id
686109401
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Sat, 08 Oct 2022 02:33:52 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1434709890
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
808935790
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
18192
311135261_530053472456180_6154611924092442064_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t39.30808-6/ Frame 0ED6 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frx5-1.xx.fbcdn.net/v/t39.30808-6/311135261_530053472456180_6154611924092442064_n.jpg?stp=dst-jpg_p235x165&_nc_cat=105&ccb=1-7&_nc_sid=8024bb&_nc_ohc=FveaNUvyWkAAX8CaHQV&_nc_ht=scontent-frx5-1.xx&edm=AGggysMEAAAA&oh=00_AT8Y3WsL0LnSSxQpX1EfTbn28iHRjGpT1fRmCinP9Ujdew&oe=63497986
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
60ef247c83212131d8df85f03f48a9526d0b449dc51121e93f761073759e4e01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-haystack-needlechecksum
3018461870
date
Tue, 11 Oct 2022 07:26:42 GMT
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Fri, 07 Oct 2022 04:57:56 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2187410418
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1805956308
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
17199
priority
u=3,i
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=g8vm&k=ZQl3d2gJYQkyNjUzCWQJZXUtd2VzdC0xYgloCWktMDU5MGU2MTRhYjJlMmU1MWQJdQljOTM3YWU2ZC02MGUxLTQ4N2UtOTE1Yy03ZTI3MmFiMjIwNjYJdgk5MWFhZjRiOS0yMTAwLTRhZGYtOGQxMi1jYWM2ZTczMTE0MmYJdmwJMjAyMjEwMTEuMDY0MAl2dAkyMDIyMTAxMS4wNjQwCXZzCTIwMjEwNTA1CXZjCTIwMjIwNDI5CXN0CTIwMjIxMDExLjA3MjY0MAlpCWUyMWQ1NjY3LTk3MWEtNDEzYS1iN2RkLTI2MDUyNzczYzgwNAlmCWh0dHBzOi8vd3d3Lm5ocmFkaXYzLmNvbS8JcQk3YWY0OTJhZi0zYzJiLTQ1MjYtOTU5ZS1kNTA2ZGE3ZjFiNTkJbQkyMjM0MgliCTI2MglnCTQxMAl0CTYwODAJYwk2MTM2CWwJMjEwNDYJegkyMDA4OQlzCTcwOTMJcAkyMzA2Ngl3CWVudGVydGFpbm1lbnQJY3MJSUFCMQljegkJZ2MJREUJZ3IJSEUJZ2QJZmFsc2UJZ24JQ29ycG9yYXRlCW5lCWl2CW5kCWl2CXNkCW5ocmFkaXYzLmNvbQlzZQkzMjQzOTAzMTY2CW1jCTEwMTIyNDUJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgk0NTE1CXZuCTE4ODgwODcJdnAJMQl2ZwlwcgljaQkwMDNhOGQ1Mi1mM2E5LTk0ZjQtNGU0ZC1lY2Y4MjNjMDZlMDcJY3AJdGQJdnYJMjAyMjA4MTZfMTkxOTpwZDFfaHRtbDU6My41MzguMAl3dAk3MDkJd3doCWJpZGRlcjpub25lLGNwbTowCWFkVGFnCS8vYS5qc3Jkbi5jb20vcHJlYmlkL3RhZ3Mvb3MvcDIzMDY2LWRzLWRlc2t0b3Atb3MuanNvbj9hY2E9MSZlbnYuc2Q9bmhyYWRpdjMuY29tJmVudi5nYz1ERSZlbnYuc2U9MzI0MzkwMzE2Ng
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:42 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
index.html
s3-us-west-2.amazonaws.com/distroscale-public/vplayer-parallel/20220816_1919/ima_html5/ Frame C471 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/distroscale-public/vplayer-parallel/20220816_1919/ima_html5/index.html
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ds_vplayer_detached.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.79.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
9d84e609f83ce654233e71c1a1ea7321f73479b0126d2cbbf216e18add331d23

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Content-Encoding
gzip
Content-Length
7033
Content-Type
text/html
Date
Tue, 11 Oct 2022 07:26:44 GMT
ETag
"1ee41c5e5e7b6d653598af99e6ae3cfb"
Last-Modified
Tue, 16 Aug 2022 19:20:21 GMT
Server
AmazonS3
x-amz-id-2
vuHGA4GrCZC7xDXTxHKodzCcrxAa3fu2tEzDidP6e1VC2df+eA+11sySdK1AeDePTpkbPY0BqsPc9ajeBQ4OvQ==
x-amz-request-id
S7RFBSFEV7587JXJ
x-amz-version-id
x5KVca6ohbNs4v0S44S7pE1OZS8yIWkb
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=mx5f&k=ZQl3ZQlhCTI2NTYJZAlldS13ZXN0LTFiCWgJaS0wNTkwZTYxNGFiMmUyZTUxZAl1CWM5MzdhZTZkLTYwZTEtNDg3ZS05MTVjLTdlMjcyYWIyMjA2Ngl2CTkxYWFmNGI5LTIxMDAtNGFkZi04ZDEyLWNhYzZlNzMxMTQyZgl2bAkyMDIyMTAxMS4wNjQwCXZ0CTIwMjIxMDExLjA2NDAJdnMJMjAyMTA1MDUJdmMJMjAyMjA0MjkJc3QJMjAyMjEwMTEuMDcyNjQwCWkJZTIxZDU2NjctOTcxYS00MTNhLWI3ZGQtMjYwNTI3NzNjODA0CWYJaHR0cHM6Ly93d3cubmhyYWRpdjMuY29tLwlxCTdhZjQ5MmFmLTNjMmItNDUyNi05NTllLWQ1MDZkYTdmMWI1OQltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNjA4MAljCTYxMzYJbAkyMTA0Ngl6CTIwMDg5CXMJNzA5MwlwCTIzMDY2CXcJZW50ZXJ0YWlubWVudAljcwlJQUIxCWN6CQlnYwlERQlncglIRQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJbmhyYWRpdjMuY29tCXNlCTMyNDM5MDMxNjYJbWMJMTAxMjI0NQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTQ1MTUJdm4JMTg4ODA4Nwl2cAkxCXZnCXByCWNpCTAwM2E4ZDUyLWYzYTktOTRmNC00ZTRkLWVjZjgyM2MwNmUwNwljcAl0ZAl2dgkyMDIyMDgxNl8xOTE5OnBkMV9odG1sNTozLjUzOC4wCXd0CTcwOQl3ZQlbd2VdIGVycm9yOk5vIHZhbGlkIGJpZHMgcmVjZWl2ZWQJYWRUYWcJLy9hLmpzcmRuLmNvbS9wcmViaWQvdGFncy9vcy9wMjMwNjYtZHMtZGVza3RvcC1vcy5qc29uP2FjYT0xJmVudi5zZD1uaHJhZGl2My5jb20mZW52LmdjPURFJmVudi5zZT0zMjQzOTAzMTY2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:42 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4315 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022100301&jk=2973159580489977&bg=!GBulG1_NAAYqRg79CkY7ACkAdvg8Wj6bzylpGMSUfmu8wBg2Pt6UeBU4rUHAZkKNn-Dk-lbQEngWmgIAAAByUgAAAAJoAQcKAHwoFAqmBwayED8qWjRXRfL4G-dcGpplwaI9reDE6e-6GMFthOVa-kF5yRAqvBTLNCbAyWHpDfm0x4Lnie1EbTAFsI4MD_gJpeZWOIkVTGUlZ-k52fArV39cAjJTWY-1MRwzwf3b6TwC8XWaRW67RinuFExwKQ_fZGLt45NFmQLuOGPTh-2b9WYOniGmO1YjfkxdrkLFUaczo9q6Gd2tjgvg_vZIMUoxwAiUVSLQHMFmsQFReECE8cWaqdhP95AVefkb5uOu1-iodojRrPlNW-4jKMDR310_RVyJrp8yq2c4-5oVjBcGZ-iAAxp1bBaaeupGUSQ16FHqYpIYlpe1gRuYqY3LZypq3cPUP2Rt6p7GnUErpv5a7RnMM15L9prXb8v-pKNRmDJA_RL4mQfs3JGz6aZDrz4_gl8dK6TvcqE_HlRn1vRNeA8BpIwGQsVyPG6PHs23g5EQq074TggTI6aAancnormEBbS5Jw3grKrJfOz3kJ7gfrp21n_9QvUL1zGbVSwmef4_s64BmZN8w4B7vsfnk2iaQd_Wmvgybv3BEjP0GpWKibRgwPU1sa9M4b1eSZZc49Qk5ffBKd_3RDzHpQIOaOFA5rBakUlPXdxaZ-A0d-kyFfvM-Hn3PDeUEoBJkdaH_EFGnXYooe7hQ2nXJ-zyvqoGkK2Vgm1n0Ox1yV344gesT1LM8WWx0QHL9tAzGEjYzJvpyrcO1b4q48IDYajqz4Rj8F9xCbytAK4Y1PjLYGE-3UGl6cu6dG7PewEjF91YAMK7X_TC-pSoEY3gdMsF90NVvvKiMTHLtaJ83PQp1kRerL8TK6nMZpbKRawNfGYbOZx8HAWxdPDK9LE2TTr0FBglwRaRFr60iPlG6B_ApfAgvLJpMUXleTgV6gmJ5FRz85eFwvRTVmzOut6L323JbYZH6rWD5D_7yHBa5g6SLxr5_KVzsoJ8q3C94tJWmlFu2C9Nk6vov96Natn5OgzMLIcMkdAdjcVX6cdLIwtwIQgmTSJho2vcqU8E-Sd_hkXkgM5AU9tPWoWiIuLEiYAfr5OenHjbx9vUdukUAzIzEe82MYBVpsKfQODbpoxDdzrKIBjRj7Y_AXl4RdkQPlhCrn6u6mkOQ0YBWGvlkfm1SpZDXuifnF7_8TrNDQfWzz1CsNJD5mQ05EU5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022100501&jk=1757600911034922&bg=!Z2SlZCDNAAYqRg79CkY7ACkAdvg8Wm_XqEGwyuqkb9pglh-PfAeMZYee1CnF0xJXVkr88Fp3PFVArgIAAABSUgAAAAFoAQeZAt4FSEydvOoS8Qzn0SqIpKjYg9pwJCgYzEdu0d936uOr8RogCceTA2U7xnFuN-sN9V8iDg2BMhIHnMCAeuwJTFJE4qAiejk6xQ6NbVCxK4CRhqmqVoqD6knaReve4tStqbAIOy3Fg--cXlTLKatCEdZRt93qNNql6pi8uZNOXEZVuaX1AjU2NAmBPymnQrdKSGmoLF75d6JGOqHHAOpB_J8oWXk7I6APN5GCZ2pZ0ynrkzuZRZnR-e_SAXhXaeSj8HgfbtTq09X_e-E7Zzy53PreZzdWcIgG6QUq87VTiEm6ZisATFBCUdFEZHs6ipJkmBUO6U3-qhbikcHzfVA9pxqeTZ5RcXzmAKCnZmQbcY2sUO3WW6ChalJzD0Q0psukoDfEY0-6mU10oivd2-ziCZzFApHO3eglVP1uV8-XtkHxLVLui-2ICmVgnks3fv_MzoZy6MF9imuPMCnZjDrppSZBgUmKoyX8FOE070atGie2Qorkc5Q3Jg1EUbdVnWpuYe0lLX5mhP8WaLnaqjbJkfetNaVF9r3g5U8SqsB2BF-GAflGvptI79AJQrLEvdLkm9sPy-MTqsMLBYnlzwiCC4M4qcVuUTXJAAxOM3WnQ6K2A0E1_UmY4akAaXJMvqmqbwht2CikqGWXgK38GdeI0z8QhIkyaTeBF63AUDwh-6zxgaX7cLskRDhUClHo4dXo41tNKcccjdfiCfsHs-szIjqyWrJiALw7Eqolc63K_G1-ZGLGUA90ff4EpfW8qaf9QQOxy3WTk1_-SDgLUU6GurtDnvNkX2tjFp6w1YIWNardA4IX-o_4V4Br3mgeBXiE5472MGeGgY7Svtz6Ydm3nBvBUVdUwCSh02F7XTLP0k7D6euF8i33jojTxD9ef3xdvD__ltXtuLlPuPL0DElOEkUiXVKRhrOPEkm5rtpIWxmnDkh-PXuU8-1cJmejXHy_aZsrzEOucLNxoJ3smZvg2w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 0ED6 		573 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/Dg-zvGCDr50.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/Dg-zvGCDr50.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
573
x-fb-rlafr
0
x-fb-debug
eqJ02I60kecGdrEMxBdIPfCMH+R/0qx715HoEZ7+BI0qSimr4DUZtde66tGQtp4FGGZqEg8z3eXh8pcMi4UdKA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 04 Oct 2023 00:50:13 GMT
re1hPxQECWj.png
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 0ED6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/re1hPxQECWj.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/2qJRjrlwTog.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fcdaa4a9116d5ab88233e3349fea2428f2a4c46b3538900117cef9c8c1d31f0c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/2qJRjrlwTog.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
x-content-type-options
nosniff
content-md5
i7RWZH3OINQHgRs93K4JmQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
2674
x-fb-rlafr
0
x-fb-debug
Qx4Cr19wx/s+XdzdkUsYrWa6737lHQDHCPLhljf9P+MPcfVfP1RvaKxayVR81zKzBvVYU+kWW2pHyiLalRopGw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 29 Sep 2023 04:39:49 GMT
F2UMGiq93hh.js
static.xx.fbcdn.net/rsrc.php/v3/yq/r/ Frame 0ED6 		160 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yq/r/F2UMGiq93hh.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/Po6DZYgATVU.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
30c448ea076aed1627a1e2a02b49f3be2402f2aafdcc41c5628b54dca4331c86
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8zcE/2sxC50Qpbvtv9CQug==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
47829
x-fb-rlafr
0
x-fb-debug
WPF/eh1o7pA/hq901hUWE1aP0EUSjCtnfnW6GcnhzqUsrY0SBPKxwIBvCf/n1r4OCXWr2xDgM8CEwp1tfbI0Vg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Mon, 09 Oct 2023 14:56:04 GMT
aJf13HRCfaQ.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 0ED6 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/aJf13HRCfaQ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/Po6DZYgATVU.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b2fc921a69e4476f5b042b145da997f48362c01c8e7c4c74a068e32e1fb8656a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
R6CYkHkHWrOI0pN4JVNisw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
10425
x-fb-rlafr
0
x-fb-debug
uJTqaxZYzwnafA37RwFfPFqsUY30GYdUsiDOn1yeyknSRQsYyv8nKpsb/bP4h3JgM4f7x4bl4UYThHLSHWLyEw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 05 Oct 2023 14:36:20 GMT
1487645_6012475414660_1439393861_n.png
scontent.xx.fbcdn.net/hads-ak-prn2/ Frame 0ED6 		79 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/hads-ak-prn2/1487645_6012475414660_1439393861_n.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:42 GMT
x-fb-trip-id
917726464
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/png
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
79
expires
Tue, 11 Oct 2022 07:26:42 GMT
pixel.gif
pixel.westseven.media/ Frame 4315 		35 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.westseven.media/pixel.gif?key=nhra_728x90_1-2&ev&r=0.5560094697868081
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.160.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-160-208.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 07:26:42 GMT
Cache-Control
private, no-cache, proxy-revalidate, max-age=0
Content-Disposition
inline
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
pixel.gif
pixel.westseven.media/ Frame 4315 		35 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.westseven.media/pixel.gif?key=nhra_728x90_1-2&iv&r=0.45005522999393244
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.160.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-160-208.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 07:26:42 GMT
Cache-Control
private, no-cache, proxy-revalidate, max-age=0
Content-Disposition
inline
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame C471 		380 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/distroscale-public/vplayer-parallel/20220816_1919/ima_html5/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10ab3f3fd4aec35a9f26e104e9a33b7dc6a2e09dc7a27a718daf8c40ad3c7740
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3-us-west-2.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129615
x-xss-protection
0
expires
Tue, 11 Oct 2022 07:26:43 GMT
minimal.mp4
s3-us-west-2.amazonaws.com/distroscale-public/vplayer-parallel/20220816_1919/ima_html5/ Frame C471 		843 B
1 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/distroscale-public/vplayer-parallel/20220816_1919/ima_html5/minimal.mp4
Requested by
Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/distroscale-public/vplayer-parallel/20220816_1919/ima_html5/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.79.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer
https://s3-us-west-2.amazonaws.com/distroscale-public/vplayer-parallel/20220816_1919/ima_html5/index.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 11 Oct 2022 07:26:44 GMT
x-amz-version-id
O0nt2TGo8ASPcvTZC0VoRz0EfUTlbI1l
Last-Modified
Tue, 16 Aug 2022 19:20:22 GMT
Server
AmazonS3
x-amz-request-id
S7R084EYEH34HTFH
ETag
"fb62001afaa95ed461f35992d7431867"
Content-Type
video/mp4
Content-Range
bytes 0-842/843
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
843
x-amz-id-2
5ZWk2gPTVKUh54OxD1pPAl+GvbLSjby4+PnzYX6r0R8MltEuVP7i7AvPXIwHhW67emCv+O3Lcs4bxxMXiohx2g==
bridge3.538.0_en.html
imasdk.googleapis.com/js/core/ Frame 2F1F 		687 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.538.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f45c8486e50b0bb2fbc647301b45bd39a54beeb23a28e0f0d53048daebbb3868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s3-us-west-2.amazonaws.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
410273
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Oct 2022 13:28:50 GMT
expires
Fri, 06 Oct 2023 13:28:50 GMT
last-modified
Thu, 06 Oct 2022 13:26:08 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame C471 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3-us-west-2.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Oct 2022 07:26:43 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=4yow&k=ZQl3YQlhCTMzMDgJZAlldS13ZXN0LTFiCWgJaS0wNTkwZTYxNGFiMmUyZTUxZAl1CWM5MzdhZTZkLTYwZTEtNDg3ZS05MTVjLTdlMjcyYWIyMjA2Ngl2CTkxYWFmNGI5LTIxMDAtNGFkZi04ZDEyLWNhYzZlNzMxMTQyZgl2bAkyMDIyMTAxMS4wNjQwCXZ0CTIwMjIxMDExLjA2NDAJdnMJMjAyMTA1MDUJdmMJMjAyMjA0MjkJc3QJMjAyMjEwMTEuMDcyNjQwCWkJZTIxZDU2NjctOTcxYS00MTNhLWI3ZGQtMjYwNTI3NzNjODA0CWYJaHR0cHM6Ly93d3cubmhyYWRpdjMuY29tLwlxCTdhZjQ5MmFmLTNjMmItNDUyNi05NTllLWQ1MDZkYTdmMWI1OQltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNjA4MAljCTYxMzYJbAkyMTA0Ngl6CTIwMDg5CXMJNzA5MwlwCTIzMDY2CXcJZW50ZXJ0YWlubWVudAljcwlJQUIxCWN6CQlnYwlERQlncglIRQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJbmhyYWRpdjMuY29tCXNlCTMyNDM5MDMxNjYJbWMJMTAxMjI0NQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTQ1MTUJdm4JMTg4ODA4Nwl2cAkxCXZnCXByCWNpCWIzZWFiYTJlLWM2MDktMzllMC04MzVkLTBkNTg1MGMxMTJjMgljcAlnZwl2dgkyMDIyMDgxNl8xOTE5OmltYV9odG1sNTozLjUzOC4wCXd0CTY1MglhZFRhZwkvL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS8zNDIzMDEwOSwxMDEyMjQ1LzIzMDY2Xzc3MTY1NjIxNjgmZGVzY3JpcHRpb25fdXJsPWh0dHBzJTNBJTJGJTJGd3d3Lm5ocmFkaXYzLmNvbSUyRiZ0ZmNkPTAmbnBhPTAmc3o9NjQweDQ4MCU3QzEyODB4NzIwJTdDMTkyMHgxMDgwJTdDNDAweDMwMCZjdXN0X3BhcmFtcz1kc21jbSUzRDElMjZkc2QlM0RuaHJhZGl2My5jb20mZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmVudj12cCZpbXBsPXMmY29ycmVsYXRvcj0yNjk1NTkmZ2Rwcj0xJmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:43 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 2F1F 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F34230109%2C1012245%2F23066_7716562168&description_url=https%3A%2F%2Fwww.nhradiv3.com%2F&tfcd=0&npa=0&sz=640x480%7C1280x720%7C1920x1080%7C400x300&cust_params=dsmcm%3D1%26dsd%3Dnhradiv3.com&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4223831824575003&gdpr=1&gdpr_consent&us_privacy&vpa=auto&vpmute=1&sdkv=h.3.538.0&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=2915487050&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.538.0&media_url=https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fdistroscale-public%2Fvplayer-parallel%2F20220816_1919%2Fima_html5%2Fminimal.mp4&sid=A40B8488-CEC4-42A1-B829-A34FDEFA218B&nel=0&eid=44730465%2C44748969%2C44760950%2C44765701&ref=https%3A%2F%2Fwww.nhradiv3.com%2F&url=https%3A%2F%2Fwww.nhradiv3.com%2F&dt=1665473203329&scor=3742881926593046&ged=ve4_td0_tt0_pd0_la0_er0.0.154.300_vi0.0.450.800_vp100_eb24427
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.538.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ima_html5/ Frame 789C 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ima_html5/index.html
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ds_vplayer_detached.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
9d84e609f83ce654233e71c1a1ea7321f73479b0126d2cbbf216e18add331d23

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=12382
content-encoding
gzip
content-length
7033
content-type
text/html
date
Tue, 11 Oct 2022 07:26:43 GMT
etag
"1660677621"
last-modified
Tue, 16 Aug 2022 19:20:21 GMT
x-hw
1665473203.dop218.lo4.t,1665473203.cds326.lo4.hn,1665473203.cds316.lo4.c
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 789C 		380 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ima_html5/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10ab3f3fd4aec35a9f26e104e9a33b7dc6a2e09dc7a27a718daf8c40ad3c7740
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129615
x-xss-protection
0
expires
Tue, 11 Oct 2022 07:26:43 GMT
minimal.mp4
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ima_html5/ Frame 789C 		843 B
974 B 		Media
General
Check archive.org
Download Go to
Full URL
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ima_html5/minimal.mp4
Requested by
Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ima_html5/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer
https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20220816_1919/ima_html5/index.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 11 Oct 2022 07:26:43 GMT
last-modified
Tue, 16 Aug 2022 19:20:22 GMT
etag
"1660677622"
x-hw
1665473203.dop218.lo4.t,1665473203.cds326.lo4.hn,1665473203.cds103.lo4.c
content-type
video/mp4
Content-Range
bytes 0-842/843
cache-control
max-age=12383
accept-ranges
bytes
Content-Length
843
bridge3.538.0_en.html
imasdk.googleapis.com/js/core/ Frame 69BB 		687 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.538.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f45c8486e50b0bb2fbc647301b45bd39a54beeb23a28e0f0d53048daebbb3868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5x8i7c7.ssl.hwcdn.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
410273
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Oct 2022 13:28:50 GMT
expires
Fri, 06 Oct 2023 13:28:50 GMT
last-modified
Thu, 06 Oct 2022 13:26:08 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 789C 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Oct 2022 07:26:43 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=nbmm&k=ZQl3YQlhCTM1NjkJZAlldS13ZXN0LTFiCWgJaS0wNTkwZTYxNGFiMmUyZTUxZAl1CWM5MzdhZTZkLTYwZTEtNDg3ZS05MTVjLTdlMjcyYWIyMjA2Ngl2CTkxYWFmNGI5LTIxMDAtNGFkZi04ZDEyLWNhYzZlNzMxMTQyZgl2bAkyMDIyMTAxMS4wNjQwCXZ0CTIwMjIxMDExLjA2NDAJdnMJMjAyMTA1MDUJdmMJMjAyMjA0MjkJc3QJMjAyMjEwMTEuMDcyNjQwCWkJZTIxZDU2NjctOTcxYS00MTNhLWI3ZGQtMjYwNTI3NzNjODA0CWYJaHR0cHM6Ly93d3cubmhyYWRpdjMuY29tLwlxCTdhZjQ5MmFmLTNjMmItNDUyNi05NTllLWQ1MDZkYTdmMWI1OQltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNjA4MAljCTYxMzYJbAkyMTA0Ngl6CTIwMDg5CXMJNzA5MwlwCTIzMDY2CXcJZW50ZXJ0YWlubWVudAljcwlJQUIxCWN6CQlnYwlERQlncglIRQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJbmhyYWRpdjMuY29tCXNlCTMyNDM5MDMxNjYJbWMJMTAxMjI0NQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTQ1MTUJdm4JMTg4ODA4Nwl2cAkxCXZnCXByCWNpCWY2YmI2OGE1LTA2NjMtNDMwYi1lNGZlLTk4ZDBhY2JjYWMzZgljcAlyYgl2dgkyMDIyMDgxNl8xOTE5OmltYV9odG1sNTozLjUzOC4wCXd0CTE4NQlhZFRhZwkvL3ZpZGVvLWFkcy5ydWJpY29ucHJvamVjdC5jb20vdmlkZW8vMTY1NzgvMTM1OTg4LzI1NzMyNjAvMjAzL3Zhc3QueG1sP3RnX2MubGFuZ3VhZ2U9ZW4md2lkdGg9ODAwJmhlaWdodD00NTAmcnBfc2NoYWluPTEuMCwxIWRpc3Ryb3NjYWxlLmNvbSwzMjQzOTAzMTY2LDEsLCwmdGdfaS5kb21haW49bmhyYWRpdjMuY29tJnJmPWh0dHBzJTNBJTJGJTJGd3d3Lm5ocmFkaXYzLmNvbSUyRiZ1c19wcml2YWN5PSZnZHByPTEmZ2Rwcl9jb25zZW50PQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:43 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
vast.xml
video-ads.rubiconproject.com/video/16578/135988/2573260/203/ Frame 69BB 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/16578/135988/2573260/203/vast.xml?tg_c.language=en&width=800&height=450&rp_schain=1.0,1!distroscale.com,3243903166,1,,,&tg_i.domain=nhradiv3.com&rf=https%3A%2F%2Fwww.nhradiv3.com%2F&us_privacy=&gdpr=1&gdpr_consent=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.538.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.24.9.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-9-113.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash
161baa24e3ee3c38e514b1c344e82e9a0e112bd3fc5536da23035bdd4ce2ec52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:43 GMT
Content-Encoding
gzip
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
1037
Expires
Tue, 11 Oct 2022 07:26:43 GMT
csi
csi.gstatic.com/ Frame 69BB 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l93vqsfp&c=6574984105079&slotId=3287492052539.5&fb=ima_html5-lima&sdkv=h.3.538.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=2.0&vmfc=1&vhc=0&ghmsh_eids=44729309%2C44731964%2C44748969%2C44760950%2C44765701%2C44773378
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.538.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame AE4D 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a30db67d34a1019aea4ebdf494383f14e7c85fdc7276213a20c03f82a6a9ad94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
571
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18746
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 21:23:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Tue, 11 Oct 2022 07:32:12 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=y9ql&k=ZQl3aAlhCTM3NzQJZAlldS13ZXN0LTFiCWgJaS0wNTkwZTYxNGFiMmUyZTUxZAl1CWM5MzdhZTZkLTYwZTEtNDg3ZS05MTVjLTdlMjcyYWIyMjA2Ngl2CTkxYWFmNGI5LTIxMDAtNGFkZi04ZDEyLWNhYzZlNzMxMTQyZgl2bAkyMDIyMTAxMS4wNjQwCXZ0CTIwMjIxMDExLjA2NDAJdnMJMjAyMTA1MDUJdmMJMjAyMjA0MjkJc3QJMjAyMjEwMTEuMDcyNjQwCWkJZTIxZDU2NjctOTcxYS00MTNhLWI3ZGQtMjYwNTI3NzNjODA0CWYJaHR0cHM6Ly93d3cubmhyYWRpdjMuY29tLwlxCTdhZjQ5MmFmLTNjMmItNDUyNi05NTllLWQ1MDZkYTdmMWI1OQltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNjA4MAljCTYxMzYJbAkyMTA0Ngl6CTIwMDg5CXMJNzA5MwlwCTIzMDY2CXcJZW50ZXJ0YWlubWVudAljcwlJQUIxCWN6CQlnYwlERQlncglIRQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJbmhyYWRpdjMuY29tCXNlCTMyNDM5MDMxNjYJbWMJMTAxMjI0NQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTQ1MTUJdm4JMTg4ODA4Nwl2cAkxCXZnCXByCWNpCWY2YmI2OGE1LTA2NjMtNDMwYi1lNGZlLTk4ZDBhY2JjYWMzZgljcAlyYgl2dgkyMDIyMDgxNl8xOTE5OmltYV9odG1sNTozLjUzOC4wCXd0CTE4NQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:43 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
bridge-31047.js
video-ads.rubiconproject.com/video/ Frame AE4D 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-31047.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.24.9.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-9-113.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
f5ac6348585afe084ad84bb4b456717fd946101219e1f3c16f266745dc80b0d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 07:26:43 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Jun 2022 14:26:23 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"1021f-5e1e1e36cc1c0-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
20215
bz
www.facebook.com/ajax/ Frame 0ED6 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=0&__dyn=7xe6HzE4e685KbwKBAodod8d898nwgU29zEdEc83WwvE3vx60Vo1upEdEnwcG0KEswaq0yE1Vrzo5-0km7o1O83rw9O0RE2Jw8W0iW0pa0h-0Lo6-0Co2cw&__hs=19276.BP%3Aplugin_default_pkg.2.0.0.0.0&__hsi=7153152936326814440&__req=1&__rev=1006362082&__s=%3A%3A1osrm7&__sp=1&__user=0&dpr=1&jazoest=22040&locale=en_US&lsd=nrR9fTBDYhhh0AYluyvXRx
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/q6VzhXzzuec.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df87f1d74d8ec98%26domain%3Dwww.nhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nhradiv3.com%252Ff38f85c962ba3c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryHAFBhSVvL0BzvQdR

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
date
Tue, 11 Oct 2022 07:26:43 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-fb-rlafr
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
1gk6R77+x2qEsj3AqSCqielBSrLNwNgcWuh95leAPLyyNJ7MRh/YAscqG9sRnIAudS4/DnVu2sAzN1+m52BxOQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
access-control-allow-methods
OPTIONS
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
text/html; charset="utf-8"
vary
Origin
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame AE4D 		28 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=0&gdpr_consent=&account_id=16578&site_id=135988&zone_id=2573260&size_id=203&tg_c.language=en&width=780&height=439&rp_schain=1.0,1!distroscale.com,8552506357,1,,,&tg_i.domain=freepressjournal.in&rf=https://www.freepressjournal.in/analysis/nepotism-hovers-on-indian-judiciary-olav-albuquerque&p_window.depth=1&p_window.url=https%3A%2F%2Fwww.nhradiv3.com%2F&p_window.w=800&p_window.h=450&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=5356461256938201&rp_secure=1
Requested by
Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31047.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.3.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-3-76.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c5x8i7c7.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:43 GMT
server
nginx/1.21.4
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/xml
access-control-allow-origin
https://c5x8i7c7.ssl.hwcdn.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
csi
csi.gstatic.com/ Frame 69BB 		0
0
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=pbcn&k=ZQl3ZQlhCTQ0MjYJZAlldS13ZXN0LTFiCWgJaS0wNTkwZTYxNGFiMmUyZTUxZAl1CWM5MzdhZTZkLTYwZTEtNDg3ZS05MTVjLTdlMjcyYWIyMjA2Ngl2CTkxYWFmNGI5LTIxMDAtNGFkZi04ZDEyLWNhYzZlNzMxMTQyZgl2bAkyMDIyMTAxMS4wNjQwCXZ0CTIwMjIxMDExLjA2NDAJdnMJMjAyMTA1MDUJdmMJMjAyMjA0MjkJc3QJMjAyMjEwMTEuMDcyNjQwCWkJZTIxZDU2NjctOTcxYS00MTNhLWI3ZGQtMjYwNTI3NzNjODA0CWYJaHR0cHM6Ly93d3cubmhyYWRpdjMuY29tLwlxCTdhZjQ5MmFmLTNjMmItNDUyNi05NTllLWQ1MDZkYTdmMWI1OQltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNjA4MAljCTYxMzYJbAkyMTA0Ngl6CTIwMDg5CXMJNzA5MwlwCTIzMDY2CXcJZW50ZXJ0YWlubWVudAljcwlJQUIxCWN6CQlnYwlERQlncglIRQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJbmhyYWRpdjMuY29tCXNlCTMyNDM5MDMxNjYJbWMJMTAxMjI0NQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTQ1MTUJdm4JMTg4ODA4Nwl2cAkxCXZnCXByCWNpCWY2YmI2OGE1LTA2NjMtNDMwYi1lNGZlLTk4ZDBhY2JjYWMzZgljcAlyYgl2dgkyMDIyMDgxNl8xOTE5OmltYV9odG1sNTozLjUzOC4wCXd0CTE4NQl3ZQlbOTAxXSBhZE1hbmFnZXJFcnJvciBzdGFnZTppOkFuIHVuZXhwZWN0ZWQgZXJyb3Igb2NjdXJyZWQgd2l0aGluIHRoZSBWUEFJRCBjcmVhdGl2ZS4gUmVmZXIgdG8gdGhlIGlubmVyIGVycm9yIGZvciBtb3JlIGluZm8uCWFkCSxzeXM6UnViaWNvbixhaWQ6MSx0aXRsZTpWUEFJRCBXcmFwcGVyLGR1cjozMCxhcGlmdzpWUEFJRAlhZFRhZwkvL3ZpZGVvLWFkcy5ydWJpY29ucHJvamVjdC5jb20vdmlkZW8vMTY1NzgvMTM1OTg4LzI1NzMyNjAvMjAzL3Zhc3QueG1sP3RnX2MubGFuZ3VhZ2U9ZW4md2lkdGg9ODAwJmhlaWdodD00NTAmcnBfc2NoYWluPTEuMCwxIWRpc3Ryb3NjYWxlLmNvbSwzMjQzOTAzMTY2LDEsLCwmdGdfaS5kb21haW49bmhyYWRpdjMuY29tJnJmPWh0dHBzJTNBJTJGJTJGd3d3Lm5ocmFkaXYzLmNvbSUyRiZ1c19wcml2YWN5PSZnZHByPTEmZ2Rwcl9jb25zZW50PQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-229.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nhradiv3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:44 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
envelope
lexicon.33across.com/v1/ Frame 4315 		49 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002Ecz1AAAR&gdpr=0
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_NHRA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.nhradiv3.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
expires
Sat, 26 Jul 1997 05:00:00 GMT
f
fid.agkn.com/ Frame 4315 		0
0
867.json
id5-sync.com/g/v2/ Frame 4315 		216 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/867.json
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_NHRA.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
79cebb8fa2c904fd97ad5f9abffffe45797566e953824a1d92957d4dce4b4207
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.nhradiv3.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nhradiv3.com
date
Tue, 11 Oct 2022 07:26:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 4315 		0
0
usersync.html
cdn.undertone.com/js/ Frame 4315 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 177D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=93830
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 11 Oct 2022 07:26:46 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 12 Oct 2022 09:30:36 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame B0A2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
6122
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 11 Oct 2022 07:26:46 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
12, 68054
X-Served-By
cache-lga13626-LGA, cache-cdg20765-CDG
X-Timer
S1665473207.776745,VS0,VE0
/
onetag-sys.com/usync/ Frame 7436 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1665473201087
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 13A2 		281 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Tue, 11 Oct 2022 07:26:46 GMT
etag
"40014-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame D6AD 		0
0
sync.html
public.servenobid.com/ Frame F112 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.14 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
85374
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 10 Oct 2022 15:41:06 GMT
etag
W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified
Wed, 17 Aug 2022 23:23:08 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-id
ObSCT6rtHKemYA8sJg6J9SqiBYdQwegSwXRHeHBzecGZcCYguhZsbw==
x-amz-cf-pop
FRA6-C1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5
77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256
4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache
Hit from cloudfront
2000998.html
sync.serverbid.com/ss/ Frame 3E26 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2000998.html
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.101 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f30b3d3045a1b31f3b614f6a7d2101dafdeaf3c248517fab52d35786230b915

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11101
content-encoding
br
content-type
text/html
date
Tue, 11 Oct 2022 04:21:46 GMT
etag
W/"08a15e007bfbd63a286e354b76d88f05"
last-modified
Fri, 30 Sep 2022 12:03:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
x-amz-cf-id
BzUHiaNj4wVZ9Fsb-OuZE-7rTYZhtDkw0r46XA6RVUn2xCTnB2RzGw==
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
check.html
biddr.brealtime.com/ Frame 7058 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
1189
CF-Cache-Status
HIT
CF-RAY
7585de964fdabb4a-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 11 Oct 2022 07:26:46 GMT
Expires
Tue, 11 Oct 2022 08:26:46 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
ozLLefD0knKZ2yMzZ7EA3qLK8cSPeKdEpQT28HMOVUE2s5XW77p+1QkMqhU1tUmLZbb1zAjl4MU=
x-amz-request-id
GNVBWB8PQV5H0AVC
usersync.html
cdn.undertone.com/js/ Frame D92A 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7400:1f:2473:9080:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18

Request headers

Referer
https://www.nhradiv3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29418
content-encoding
gzip
content-type
text/html
date
Mon, 10 Oct 2022 23:16:29 GMT
etag
W/"690b8831dd941a438fb4bc8230f5d150"
last-modified
Thu, 23 Jun 2022 12:50:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 0d94766f433ae64cf30c40acb74fc43e.cloudfront.net (CloudFront)
x-amz-cf-id
vQ2jRqoysH3Xaml0RPIB6U28qCyDlXBjcLljkvCeblbeuW9-s1GCgg==
x-amz-cf-pop
FRA2-C2
x-amz-replication-status
COMPLETED
x-amz-version-id
p2Mlr2XRRx_BAA4Q4UMvSF8IHgqXyHE8
x-cache
Hit from cloudfront
usync.js
eus.rubiconproject.com/ Frame 13A2 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 22:38:47 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=78871
content-length
9421
expires
Wed, 12 Oct 2022 05:21:17 GMT
pubcid.min.js
sync.serverbid.com/id/ Frame 3E26 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/id/pubcid.min.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000998.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.101 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
77255410684dbbba858c6fabae907a3e8ab1b2a85e43a0ca144fd723d1400327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/ss/2000998.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 04:39:16 GMT
content-encoding
gzip
via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
last-modified
Tue, 17 May 2022 13:13:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
10346
etag
W/"6347b683934f37cb70a4ee686f0c036a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
eRrVG1SrTdu-O9iM8YjMNKMNlLktWn9iIg3iOOEux0LcOrc5u6IQoQ==
PugMaster
image6.pubmatic.com/AdServer/ Frame 177D 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=28909299&p=160111&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:45 GMT
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0942 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=93830
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 11 Oct 2022 07:26:46 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 12 Oct 2022 09:30:36 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame 35AD 		0
0
/
onetag-sys.com/usync/ Frame 2955 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 620B 		970 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.107 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
17cf5e7d9b0e491bf5d1056b5e1494bb94a8fbc430fa78c9fd216fcd7e8d1976

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
970
content-type
text/html
date
Tue, 11 Oct 2022 07:26:46 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 285A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0fe02ce8c487dc8c704859d043bdbb9a2591381d86ac96854dbe64c4c619569

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7585de972e4e91d7-FRA
content-encoding
br
content-type
text/html
date
Tue, 11 Oct 2022 07:26:46 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88ueoq6LBVV7JUiUj4nyiMqnASScNO325KTji05wUMtvG7vInNUhyeDo%2B%2BCBzKdkSeqhoQyH8nDlTL15Le%2BChMFBUXv%2BsvSeDj93kLLG7x%2FNVe87KE2ZcJfMAD0VPXPCbPeY2uWdbWEivA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7585de96cab89a09-FRA
content-length
0
date
Tue, 11 Oct 2022 07:26:46 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zooaUEIawN%2B53fDs3lqEvhK9uLyLzSaq%2BUNO9sSIJxozzl%2B6NGueA%2BBirjKS%2BIE7e98XD90TIHa5pt4rGjQTs4H4PiynY%2B7%2BHjXmvK5b2iOC%2BF2CnEXJOebTzf8fMdgQO2mIOIL8kWG60A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C0AD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Tue, 11 Oct 2022 07:26:46 GMT
etag
"40014-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 11 Oct 2022 07:26:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
sync.php
pixel.rubiconproject.com/exchange/ Frame F112 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame F112
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=371341291400357975
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=371341291400357975
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:46 GMT
AN-X-Request-Uuid
7d0aa06a-4600-40e7-8f60-9879ca7d19a4
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=371341291400357975
Connection
keep-alive
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame F112
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=Fdj-tRZH7EFWC1yRTSqE3q_j
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=Fdj-tRZH7EFWC1yRTSqE3q_j
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:46 GMT
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ads.servenobid.com/sync?pid=310&uid=Fdj-tRZH7EFWC1yRTSqE3q_j
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
0
expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame F112 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 11 Oct 2022 07:26:46 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap7ams1
access-control-allow-methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame F112
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=95a42f6a-617e-4f30-a5a6-c21658cd1615
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=314&uid=95a42f6a-617e-4f30-a5a6-c21658cd1615
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=314&uid=95a42f6a-617e-4f30-a5a6-c21658cd1615
Date
Tue, 11 Oct 2022 07:26:47 GMT
Connection
keep-alive
Content-Length
119
Vary
Origin
Content-Type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame F112
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1665473206867
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2089505415
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2089505415
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 11 Oct 2022 07:26:46 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:46 GMT
etag
RXd9ebcb0d178e4f2b9fc6c7426ddc4dc9003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2089505415
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame F112
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5142336720139009633
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5142336720139009633
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5142336720139009633
Date
Tue, 11 Oct 2022 07:26:46 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame F112 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:47 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-172
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame F112
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=422b68af-7f52-46ca-af9b-f4fdd1fef46f&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=422b68af-7f52-46ca-af9b-f4fdd1fef46f&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=422b68af-7f52-46ca-af9b-f4fdd1fef46f&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Tue, 11 Oct 2022 07:26:46 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame F112
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-u8OMKntE2uHb9MTXGBpXDcJiV_ZHTck4Kuar0rY-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-u8OMKntE2uHb9MTXGBpXDcJiV_ZHTck4Kuar0rY-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-u8OMKntE2uHb9MTXGBpXDcJiV_ZHTck4Kuar0rY-~A
date
Tue, 11 Oct 2022 07:26:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame F112
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-0d9c2378-00d5-3e48-9ed5-3ae86c9e0340
0
0
sync
ads.servenobid.com/ Frame F112
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
  • https://ads.servenobid.com/sync?pid=339&uid=y-u8OMKntE2uHb9MTXGBpXDcJiV_ZHTck4Kuar0rY-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-u8OMKntE2uHb9MTXGBpXDcJiV_ZHTck4Kuar0rY-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-u8OMKntE2uHb9MTXGBpXDcJiV_ZHTck4Kuar0rY-~A
date
Tue, 11 Oct 2022 07:26:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/usync/ Frame A79F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6c68086c0c61793
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000998.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 775E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000998.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=93830
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 11 Oct 2022 07:26:46 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 12 Oct 2022 09:30:36 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame 3E26 		63 B
392 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000998.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
5601e893a4a9a9e28f907fbb9ad3ccb60bed44e15b22c4ba17de6d7678e986f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 10 Nov 2022 07:26:46 GMT
usersync
x.serverbid.com/ Frame 3E26
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=35fd5867-5863-404c-bfff-e20bd33704dd&gdpr=&gdpr_consent=&us_privacy=
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=35fd5867-5863-404c-bfff-e20bd33704dd&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000998.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=35fd5867-5863-404c-bfff-e20bd33704dd&gdpr=&gdpr_consent=&us_privacy=
date
Tue, 11 Oct 2022 07:26:46 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
pixel
ap.lijit.com/ Frame 3E26 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000998.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 11 Oct 2022 07:26:46 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap7ams1
access-control-allow-methods
GET, POST, DELETE, PUT
um
cs.emxdgt.com/ Frame 3E26 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000998.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.8.202 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
content-length
0
content-type
text/html
usersync
x.serverbid.com/ Frame 3E26
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y0UatnkrBqXqVF.LQqIQHwAA%265166
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y0UatnkrBqXqVF.LQqIQHwAA%265166
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000998.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfS416JeiImE5LRhLiieZ%2BlqewlPasu188spzOPYrPino0sTnn0FimVNH4Kr5DCGJB3IJCLByiaurfIt%2FRNmLwZpDlLV3r%2BkQCvYDGeK8qGPD7%2FDehFrLaFexd7LCnY4%2FarQT9eKsWb3EA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y0UatnkrBqXqVF.LQqIQHwAA%265166
cache-control
no-cache
cf-ray
7585de972e5191d7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
prebid
rtb.openx.net/sync/ Frame 3E26 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000998.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:46 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
pl4o237tci2dhrpv8ri63td8aomt4qjf
usersync
x.serverbid.com/ Frame 3E26
Redirect Chain
  • https://sync.colossusssp.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=35e3a160-0c7d-4eec-8b51-eac25f39a870
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=35e3a160-0c7d-4eec-8b51-eac25f39a870
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000998.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:47 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=35e3a160-0c7d-4eec-8b51-eac25f39a870
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
usersync
x.serverbid.com/ Frame 3E26
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=371341291400357975
35 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=371341291400357975
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000998.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:46 GMT
AN-X-Request-Uuid
0c4e4957-0a5b-4891-aa8c-59baa63f915c
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=371341291400357975
Connection
keep-alive
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usa
sync.go.sonobi.com/ Frame 3E26 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000998.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:47 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-142
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 3E26
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ?verify=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000998.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
date
Tue, 11 Oct 2022 07:26:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch
ssum-sec.casalemedia.com/ Frame 57C7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14900162e3ba9ed49d6e1246a9620195f9b15513c05d2ca83960d0d9e0937461

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7585de972e4c91d7-FRA
content-encoding
br
content-type
text/html
date
Tue, 11 Oct 2022 07:26:46 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1oJPbPDJQ1nQOZ4ft7MyetQAZqmLNd%2F0fN%2BPIobIi004kG2WaHQMIc998hpyly6e6yYYNwFhrYEj1SPt7UajHBf74Wm2Fj3U01i4vSsvktROowwZ7LI6T7ZQ2W8pnDgZ%2Bp6EYf22xVoRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7585de96caba9a09-FRA
content-length
0
date
Tue, 11 Oct 2022 07:26:46 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igDQ4%2FELJ45MhvJtx4mh%2FaKpgAQ5S%2BOYJVmTUC8dOUmzN3RfFmrk%2FzXcO9KEJy3Px3PCcnCgr8469o2SwPgY4whNvTQk6faxeO5An%2BSgd9YTzie3Blzq2DJXgFV527eFxA2b0u4OCpMJnA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 35FB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Tue, 11 Oct 2022 07:26:46 GMT
etag
"40014-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 11 Oct 2022 07:26:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame D92A
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=371341291400357975
0
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=371341291400357975
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
99.86.4.29 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
HY29IC2olgs0GQgZ6HCQBw3LlDiA1VXpbNtk_7dAFCw-_ok42S594w==

Redirect headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:46 GMT
AN-X-Request-Uuid
472e341d-a04c-43cd-ba88-bdacfb93f175
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=371341291400357975
Connection
keep-alive
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame D92A 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:46 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame D92A
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-qtZ5iSBE2uFheHl5af1Mmu6Nm0YhS9PI~A
0
0
generic
match.adsrvr.org/track/cmf/ Frame D92A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 11 Oct 2022 07:26:46 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel.rubiconproject.com/exchange/ Frame D92A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
undertone
cs.admanmedia.com/sync/ Frame D92A 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.161 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 07:26:47 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
ImgSync
image8.pubmatic.com/AdServer/ Frame D92A 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame D92A 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 -, , ASN (),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 11 Oct 2022 07:26:46 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame D92A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-u8OMKntE2uHb9MTXGBpXDcJiV_ZHTck4Kuar0rY-~A
0
0
async_usersync
ib.adnxs.com/ Frame B0A2 		0
740 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:46 GMT
AN-X-Request-Uuid
ded093a7-277f-4e52-aff0-6e6e27b1c221
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame C0AD 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 22:38:47 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=78871
content-length
9421
expires
Wed, 12 Oct 2022 05:21:17 GMT
usersync
x.serverbid.com/ Frame 3E26 		35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=1&cspi=0&cn=22&dpui=3325a0c9-b419-483e-bc8e-e9e7b6ad643c
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000998.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
setuid
px.ads.linkedin.com/ Frame 13A2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L93VQQGC-K-LE52
0
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L93VQQGC-K-LE52
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 84FAC04241414FC59B239C2D2F9450AF Ref B: FRAEDGE1114 Ref C: 2022-10-11T07:26:46Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXqvTLjsSocQFQae5R2KQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L93VQQGC-K-LE52
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 13A2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWViYzZhMzM5NzRmNGNmZmNkMjdjZWY1YTg5NzNhYjUxMGY2ZmQ5OQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWViYzZhMzM5NzRmNGNmZmNkMjdjZWY1YTg5NzNhYjUxMGY2ZmQ5OQ
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWViYzZhMzM5NzRmNGNmZmNkMjdjZWY1YTg5NzNhYjUxMGY2ZmQ5OQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 13A2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 11 Oct 2022 07:26:46 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 13A2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIohDE4h4si8itI4h4PaC0c&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIohDE4h4si8itI4h4PaC0c&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIohDE4h4si8itI4h4PaC0c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 13A2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDkzVlFRR0MtSy1MRTUy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDkzVlFRR0MtSy1MRTUy
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDkzVlFRR0MtSy1MRTUy
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
s.amazon-adsystem.com/ Frame 13A2
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
0
0
tap.php
pixel.rubiconproject.com/ Frame 13A2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/bAfU2ZJF-Z31PqZw0rflpQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6058551009541296538
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6058551009541296538
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 11 Oct 2022 07:26:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6058551009541296538
content-length
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 13A2 		0
0
usync.js
eus.rubiconproject.com/ Frame 35FB 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 22:38:47 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=78871
content-length
9421
expires
Wed, 12 Oct 2022 05:21:17 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame C0AD 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L93VQQGC-K-LE52
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
2dd9fa24169fa04536d533da131679f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame 35FB 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=L93VQQGC-K-LE52
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usermatchredir
ssum-sec.casalemedia.com/ Frame 285A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0UatsleTwMceJ717G2WiAAAFCsAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEN6swIapX8l7HhC7CfQatxs&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEN6swIapX8l7HhC7CfQatxs&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIlgPR1MbL5gHpUBI3s5n2%2BLcR6oqnwB7JoWrXXO7PeAzHKBw2WA4QpcFHKTuAxDW2pXbJYOoqz38W5ITtszFqMdyT1CinKPlULw5r7oqX1S%2FVnQizu3NlFj1356oGj%2BFv0%2BjxbUp%2FbDfA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7585de97bf0391d7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEN6swIapX8l7HhC7CfQatxs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 285A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 11 Oct 2022 07:26:46 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 285A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0UatnkrBqXqVF.LQqIQHwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEKrHdqI8oBmwLIepSz_u18&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEKrHdqI8oBmwLIepSz_u18&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEKrHdqI8oBmwLIepSz_u18&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 285A 		0
0
crum
dsum-sec.casalemedia.com/ Frame 285A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4247532446704389249&expiration=1666655915
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4247532446704389249&expiration=1666655915
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4247532446704389249&expiration=1666655915
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame 285A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3061077339493813758
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3061077339493813758
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3061077339493813758
pragma
no-cache
date
Tue, 11 Oct 2022 07:26:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 285A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=9hxgKiiV1OI9F55
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=9hxgKiiV1OI9F55
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:46 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0a4402c7ccc8b73ba@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=9hxgKiiV1OI9F55
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 285A
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y0UatsleTwMceJ717G2WiAAA%265163?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y0UatsleTwMceJ717G2WiAAA%265163
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y0UatsleTwMceJ717G2WiAAA%265163
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
34.250.104.41 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v044-0cc10ed06.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
QAcWJK2SRlU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v044-0250f6bca.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
vZwwdUR4S94=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y0UatsleTwMceJ717G2WiAAA%265163
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
ads.servenobid.com/ Frame 285A 		0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y0UatsleTwMceJ717G2WiAAAFCsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 57C7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0UatnkrBqXqVF.LQqIQHwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEKrHdqI8oBmwLIepSz_u18&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEKrHdqI8oBmwLIepSz_u18&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEKrHdqI8oBmwLIepSz_u18&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 57C7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0UatnkrBqXqVF-LQqIQHwAAFC4AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEN6swIapX8l7HhC7CfQatxs&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEN6swIapX8l7HhC7CfQatxs&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37xG9mJFIf%2FhtRAcEgH9v%2B8kDlakO99HZpyfUQR3rnRc2fVsrVqUinLIuP5r6vjneITxEFTnPGeCiExkeyx5lneuRX0NweuRazkSjHsSXjzyuGgw9plo%2F0POkR2l6aonN%2Fyxw5jLR8OYfw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7585de97bf0d91d7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEN6swIapX8l7HhC7CfQatxs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 57C7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 11 Oct 2022 07:26:46 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 57C7 		0
0
crum
dsum-sec.casalemedia.com/ Frame 57C7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7259766758934301729&expiration=1666682807
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7259766758934301729&expiration=1666682807
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 07:26:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7259766758934301729&expiration=1666682807
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum.casalemedia.com/ Frame 57C7
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=00c3a511-ea30-5026-f8dd3cc1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=00c3a511-ea30-5026-f8dd3cc1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Tue, 11 Oct 2022 07:26:47 GMT
via
1.1 google
server
nginx/1.22.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=00c3a511-ea30-5026-f8dd3cc1
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
rum
dsum-sec.casalemedia.com/ Frame 57C7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y0UatwAAAuKd1gAK
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0UatwAAAuKd1gAK&_test=Y0UatwAAAuKd1gAK
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0UatwAAAuKd1gAK&_test=Y0UatwAAAuKd1gAK
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 07:26:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn4058-HHN
pragma
no-cache
date
Tue, 11 Oct 2022 07:26:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1665473207.179899,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0UatwAAAuKd1gAK&_test=Y0UatwAAAuKd1gAK
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Y0UatnkrBqXqVF-LQqIQHwAAFC4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 57C7 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y0UatnkrBqXqVF-LQqIQHwAAFC4AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:d9a0:8a83:a4c7:eb08 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
usr.undertone.com/userPixel/ Frame 57C7 		0
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=Y0UatnkrBqXqVF-LQqIQHwAAFC4AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.29 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:46 GMT
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
5oOtjEhfaGT3tdIgrWjUhqh0WBNm8FG2ToNQmjF1O-zpaxoXWumKEw==
sync
ads.servenobid.com/ Frame 620B 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=1013136425623322168&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 620B 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 620B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y0UatwAA_-dLkABe&gdpr=0&gdpr_consent=&_test=Y0UatwAA_-dLkABe
0
0
rtset
bh.contextweb.com/bh/ Frame 620B 		0
0
711890.gif
id.rlcdn.com/ Frame 620B 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 07:26:47 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
a4914687c0347bbdb5e9d15adc86060a.safeframe.googlesyndication.com
URL
https://a4914687c0347bbdb5e9d15adc86060a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l93vqsiz&c=6574984105079&slotId=3287492052539.5&fb=ima_html5-lima&sdkv=h.3.538.0&mrd=4&aab=1&itv=1&uet=2&met.4=err.l93vqt1b&aec=901&rec=loaded-1%7Cshow_ad-1%7CskippableStateChanged-1%7Cerror-1%7CverificationNotExecuted-1
Domain
fid.agkn.com
URL
https://fid.agkn.com/f?e=&m=&p=&i4=&i6=&ia=&iv=&apiKey=2126040846&r=https%3A%2F%2Fwww.nhradiv3.com%2F
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=13454
Domain
cdn.undertone.com
URL
https://cdn.undertone.com/js/usersync.html
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aHkklUYZCr6BvoaKkGJozW&gdpr_consent=undefined&us_privacy=undefined
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=346&uid=ua-0d9c2378-00d5-3e48-9ed5-3ae86c9e0340
Domain
usr.undertone.com
URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-qtZ5iSBE2uFheHl5af1Mmu6Nm0YhS9PI~A
Domain
usr.undertone.com
URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-u8OMKntE2uHb9MTXGBpXDcJiV_ZHTck4Kuar0rY-~A
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0UatsleTwMceJ717G2WiAAAFCsAAAAB
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0UatnkrBqXqVF-LQqIQHwAAFC4AAAAB
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent=
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y0UatwAA_-dLkABe&gdpr=0&gdpr_consent=&_test=Y0UatwAA_-dLkABe
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| google_analytics_uacct function| GS_googleAddAdSenseService function| GS_googleEnableAllServices function| GS_googleResetAllServices function| GS_googleGetIdsForAdSenseService function| GS_googleFindService function| GS_googleGetExpIdsForAdSense object| GS_googleServiceIds_ function| GA_googleSetCookieOptions function| GA_googleSetTagForChildDirectedTreatment function| GA_googleAddSlot function| GA_googleFetchAds function| GA_googleUseIframeRendering function| GA_googleUseFriendlyIframeRendering function| GA_googleUseFriendlyIframeSRARendering function| GA_googleUseSyncSRARendering function| GA_googleDomainResetUrl function| GA_googleFillSlot function| GA_googleFillSlotWithSize function| GA_googleResetAll function| GA_googleNoFetch function| GA_googleDelayFetch function| GA_googleAddAttr function| GA_googleAddAdSensePageAttr function| GA_googleAddAdSenseSlotAttr function| GA_googleCreateDomIframe function| GA_googleSetAdContentsBySlot function| GA_googleSetAdContentsBySlotForSync function| GA_googleSetAdContentsBySlotForAsync function| GA_googleSyncAdSlotLoaded function| GA_googleReallyFetchAds function| GA_GoogleAdSlotContent function| GA_CookieInfo object| GA_jstiming object| GA_googleEnv object| googletag object| _gaq number| global_div_len string| global_div_name function| startTimeout function| resetTimeout function| DoHide function| Show_Layer function| MM_preloadImages function| MM_swapImgRestore function| MM_findObj function| MM_swapImage function| MM_jumpMenu function| MM_openBrWindow function| MM_reloadPage string| browser string| os string| version string| ie string| net6 string| netscape string| mac object| _gat object| gaGlobal string| ds_checkpoint object| vx object| B64 function| pad object| B64URL object| _qevents number| norm object| ggeac object| google_tag_data object| google_js_reporting_queue function| quantserve function| __qc object| ezt object| _qoptions function| qtrack undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| FB function| WinOpen object| dataLayer number| infolinks_pid number| infolinks_wsid boolean| IL_INIT object| $iceboot object| INFOLINKS function| _defineProperty function| _typeof object| __buffer object| google_tag_manager function| postscribe object| google_tag_manager_external string| adroll_adv_id string| adroll_pix_id function| gtag object| _elqQ number| $iceId object| sifi_att_42656 object| elqCookieValue object| _elq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| url function| ds_ct435918 object| replaced string| ct3p function| vxtracke21d5667-971a-413a-b7dd-26052773c804 function| dvptrack function| tdValidator function| adjPos function| ds_trace_e21d5667-971a-413a-b7dd-26052773c804 function| vxvideojsinit object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google function| ds_dvp_next function| ds_dvp_previous number| tmpval function| ds_ctwrap327774 function| ds_float_close function| ILVideo object| closure_lm_34037 number| dock_pos boolean| __adroll_loaded object| GoogleGcLKhOms string| adroll_sid object| adroll object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| adroll_exp_list object| __adroll_consent_data object| closure_lm_779050 boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| google_image_requests

41 Cookies

Domain/Path Name / Value
www.nhradiv3.com/ Name: ASPSESSIONIDQQCTRQQB
Value: MIPFLNACGLJMIIPINGPAHHMG
.nhradiv3.com/ Name: __utma
Value: 195837427.1192785320.1665473200.1665473200.1665473200.1
.nhradiv3.com/ Name: __utmc
Value: 195837427
.nhradiv3.com/ Name: __utmz
Value: 195837427.1665473200.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.nhradiv3.com/ Name: __utmt
Value: 1
.nhradiv3.com/ Name: __utmb
Value: 195837427.1.10.1665473200
www.nhradiv3.com/ Name: qcSxc
Value: 1665473200081
.quantserve.com/ Name: mc
Value: 63451ab0-16c82-efac0-50799
.nhradiv3.com/ Name: __qca
Value: P0-616770960-1665473200076
.jsrdn.com/ Name: u
Value: c937ae6d-60e1-487e-915c-7e272ab22066
www.nhradiv3.com/ Name: logglytrackingsession
Value: f6c370de-cc7c-4a63-b773-2ea5e701d84c
.doubleclick.net/ Name: IDE
Value: AHWqTUmA21Y1wBiajq3Jg-brJJSiDiKCV66jB72ZL6-DY6DKHhwBnl1HgSIHxKZl28w
.infolinks.com/ Name: cuid
Value: dcbb7b69-5170-41ad-b669-c8c1aae0db87
.simpli.fi/ Name: suid
Value: 296F729EAA314D1DB5165856AC5F0422
.nhradiv3.com/ Name: _gcl_au
Value: 1.1.1346386976.1665473200
pixel.westseven.media/ Name: AWSELBCORS
Value: E91B97D918E2B429133E33AC4397187C78F2933F03A6FF20BF31CF0CF6A4C03CFAFF71DE7EB7E02D9B35CEF7692729B24AED56356AE049EC55A6226A4886F6ED265238BEB3
www.nhradiv3.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.nhradiv3.com/ Name: pbjs_sharedId
Value: 44f236fb-03ec-4146-9837-1c2f093c7747
.prebid.a-mo.net/ Name: __amc
Value: 1_1665473200_1665473200
.rubiconproject.com/ Name: khaos
Value: L93VQQGC-K-LE52
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB3F1ckmfrcPM7RHKV/Y9AOYB3Biw5iW/3ro4Z83o8qTkpYV6PgDJ36zTOWVJjNMlDBAmTjrKRJQJOBxGCOXoSK1YzcD7WF5tm/c6UO785F0Pw==
.adnxs.com/ Name: uuid2
Value: 371341291400357975
.go.sonobi.com/ Name: HAPLB8G
Value: s8530|Y0Uat
.serverbid.com/ Name: CONSUMABLEID
Value: bcf46583b1bb4593b46583b1bbc593e4
.nhradiv3.com/ Name: __gads
Value: ID=a68206ccf6e6692b:T=1665473200:S=ALNI_MZ7JdwjlrNT1CoyyMrMAfdD-OLVIQ
.adnxs.com/ Name: icu
Value: ChgIlZ91EAoYASABKAEwsbWUmgY4AUABSAEKGQiuloQBEAoYASABKAEwsbWUmgY4AUABSAEQsbWUmgYYAQ..
.simpli.fi/ Name: uid_syncd_secure
Value: true
.tapad.com/ Name: TapAd_TS
Value: 1665473202054
.tapad.com/ Name: TapAd_DID
Value: f519d6f6-2635-4443-9768-72dde60857c2
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2In5jZ^vD!]tbPl1N!7On*M$=BWbygl#vfifhfrk`1VYi+J/Zi-4#ZjFLAsjFTjMfDOckjl`w]/X%W#.wL4W1Qw1scdHv6
.agkn.com/ Name: ab
Value: 0001%3AmjZgl%2FZD7cd2YXRrc5X%2BbM4of2wLkw0z
.pro-market.net/ Name: anProfile
Value: "-1wz1expr0rj0g+1+1f=1+1g=1+1j=41+rs=s+rt=20010AC800200301000000000000201E+s2=(rjkvci)+vm=24-296F729EAA314D1DB5165856AC5F0422"
.pro-market.net/ Name: anHistory
Value: "-1wz1expr0rj0g+2+!#7')%3!WcI"
.agkn.com/ Name: u
Value: C|0AAAAAAAAKtfXMgAAAAAA
.exelator.com/ Name: EE
Value: "b6a015e8a2c2b1f7d3218aacbf08987e"
.spotxchange.com/ Name: audience
Value: 0d938093-4936-11ed-81fa-1ee5b9e10206
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHJLNHA0DTVItEo2SjJMM08xdjI0CIxMTkpzcDC0sI8dXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAbEl%252BUWb6IhfXxUUpaQyLSopPBR989AMAwJIrhw%253D%253D"
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.bfmio.com/ Name: __141_cid
Value: 296F729EAA314D1DB5165856AC5F0422
.bfmio.com/ Name: __io_cid
Value: 7ad3c46b5b2bf3a84652aaef842e71574fec5910

14 Console Messages

Source Level URL
Text
security warning URL: https://www.nhradiv3.com/
Message:
Mixed Content: The page at 'https://www.nhradiv3.com/' was loaded over HTTPS, but requested an insecure element 'http://www.nhra.net/images/LODRS-livetiming.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.nhradiv3.com/(Line 162)
Message:
Mixed Content: The page at 'https://www.nhradiv3.com/' was loaded over HTTPS, but requested an insecure element 'http://www.nhra.net/images/LODRS-livetiming.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=296F729EAA314D1DB5165856AC5F0422
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://idsync.rlcdn.com/419566.gif?partner_uid=296F729EAA314D1DB5165856AC5F0422
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-9078385104242586880
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://www.nhradiv3.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13454' from origin 'https://www.nhradiv3.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13454
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.nhradiv3.com/
Message:
Access to XMLHttpRequest at 'https://cdn.undertone.com/js/usersync.html' from origin 'https://www.nhradiv3.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.undertone.com/js/usersync.html
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.nhradiv3.com/
Message:
Access to XMLHttpRequest at 'https://fid.agkn.com/f?e=&m=&p=&i4=&i6=&ia=&iv=&apiKey=2126040846&r=https%3A%2F%2Fwww.nhradiv3.com%2F' from origin 'https://www.nhradiv3.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://fid.agkn.com/f?e=&m=&p=&i4=&i6=&ia=&iv=&apiKey=2126040846&r=https%3A%2F%2Fwww.nhradiv3.com%2F
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.jsrdn.com
a4914687c0347bbdb5e9d15adc86060a.safeframe.googlesyndication.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
ads.rubiconproject.com
ads.servenobid.com
adservice.google.com
adservice.google.de
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
as-sec.casalemedia.com
bcp.crwdcntrl.net
bh.contextweb.com
biddr.brealtime.com
btlr.sharethrough.com
c.jsrdn.com
c1.adform.net
c2shb.pubgw.yahoo.com
c5x8i7c7.ssl.hwcdn.net
cdn.undertone.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
cs.admanmedia.com
cs.emxdgt.com
csi.gstatic.com
d.adroll.com
d.agkn.com
d13l4u7pe64ymo.cloudfront.net
data.ad-score.com
ddca18801632163d7aa3aeeeed31408b.safeframe.googlesyndication.com
distroscale-d.openx.net
distroscale.s3.amazonaws.com
dl.westseven.media
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fei.pro-market.net
fid.agkn.com
g2.gumgum.com
googleads.g.doubleclick.net
hb.emxdgt.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
i.jsrdn.com
i.simpli.fi
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
img.en25.com
js-sec.indexww.com
js.ad-score.com
lexicon.33across.com
loadm.exelator.com
match.adsrvr.org
onetag-sys.com
optimized-by.rubiconproject.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.westseven.media
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
prebid.a-mo.net
public.servenobid.com
px.ads.linkedin.com
pxl.qccerttest.com
reachms.bfmio.com
resources.infolinks.com
router.infolinks.com
rt3060.infolinks.com
rtb-csync.smartadserver.com
rtb.openx.net
rtkio-d.openx.net
rules.quantcount.com
s.adroll.com
s.amazon-adsystem.com
s.jsrdn.com
s0.2mdn.net
s3-us-west-2.amazonaws.com
scontent-frt3-1.xx.fbcdn.net
scontent-frt3-2.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
scontent.xx.fbcdn.net
search.spotxchange.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
simplifi.partners.tremorhub.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.colossusssp.com
sync.go.sonobi.com
sync.intentiq.com
sync.search.spotxchange.com
sync.serverbid.com
t.nhra.com
tag.1rx.io
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
video-ads.rubiconproject.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.nhra.net
www.nhradiv3.com
x.serverbid.com
x.yieldlift.com
a4914687c0347bbdb5e9d15adc86060a.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ads.servenobid.com
api.rlcdn.com
bh.contextweb.com
cdn.undertone.com
csi.gstatic.com
fid.agkn.com
g2.gumgum.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
ssc-cms.33across.com
usr.undertone.com
104.17.119.107
104.18.18.126
104.18.19.126
104.36.115.111
13.248.245.213
13.32.27.101
130.211.115.4
142.0.165.136
142.250.186.130
142.250.186.162
143.204.215.70
147.75.85.234
151.101.194.49
151.101.65.108
159.89.246.130
162.19.138.117
169.50.137.176
172.66.41.9
172.66.42.247
18.157.93.190
18.158.3.76
18.158.8.202
18.194.34.97
18.66.122.33
184.24.9.113
185.64.190.78
185.64.190.79
185.80.39.216
185.86.137.107
185.94.180.123
185.94.180.125
193.0.160.128
2001:4860:4802:32::3
2001:678:cb4:bbbb::11
205.185.216.42
213.19.147.43
213.19.147.45
216.52.2.39
216.52.2.48
23.203.75.149
23.203.77.3
2600:1901:0:8344::
2600:1901:0:8eee::
2600:1f18:612b:4232:db70:d7f4:4d01:ba2d
2600:9000:2057:6800:a:deb0:3380:93a1
2600:9000:2057:e400:6:44e3:f8c0:93a1
2600:9000:214f:6a00:11:615:7240:93a1
2600:9000:21f3:7400:1f:2473:9080:93a1
2600:9000:223e:1600:1:c325:9400:21
2600:9000:225e:c200:6:9280:1080:93a1
2602:803:c004:200::141
2606:4700:3036::6815:1b50
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:21::14
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9d
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:d29:3601:d9a0:8a83:a4c7:eb08
2a06:98c1:3121::3
3.120.204.36
3.123.131.30
3.124.130.212
3.126.56.137
3.230.66.159
3.33.220.150
3.5.79.185
3.66.143.217
3.73.155.254
3.84.56.220
34.111.151.213
34.120.133.55
34.149.20.76
34.248.37.242
34.250.104.41
34.91.62.186
34.95.69.49
34.98.64.218
35.174.160.208
35.227.248.159
35.227.252.103
35.244.174.68
37.157.6.241
37.252.173.38
51.89.9.252
52.175.198.241
52.200.250.89
52.214.200.155
52.28.203.152
52.28.226.242
52.92.192.233
54.216.193.48
54.76.25.229
54.78.254.47
66.155.71.25
69.166.1.12
69.166.1.9
69.173.144.138
69.173.144.165
69.192.160.219
8.2.111.121
8.43.72.98
80.77.87.161
88.221.168.201
88.221.168.248
99.86.4.14
99.86.4.29
99.86.4.51
00f3c1fd33c433a3282b8070325a29a69431d377374753fc9ad68d18a2825876
00f8fe54fe21ece4173951889d11b493a50d91704dffb96704099b8a51d302c7
013c21084c7d32c57dbf56e6e77eb90449139f4e521b4c22e792f863ecfe3315
01ff58a54c4b3d018ad5a03373dc771769293669b06df3ca8aafa2ff5d1586fb
080cf118febb9e5723fb94d1f1a4f8f9523bb8b4c7f0d7760bb9a1b745559815
09bfebef3ab9e81e4d60ce233d1c9c5cfd2adb7691c80a683db41cb66ccc03be
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fe1d30c889f6f022c60764c0561d1d6a6bb2e76a5a70bd53bd34e913ba4c85d
0feffac770a0daff6a903ae7d752927821130786ca7f678a7710540bae603007
10ab3f3fd4aec35a9f26e104e9a33b7dc6a2e09dc7a27a718daf8c40ad3c7740
113de9af6be5f372987d0a76d8d7ed5361057be93c01f8255417569e5ded6488
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13a8f3a0120b440cd2c9db11827363be32f67eecd8903bf3af135541c9ad2750
14900162e3ba9ed49d6e1246a9620195f9b15513c05d2ca83960d0d9e0937461
161baa24e3ee3c38e514b1c344e82e9a0e112bd3fc5536da23035bdd4ce2ec52
16aa6fa9cafd57e49fdc06346467d51a96cd4852d0a40dd7a29785ed62a9a23d
17cf5e7d9b0e491bf5d1056b5e1494bb94a8fbc430fa78c9fd216fcd7e8d1976
1a447c6458793f13aa9efa1c63b07560c595250306a2475d1434fe38bdd43aa6
1ef3f69f8a075599b94a919bc7fe788bd04007d9eaee72ed385ad2d74f774ab8
2201858ed70c2c137b991c9ef55e542211a7321c5ab8b9f5e1ef9459aea16bb3
239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26e028311dfa947caaab7d59ce535b7a7557ed0ada0692862a20987e934bf816
27860bbd92fc2f77d8f4c4b0c01ab7649cc8002ad183240e7289338d217b0566
28a4cd6f6005a5e95d8621052da5aaf6029eaf28ddcb4b8d7ef4c770ab07053d
29831e5bf5c6abf8b85b9d639ff851fc09a170efacca51141c579b4c916d4b0f
29abb6d5b0f62282c540854a86abc5ef15ca81b89404d220408c841947c77832
2c5d5f321e2acc7f8885685ddea6762577cda47a13aa0b3ca07d599681fcec51
2e8db71249f82bb7584f1a2b6744275d18a4b5940ec8d48da133c65e81d5a23b
2ef7df6d42699a874e46ca5645621a3f6f73fbd739d0cd35414c952f579a65f7
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30c448ea076aed1627a1e2a02b49f3be2402f2aafdcc41c5628b54dca4331c86
32a08506863a82e34414783be32a552ede148c823389374253f9c18769ab53e3
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
36b8ba6d8daab27f21a23b6f0deb326d45c7ffa2ca328f7149e0022297101006
3755aaf2199e97118e0f6d1e1da5cde26628db0349cb7c6b3f861cdea9c15e8c
3cb321beb4e1198c536e26a5539880ea0b01bdb15b4e1c3af20f599dbb3ca1bc
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dbf60ceccdb53078aafba7c52593670b5dd6d9257817e7f5387ff882cfab6a6
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678
46f95482bdc400cf976607354fdd5538310f23c62b86ba71feec100923a6333f
479ddcec56d4346b5b0ca3966649261a722f61d05c5f9de792caed8653f8d6a5
4889509b33a1f28a706f744883f0dbbc6a07df7df4ab6298d89665a5614f4aba
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49aab07e28efdc6849024544991908deb59711cc0d5c8dba3e9fbcd366fe8642
4b1487311059b012bdb40fe2fc60cb474a95a40f5163a7c0037752f9edfd085e
4b20a1c974ff3b1ed285cdb2e7e1847f27f9f35c772d89b76e1529bec82074c6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba8f26f2981d7e02030eaff9c6869eedd2de20e9d261dae7bcb8535f84d7b50
4bf3ed33c46fc01b4e9e88a7a471246795a6409a599cb494897b22dab8fa9a14
4c01bda88c70f4508fe21057233d32a63b91052cac425a9027a1f930866d4e33
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f6f93edd526b29a826d8b9574ef738479c04fff574ecb9237d4e76f1e045063
503c356c452675784d5146c730e538ee5ecb6d55a3d0df952dc48206b7da4bf8
5055d789e446e7d2e813897e76d9cc349957122687cc0efda766042db6780c05
552cb0774e5fc38e620aa708c6863f3a81f798a2f72d793eba342d15f2e313d9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5601e893a4a9a9e28f907fbb9ad3ccb60bed44e15b22c4ba17de6d7678e986f8
568677ea58d16bdebaa76ea6cb62952dbbf4a424f10c8ed71388da50cd067d5c
571d45abc44429e513c9497298c9440a02f2130cbce5bd2ddc15b059ccbf89af
58ec48e97331b23e6812cd4e9f7b4361792963c8d4c4a24d431fec6304d7ebce
597948e92d8d285af88f18c308dc6875e387e202efeff8d323ef02a54f9e63e9
5ddf107c589c8b282902b1fc3fede9df1f5bad0aa0fce25890ae9d789c1b5985
5e4a359f6a75eb1d6d2bfeeb9eec2cceb8542ef7e06e075fb5eff08e15b91acf
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5ea71bd07e560ea69f4bf12e5e48de530ce4a977ee361ed45ddcb581b060fd6c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6060578c7185aef392f17eb4c294523a6fdf2d8c5fea176198b698dc9eca6914
60ef247c83212131d8df85f03f48a9526d0b449dc51121e93f761073759e4e01
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6643419773399f35ea4422bfa8f1eaf37bb0d2c1855bbdd5fac482086a1e0b2a
665b576bb6ec0b57622637f11b20028288c6318d06180e45a4722cf293c832ad
6674d72a10a639ac255748dbf5276d5631d4627a57a07f790aa9a06dc375329d
66d966aa6b9290ac940d27ec02e524e2c263436de84f9b676e8ba378dfdcc5d2
688c6682aaecc286cace7203222da7ecb12375f4be079315082da50c7e461fc1
6a0913cd9397f187662a491ca08dcf87340fc98f5d97795747f4ed94581bb604
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
77255410684dbbba858c6fabae907a3e8ab1b2a85e43a0ca144fd723d1400327
773c92391f50b9d96b85337afa1db9c6be81a4bf3c7bad28edd766cf2280f43c
78002f95b0b48199f5ef4956a0c69940cf47d68bf0ff0b5b955bec18e1d73128
7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5
79cebb8fa2c904fd97ad5f9abffffe45797566e953824a1d92957d4dce4b4207
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
7f30b3d3045a1b31f3b614f6a7d2101dafdeaf3c248517fab52d35786230b915
82daa5ee932366c92aa98d1394cb275ca0052cdabbd4f0329ba76c8c6799419d
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
87c45fbd9445b4c8eb070c1fda1f5507515857c593fe5fb5041438b063171231
885da2a870d07585756c1bc62e0b6c9aa45a799cf7e8646c6dd933fd90587b89
89ac04739a9b5dbb57db5daf5f4646f2cbbe1617cc1a94f589c024c8ab9e241b
8ae9ce416a33c08e0783a802898c49d8a6316985ef7556644b7f5b9f4d4b05fe
8b10eb49fffbf252ba2221eacdae39b09a21a457c32aa27dbcf7d7e6e5ef99b6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ecd6521c5e5e413b55387d23e819743905d72ffbf5a770805b2373976535947
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
95cad8180ece1b86a94589c2cb685a2dd04488a3100f9dad74d9206016fb7b97
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
971af732735583e44dc15f2dab13e776493306a083ea65872a220249d506c2af
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
9b73ce322de806369e6127542882897aaf57d5f74ddeace9639752da86343937
9c6828208be8cf3792c5f1997b7f46808a3dea1d5110874dc0f05af2fd405231
9d84e609f83ce654233e71c1a1ea7321f73479b0126d2cbbf216e18add331d23
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a27b468a2df8a5bde60b849ac90200941abca02ff82b5c2d2db1ee4b63d2805c
a30db67d34a1019aea4ebdf494383f14e7c85fdc7276213a20c03f82a6a9ad94
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6510ef653683c5505f61efcbc4e20c133b2a341e165910ff132d417fc036ecb
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8469d54de753d0d34184e3c351f43fc0898e55fcafceae4a1e7f9708d65553f
a9373fa8fd8e7335fb14a36ea9a27e28b7bd7eddd5fce53fa73a9432b66b0daf
abf54698be78bc9150977ec37944810ffab3c5de90ebd8e5a0864949a3c52b29
acfb10ea6d2de34921a847e61ee9deab4bf80d30be1c6b7a56657dc5823dff3e
ae938820655d8afb2bcaac1a4c8e03cb464fd7cf04c3f4c9f9ce7917eae728c0
af961d5af0618c1a63864bde4f25b67b83150cc1430d3f4bfb6f7d6e197f42a3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f
b2fc921a69e4476f5b042b145da997f48362c01c8e7c4c74a068e32e1fb8656a
b6aef553184ecd56a40aca2fa3ab1f70be1cd916bba5b9c3ebe76a12d590b3d1
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21
b74e3a5cbb025fd5c94d8ec8218fafd0a5fec13a264aab8e98a4a2bbcdf143b3
b7cd53cdc07547dca816c9adea434b071d4b0698cd4bcf807c2cb1e63c646f71
b96d3e212909435e29f51cf57dff176d7b33082622adb969ee9fee6d23825d66
bb0cc36f540151ca95702377e442fe57f1333c497551d361b73d03ee0cc2ea4a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc74a8c9acd7b3d25a0e79efcf37b1cddbdeef3cde338e5a8e487b012daea8da
bcc8fe6e663527cb12acf8c959541d03a8598fdc10f815cc5d49f30398ef3bb8
bde72f76a4afcf1381ae8e7bef6a5a916228798a73944c6b0185a5ff67c9c56a
bf090ca527777b9180254b2378d59ee5b8072248eae8b2e085ec74d7a3b74400
bf13f47eaa9fcb43ebdee6f32e56efa6db08b3e3fc27c80bdc1703a461070242
bf24e6b91790fe431ac197de3245922f64ae9ff253297d6993b24082c1451b69
c079b05f2d85439c3dcd32b4983b8273ed5591525c19d45766e91ad44cf81676
c0fe02ce8c487dc8c704859d043bdbb9a2591381d86ac96854dbe64c4c619569
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c2e04b7d8e9504a713345b02df2bfd5cc241b78f53c1f0eb5ef549d83d84cbbf
c40ecc8b5b38b70d900cc52fdd17a28e1decb10c20fea5628115e63db2aa3a63
c646700cb82cfb8e4b1914efbc7d3d360beca16530bd984ee353ed8693a965a4
c66106e28104a8921e6bb9324d7b6ecf0db9495c86d3f89ffa09a84ded47aa05
c6aeac2edda18ddf18f3f335692c5e86a5510ad229fec7e2b8320932c2161f20
c7297992a1ed78e9c1a6022bbfe2b20b49f6540df4c483d1c1881836ecab3a9f
c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46
c8ad707b5566e617ea5386973198e0f83f91b196d26768b34a0e9f4dffaafb99
c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604
ca75a540508fdc3e4c0d7dd0a674d33598f0c08ebe9ed5fadb4131b131c6c0be
ca87ed3e3483f6943adebcc7bdebf198e6d5b2e0bdaa01ca1bec9338c3dd7c3a
cdee55a0f2c8717df6ca320512ab57001f4f9c30e6c6738b244c681bf8ec8e85
cebc7a80f5ac30f4c8c7e298fe437356fb12ea8a2d639fb0945e985969ca90ca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d8c5a199bad5eee1aa84028454cc53d4f5e5d869e7a2b6b0faab991a81745cdb
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db98c3c94cf1b7046dd5c41d263f75a283bde2f3eb797bbedb8afe8c26cb3799
de7d9b5228ada11d50850c72cd4c790b5891dec017aaa9c85085de852c404afc
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
e05e1947b97d645f4408f770bc810f726e4557b616bd7334a3d6e7515963af1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3eb6b450e09da3c00ba344a44a690b004402dc62ddf0d3cf3bbdec5ab33310e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5be34f84221bc8adcc1429b74b11bb2d2e8034461a6092e0904826ce353f0f6
e730b7b19e0f9a88bc52e42a989d3a9a178391bfc640598342f46adf87e99a27
e760f8892fd5a20e96cedae24c3cff0a9d8078fa9c3b5fcfb956bc131b1a7e62
eaca0fb0be4c00a5add8575e92bddc641057ee578b8c75641cf8c36018543142
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed7ea80e39acd0f81e4efd2153c97474ab5aceb7b29e5d3e895b718ba40cc155
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f2ac6eb3979120e56bceea1fb3c439c1dd2197a49433bf7609d10162c3f3304f
f3ea06ff6c2aed3937ddc8c79d050857ecb303192ae930efc0054df26f9bdc70
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f45c8486e50b0bb2fbc647301b45bd39a54beeb23a28e0f0d53048daebbb3868
f495cb2f022e8ff68082dd36850fac9e9c4116cd75a4adb6d9be16763c111246
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f5ac6348585afe084ad84bb4b456717fd946101219e1f3c16f266745dc80b0d4
f633cabe0542a793ac431805f2316d0bb6e4a42431689764508b30eaca42bfa6
fa1a63a6d7a3ada257a3a65170334864a6f9bfb2ee281cf66a888f3f775f9700
faf79cb9e29372a0c931d3c576f286c1ae40f22a5c24c089ab51e06685775660
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fc7d3839cd9755d4ee4c8239f0246a00fc9b7db5d0d5ec8720c12be8680d3f6e
fc91d3398d51237f839282c9442a86327679eb2ae3190e191ea84a5079d6db76
fcdaa4a9116d5ab88233e3349fea2428f2a4c46b3538900117cef9c8c1d31f0c
ff0422891d94af315ddead2900276fc49c69b0830875a8fc5fb9592ffdae63e3
ffaa2aed5c7db3e8173c1d27de726b447707cbb6b7852f131cce65f595a7c2ba