urlscan.io logo urlscan.io
SecurityTrails logo

gf.nd.gov Open in urlscan Pro
165.234.159.62  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gf.nd.gov//hunting//
Effective URL: https://gf.nd.gov/hunting
Submission: On July 31 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 1 countries across 33 domains to perform 65 HTTP transactions. The main IP is 165.234.159.62, located in Devils Lake, United States and belongs to NDIN-STATE, US. The main domain is gf.nd.gov.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on October 4th 2023. Valid for: a year.
This is the only time gf.nd.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 165.234.159.62 19530 (NDIN-STATE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 165.234.159.38 19530 (NDIN-STATE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 34.86.70.109 396982 (GOOGLE-CL...)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 2 142.251.111.155 15169 (GOOGLE)
2 172.253.115.104 15169 (GOOGLE)
2 2a03:2880:f10... 32934 (FACEBOOK)
22 25 35.236.220.17 396982 (GOOGLE-CL...)
1 1 2600:9000:230... 16509 (AMAZON-02)
1 54.211.213.240 14618 (AMAZON-AES)
2 3 69.194.240.13 26120 (RHYTHMONE)
1 2 35.71.139.29 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 13.249.39.128 16509 (AMAZON-02)
1 1 2600:9000:219... 16509 (AMAZON-02)
1 2600:9000:207... 16509 (AMAZON-02)
1 207.65.37.184 62713 (AS-PUBMATIC)
1 63.251.28.231 13789 (INTERNAP-...)
2 3 2600:1901:0:8... 396982 (GOOGLE-CL...)
3 3 172.253.115.155 15169 (GOOGLE)
1 2 52.0.156.250 14618 (AMAZON-AES)
1 2 3.225.218.10 14618 (AMAZON-AES)
1 52.201.36.253 14618 (AMAZON-AES)
1 23.55.200.222 16625 (AKAMAI-AS)
1 2 35.169.151.38 14618 (AMAZON-AES)
1 2 44.199.145.123 14618 (AMAZON-AES)
2 2 35.244.154.8 15169 (GOOGLE)
1 1 107.178.254.65 15169 (GOOGLE)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 142.250.31.155 15169 (GOOGLE)
1 2 68.67.179.166 29990 (ASN-APPNEX)
1 69.173.151.100 26667 (RUBICONPR...)
1 2 35.244.159.8 396982 (GOOGLE-CL...)
65 29
28    165.234.159.62 (Devils Lake, United States)

ASN19530 (NDIN-STATE, US)
gf.nd.gov
3    2607:f8b0:4004:c0b::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    165.234.159.38 (Devils Lake, United States)

ASN19530 (NDIN-STATE, US)
www.nd.gov
3    2607:f8b0:4004:c0b::71 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    34.86.70.109 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.70.86.34.bc.googleusercontent.com
tag.simpli.fi
i.simpli.fi
2    2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    142.251.111.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f155.1e100.net
googleads.g.doubleclick.net
2    172.253.115.104 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f104.1e100.net
www.google.com
2    2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
25    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
1    2600:9000:2305:800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    54.211.213.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-213-240.compute-1.amazonaws.com
match.sharethrough.com
3    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    2600:1f18:612b:4264:8c4d:9723:8c91:a92a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    13.249.39.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-128.iad89.r.cloudfront.net
aa.agkn.com
1    2600:9000:2199:c800:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
1    2600:9000:2073:2200:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    207.65.37.184 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    63.251.28.231 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
3    2600:1901:0:8eee:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
fei.pro-market.net
pbid.pro-market.net
3    172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net
cm.g.doubleclick.net
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadm.exelator.com
2    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    52.201.36.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-36-253.compute-1.amazonaws.com
sync.bfmio.com
1    23.55.200.222 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-200-222.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    35.169.151.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-151-38.compute-1.amazonaws.com
bcp.crwdcntrl.net
2    44.199.145.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-145-123.compute-1.amazonaws.com
ce.lijit.com
2    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net
www.googleadservices.com
2    68.67.179.166 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
Apex Domain
Subdomains		 Transfer
29 nd.gov
gf.nd.gov
www.nd.gov — Cisco Umbrella Rank: 806368
2 MB
27 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 8238
i.simpli.fi — Cisco Umbrella Rank: 6968
um.simpli.fi — Cisco Umbrella Rank: 1484
15 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
cm.g.doubleclick.net — Cisco Umbrella Rank: 363
3 KB
3 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 4127
pbid.pro-market.net — Cisco Umbrella Rank: 22323
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
285 KB
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 864
504 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 383
2 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 669
906 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 689
835 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1396
897 B
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1296
838 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 612
497 B
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 3519
2 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 910
d.agkn.com — Cisco Umbrella Rank: 1174
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 646
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 632
972 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 741
730 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 10
128 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
74 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 555
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 176
23 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 1285
638 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 1556
480 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 2757
421 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 969
655 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1373
551 B
1 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1598
546 B
1 tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 10885
176 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1897
378 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 804
324 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1043
554 B
65 33
Domain Requested by
28 gf.nd.gov 1 redirects gf.nd.gov
25 um.simpli.fi 22 redirects
3 cm.g.doubleclick.net 3 redirects
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com gf.nd.gov
www.googletagmanager.com
2 us-u.openx.net 1 redirects
2 ib.adnxs.com 1 redirects
2 px.ads.linkedin.com 1 redirects
2 idsync.rlcdn.com 2 redirects
2 ce.lijit.com 1 redirects
2 bcp.crwdcntrl.net 1 redirects
2 ups.analytics.yahoo.com 1 redirects
2 loadm.exelator.com 1 redirects
2 fei.pro-market.net 2 redirects
2 pixel.tapad.com 1 redirects
2 eb2.3lift.com 1 redirects
2 sync.1rx.io 2 redirects
2 www.facebook.com gf.nd.gov
2 www.google.com gf.nd.gov
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
2 connect.facebook.net gf.nd.gov
connect.facebook.net
1 pixel.rubiconproject.com
1 www.googleadservices.com 1 redirects
1 pippio.com 1 redirects
1 stags.bluekai.com
1 sync.bfmio.com
1 pbid.pro-market.net
1 ads.stickyadstv.com
1 image2.pubmatic.com
1 sync.intentiq.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 sync.targeting.unrulymedia.com
1 match.sharethrough.com
1 s.ad.smaato.net 1 redirects
1 i.simpli.fi tag.simpli.fi
1 tag.simpli.fi www.googletagmanager.com
1 www.nd.gov gf.nd.gov
65 39
Subject Issuer Validity Valid
gf.nd.gov
Sectigo RSA Organization Validation Secure Server CA		 2023-10-04 -
2024-10-03		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
www.nd.gov
Sectigo ECC Organization Validation Secure Server CA		 2024-02-15 -
2025-02-14		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-09 -
2024-08-07		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://gf.nd.gov/hunting
Frame ID: 992EE74F1399B0E5E3BDBD92F00DA999
Requests: 65 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hunting | North Dakota Game and Fish

Page URL History Show full URLs

  1. http://gf.nd.gov//hunting// HTTP 307
    https://gf.nd.gov//hunting// HTTP 303
    https://gf.nd.gov/hunting Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart
Overall confidence: 100%
Detected patterns
  • drupal\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

65
Requests

66 %
HTTPS

28 %
IPv6

33
Domains

39
Subdomains

29
IPs

1
Countries

2477 kB
Transfer

3360 kB
Size

60
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gf.nd.gov//hunting// HTTP 307
    https://gf.nd.gov//hunting// HTTP 303
    https://gf.nd.gov/hunting Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=535CD5923C4D406792370DCA5305818E HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=8bfc6abbff&gdpr=0&gdpr_consent=
Request Chain 42
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/535CD5923C4D406792370DCA5305818E HTTP 302
  • https://sync.1rx.io/usersync/simplifi/535CD5923C4D406792370DCA5305818E?zcc=1&cb=1722416088725 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a5dde442-df3f-4c98-a67d-fcbd18ff3da2-005
Request Chain 43
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=535CD5923C4D406792370DCA5305818E&dongle=yf3 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=535CD5923C4D406792370DCA5305818E&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Request Chain 44
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=535CD5923C4D406792370DCA5305818E
Request Chain 45
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=535CD5923C4D406792370DCA5305818E HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=535CD5923C4D406792370DCA5305818E
Request Chain 46
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=535CD5923C4D406792370DCA5305818E HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1722416085769&ip=38.132.118.69&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D213440604960007017277 HTTP 302
  • https://um.simpli.fi/aa_px?sk=213440604960007017277 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 47
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=535CD5923C4D406792370DCA5305818E
Request Chain 48
  • https://um.simpli.fi/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:535CD5923C4D406792370DCA5305818E
Request Chain 49
  • https://um.simpli.fi/freewheel HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=535CD5923C4D406792370DCA5305818E
Request Chain 50
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=535CD5923C4D406792370DCA5305818E;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=535CD5923C4D406792370DCA5305818E;mimetype=img;sr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=NzQ0MzQ2NDQyNjMyNjc5MTU0 HTTP 302
  • https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESENwziUh59dTFt_Hc3ZMNjco&google_cver=1
Request Chain 51
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=535CD5923C4D406792370DCA5305818E&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=535CD5923C4D406792370DCA5305818E&j=0&xl8blockcheck=1
Request Chain 52
  • https://um.simpli.fi/yahoo HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=535CD5923C4D406792370DCA5305818E HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=535CD5923C4D406792370DCA5305818E&verify=true
Request Chain 53
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=535CD5923C4D406792370DCA5305818E
Request Chain 54
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=535CD5923C4D406792370DCA5305818E
Request Chain 55
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=535CD5923C4D406792370DCA5305818E HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=535CD5923C4D406792370DCA5305818E
Request Chain 56
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=535CD5923C4D406792370DCA5305818E HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=535CD5923C4D406792370DCA5305818E&dnr=1
Request Chain 57
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=535CD5923C4D406792370DCA5305818E HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogNTM1Q0Q1OTIzQzRENDA2NzkyMzcwRENBNTMwNTgxOEUQABoNCNX3p7UGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0f92cc3d09899ecf1f52b4ac1252645d6069c808d3cb933df3f7ebb90a36b30e791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0f92cc3d09899ecf1f52b4ac1252645d6069c808d3cb933df3f7ebb90a36b30e791426b5417dce21&rand=04277481 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0f92cc3d09899ecf1f52b4ac1252645d6069c808d3cb933df3f7ebb90a36b30e791426b5417dce21&rand=04277481&expected_cookie=66710737-cb6a-45a1-a78d-907e981be910
Request Chain 58
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1722416085233&cv=7&fst=1722416085233&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=596554539&cv=7&fst=1722416085233&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIocKz9_PQhwMV7RpoCB1OZSGwMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2dmLm5kLmdvdi8 HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=596554539&cv=7&fst=1722416085233&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIocKz9_PQhwMV7RpoCB1OZSGwMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2dmLm5kLmdvdi8&is_vtc=1&cid=CAQSKQDaQooLeNgqSA5tND8k0cbItC7BZnq1ShlaW26Osysp5BctAPhtW2wf&random=279047440
Request Chain 60
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=535CD5923C4D406792370DCA5305818E HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D535CD5923C4D406792370DCA5305818E
Request Chain 61
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=535CD5923C4D406792370DCA5305818E&expires=365
Request Chain 62
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=535CD5923C4D406792370DCA5305818E HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=535CD5923C4D406792370DCA5305818E
Request Chain 63
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEHV29O94hZut4rILpjHipa0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=535CD5923C4D406792370DCA5305818E HTTP 302
  • https://um.simpli.fi/g_match?id=

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hunting
gf.nd.gov/
Redirect Chain
  • http://gf.nd.gov//hunting//
  • https://gf.nd.gov//hunting//
  • https://gf.nd.gov/hunting
42 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
de609b08622626ddc509e8f003dc8ef6e3732dad0b976f5737a273f1fac0d0e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
max-age=60, public
content-language
en
content-length
42990
content-type
text/html; charset=UTF-8
date
Tue, 30 Jul 2024 21:07:36 GMT
etag
"1722373655"
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Tue, 30 Jul 2024 21:07:35 GMT
server
State of North Dakota
vary
Cookie
x-content-type-options
nosniff
x-drupal-cache
HIT
x-drupal-dynamic-cache
MISS
x-frame-options
SAMEORIGIN
x-generator
Drupal 10 (https://www.drupal.org)
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=60, public
content-language
en
content-length
346
content-type
text/html; charset=utf-8
date
Tue, 30 Jul 2024 16:10:26 GMT
etag
"1722355826"
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Tue, 30 Jul 2024 16:10:26 GMT
location
https://gf.nd.gov/hunting
server
State of North Dakota
vary
Cookie
x-content-type-options
nosniff
x-drupal-cache
HIT
x-drupal-route-normalizer
1
x-frame-options
SAMEORIGIN
x-generator
Drupal 10 (https://www.drupal.org)
x-xss-protection
1; mode=block
css_CuqkGokahpMR_L79vmu0a0lODEUpoXNyk88YYAkIzLw.css
gf.nd.gov/sites/default/files/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gf.nd.gov/sites/default/files/css/css_CuqkGokahpMR_L79vmu0a0lODEUpoXNyk88YYAkIzLw.css?delta=0&language=en&theme=ndgf&include=eJxNilEKgCAQBS9keaY1XyLstuCzwk5fRB_9DAMzHOywmIQIWy7rzwykFDAs3hA3byZary8W9SQ6sQ99jqPiZHw5m-ddcQPU0yHT
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
ebe1002b09d0810c66c735181b49562a2e2a6fd15e2c55a9fcd2e67e272abe89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 Jul 2024 10:46:42 GMT
server
State of North Dakota
etag
"468-61e60939815e8"
vary
Accept-encoding
content-type
text/css
accept-ranges
bytes
content-length
1128
x-xss-protection
1; mode=block
css_M081Y4ZXn32Y3488hM-Vhnt_KElZBztnfXR-b79vBvo.css
gf.nd.gov/sites/default/files/css/ 		116 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gf.nd.gov/sites/default/files/css/css_M081Y4ZXn32Y3488hM-Vhnt_KElZBztnfXR-b79vBvo.css?delta=1&language=en&theme=ndgf&include=eJxNilEKgCAQBS9keaY1XyLstuCzwk5fRB_9DAMzHOywmIQIWy7rzwykFDAs3hA3byZary8W9SQ6sQ99jqPiZHw5m-ddcQPU0yHT
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
1648decd9102ce853ec53efbf85a160e7cf012cfcd7fcc6fa786a6cbe59d18a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 Jul 2024 10:46:42 GMT
server
State of North Dakota
etag
"52ac-61e609398507f"
vary
Accept-encoding
content-type
text/css
accept-ranges
bytes
content-length
21164
x-xss-protection
1; mode=block
logo.png
gf.nd.gov/themes/custom/ndgf/ 		145 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gf.nd.gov/themes/custom/ndgf/logo.png
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
7d1266de8af673dcac0b9ba20e6af9c3a962011853d75de4600c328b7b8f0723
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:43 GMT
x-content-type-options
nosniff
last-modified
Thu, 18 Jul 2024 15:56:30 GMT
server
State of North Dakota
etag
"24360-61d879f4f6d07"
content-type
image/png
accept-ranges
bytes
content-length
148320
x-xss-protection
1; mode=block
menu-hunting.jpg
gf.nd.gov/gnf/base/menu/ 		210 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gf.nd.gov/gnf/base/menu/menu-hunting.jpg
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
e89b4be1b17daf27f6c814c6458ec4391708a742e12acced06df5b18469d5919
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:43 GMT
x-content-type-options
nosniff
last-modified
Mon, 26 Jun 2023 10:49:46 GMT
server
State of North Dakota
etag
"3462d-5ff061bde6680"
content-type
image/jpeg
accept-ranges
bytes
content-length
214573
x-xss-protection
1; mode=block
menu-fishing.jpg
gf.nd.gov/gnf/base/menu/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gf.nd.gov/gnf/base/menu/menu-fishing.jpg
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
89b77318f861a230b8dff7df82b0ea26501f95bb26c283ea7299542283fc04e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 26 Jun 2023 10:49:46 GMT
server
State of North Dakota
etag
"1e686-5ff061bde6680"
content-type
image/jpeg
accept-ranges
bytes
content-length
124550
x-xss-protection
1; mode=block
menu-conservation.jpg
gf.nd.gov/gnf/base/menu/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gf.nd.gov/gnf/base/menu/menu-conservation.jpg
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
edd08583de145a81a93f435a635a3201b34630cdfbec43bed6b28e9f638daf6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 26 Jun 2023 10:49:46 GMT
server
State of North Dakota
etag
"15376-5ff061bde6680"
content-type
image/jpeg
accept-ranges
bytes
content-length
86902
x-xss-protection
1; mode=block
menu-education.jpg
gf.nd.gov/gnf/base/menu/ 		228 KB
228 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gf.nd.gov/gnf/base/menu/menu-education.jpg
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
d16e675e2659ddc9bc00ed093db5e4d59e5b8a7625e222c5740c5979e8501d3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 26 Jun 2023 10:49:46 GMT
server
State of North Dakota
etag
"38f85-5ff061bde6680"
content-type
image/jpeg
accept-ranges
bytes
content-length
233349
x-xss-protection
1; mode=block
menu-mobile-app.jpg
gf.nd.gov/gnf/base/menu/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gf.nd.gov/gnf/base/menu/menu-mobile-app.jpg
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
d000b0138ab662c93e95bf083f39f82952dbdfebdb8912296895e2b7ef25e636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 26 Jun 2023 10:49:46 GMT
server
State of North Dakota
etag
"12698-5ff061bde6680"
content-type
image/jpeg
accept-ranges
bytes
content-length
75416
x-xss-protection
1; mode=block
menu-contact.jpg
gf.nd.gov/gnf/base/menu/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gf.nd.gov/gnf/base/menu/menu-contact.jpg
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
3d900fbea88e71e68a005d33702c34f6bca28f955dc0d8a58c495587da834ca7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 26 Jun 2023 10:49:46 GMT
server
State of North Dakota
etag
"135db-5ff061bde6680"
content-type
image/jpeg
accept-ranges
bytes
content-length
79323
x-xss-protection
1; mode=block
gnf-logo.png
gf.nd.gov/gnf/base/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gf.nd.gov/gnf/base/gnf-logo.png
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
e60308ce5d2c4d35688f9053f27a6dc77b57416a48d99aba624c158b827c6e89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Oct 2020 08:56:18 GMT
server
State of North Dakota
etag
"19751-5b189968cd080"
content-type
image/png
accept-ranges
bytes
content-length
104273
x-xss-protection
1; mode=block
subscribe-button.png
gf.nd.gov/gnf/base/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gf.nd.gov/gnf/base/subscribe-button.png
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
e50612a75abebced5d551b1118ff014c35dbc3eb1ccba320ba5dedeb36e9aacb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Oct 2020 08:56:19 GMT
server
State of North Dakota
etag
"4524-5b189969c12c0"
content-type
image/png
accept-ranges
bytes
content-length
17700
x-xss-protection
1; mode=block
ndgf-app-logo.png
gf.nd.gov/gnf/base/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gf.nd.gov/gnf/base/ndgf-app-logo.png
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
ec8bdc3ef213a0c13c49043ea7fa0110f5582b96137737e55812b42e854188c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Dec 2023 20:06:35 GMT
server
State of North Dakota
etag
"91a-60d9773db6035"
content-type
image/png
accept-ranges
bytes
content-length
2330
x-xss-protection
1; mode=block
fb-logo.png
gf.nd.gov/gnf/base/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gf.nd.gov/gnf/base/fb-logo.png
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
a8ed13cd7f2f82e4e8d9e9d41d71baaef1b12adfdc593558ea76f6c94fbd3e0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Oct 2020 08:56:18 GMT
server
State of North Dakota
etag
"7f6-5b189968cd080"
content-type
image/png
accept-ranges
bytes
content-length
2038
x-xss-protection
1; mode=block
instagram-logo.png
gf.nd.gov/gnf/base/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gf.nd.gov/gnf/base/instagram-logo.png
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
d6cac9b1acb112eecfba71f09ae763abaa72419fb46d0496bdc79d0d2f64f1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Oct 2020 08:56:19 GMT
server
State of North Dakota
etag
"11fb-5b189969c12c0"
content-type
image/png
accept-ranges
bytes
content-length
4603
x-xss-protection
1; mode=block
youtube-icon.png
gf.nd.gov/gnf/base/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gf.nd.gov/gnf/base/youtube-icon.png
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
2eb1e06699f798f60eabe6c424f50853c94e177fabac510380929161c248e0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Oct 2020 08:56:19 GMT
server
State of North Dakota
etag
"c3b-5b189969c12c0"
content-type
image/png
accept-ranges
bytes
content-length
3131
x-xss-protection
1; mode=block
podcast-icon.png
gf.nd.gov/gnf/base/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gf.nd.gov/gnf/base/podcast-icon.png
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
85a5fb72be03e0d02061563dc1009b9ecfbe9d1ac7caf326fb5e067b7cfd4dee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Sep 2022 10:50:58 GMT
server
State of North Dakota
etag
"126a-5e8283456e880"
content-type
image/png
accept-ranges
bytes
content-length
4714
x-xss-protection
1; mode=block
footer-logo.png
gf.nd.gov/themes/custom/ndgf/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gf.nd.gov/themes/custom/ndgf/footer-logo.png
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
e60308ce5d2c4d35688f9053f27a6dc77b57416a48d99aba624c158b827c6e89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 18 Sep 2023 13:32:28 GMT
server
State of North Dakota
etag
"19751-605a22c6e61ab"
content-type
image/png
accept-ranges
bytes
content-length
104273
x-xss-protection
1; mode=block
jquery.min.js
gf.nd.gov/core/assets/vendor/jquery/ 		85 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gf.nd.gov/core/assets/vendor/jquery/jquery.min.js?v=3.7.1
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Jul 2024 11:33:45 GMT
server
State of North Dakota
etag
"155ed-61c6a51d09840"
content-type
application/javascript
accept-ranges
bytes
content-length
87533
x-xss-protection
1; mode=block
drupalSettingsLoader.js
gf.nd.gov/core/misc/ 		691 B
806 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gf.nd.gov/core/misc/drupalSettingsLoader.js?v=10.3.1
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
f47d56f4e42a0fd576ee274454e24c085010b464b849cabe80041c88aaf45363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Jul 2024 11:33:45 GMT
server
State of North Dakota
etag
"2b3-61c6a51d09840"
content-type
application/javascript
accept-ranges
bytes
content-length
691
x-xss-protection
1; mode=block
drupal.js
gf.nd.gov/core/misc/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gf.nd.gov/core/misc/drupal.js?v=10.3.1
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
2ccb66eceb05e6d15ca71a6605ec4e75dbb7d25f97cfe15409204fa2f7e212df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Jul 2024 11:33:45 GMT
server
State of North Dakota
etag
"5241-61c6a51d09840"
content-type
application/javascript
accept-ranges
bytes
content-length
21057
x-xss-protection
1; mode=block
drupal.init.js
gf.nd.gov/core/misc/ 		960 B
1010 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gf.nd.gov/core/misc/drupal.init.js?v=10.3.1
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
923935d813106205b31d3953b21e34a007f32758ec0c3d2ba6dd3dda1f8cf6e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Jul 2024 11:33:45 GMT
server
State of North Dakota
etag
"3c0-61c6a51d09840"
content-type
application/javascript
accept-ranges
bytes
content-length
960
x-xss-protection
1; mode=block
modernizr.min.js
gf.nd.gov/core/assets/vendor/modernizr/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gf.nd.gov/core/assets/vendor/modernizr/modernizr.min.js?v=8.x-1.0
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
939fe220ac3999512e38ecd5397d7334210c1568e7aec55eb6c6f4d1316c8353
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Jul 2024 11:33:45 GMT
server
State of North Dakota
etag
"1c42-61c6a51d09840"
content-type
application/javascript
accept-ranges
bytes
content-length
7234
x-xss-protection
1; mode=block
ndgf-v3.js
gf.nd.gov/themes/custom/ndgf/scripts/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gf.nd.gov/themes/custom/ndgf/scripts/ndgf-v3.js?v=8.x-1.0
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
cb1ac5b5424ece57f08a63b8db52cf90fc40daa770bf0f9ef658b958d830faad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 18 Jul 2024 15:53:00 GMT
server
State of North Dakota
etag
"2ae4-61d8792c26fe9"
content-type
application/javascript
accept-ranges
bytes
content-length
10980
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		275 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PQ86ZGS
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9d9a65913227fff89598654fbdb82cc3a4b6cca716a3f74e1babdf29803cf3e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97575
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Jul 2024 08:54:44 GMT
search-icon.svg
gf.nd.gov/gnf/base/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gf.nd.gov/gnf/base/search-icon.svg
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/sites/default/files/css/css_M081Y4ZXn32Y3488hM-Vhnt_KElZBztnfXR-b79vBvo.css?delta=1&language=en&theme=ndgf&include=eJxNilEKgCAQBS9keaY1XyLstuCzwk5fRB_9DAMzHOywmIQIWy7rzwykFDAs3hA3byZary8W9SQ6sQ99jqPiZHw5m-ddcQPU0yHT
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
276f5e623fb2ebc940ecadb435136eab0b80f082c838676dc183ca4db80201a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/sites/default/files/css/css_M081Y4ZXn32Y3488hM-Vhnt_KElZBztnfXR-b79vBvo.css?delta=1&language=en&theme=ndgf&include=eJxNilEKgCAQBS9keaY1XyLstuCzwk5fRB_9DAMzHOywmIQIWy7rzwykFDAs3hA3byZary8W9SQ6sQ99jqPiZHw5m-ddcQPU0yHT
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Oct 2020 08:56:19 GMT
server
State of North Dakota
etag
"51f-5b189969c12c0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1311
x-xss-protection
1; mode=block
hunting-toc-header.jpg
gf.nd.gov/gnf/hunting/images/ 		701 KB
701 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gf.nd.gov/gnf/hunting/images/hunting-toc-header.jpg
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/sites/default/files/css/css_M081Y4ZXn32Y3488hM-Vhnt_KElZBztnfXR-b79vBvo.css?delta=1&language=en&theme=ndgf&include=eJxNilEKgCAQBS9keaY1XyLstuCzwk5fRB_9DAMzHOywmIQIWy7rzwykFDAs3hA3byZary8W9SQ6sQ99jqPiZHw5m-ddcQPU0yHT
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
fede027d4cad3220417697ffa7da185857aac84ae289bc8d7c2768cb3d7b194a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/sites/default/files/css/css_M081Y4ZXn32Y3488hM-Vhnt_KElZBztnfXR-b79vBvo.css?delta=1&language=en&theme=ndgf&include=eJxNilEKgCAQBS9keaY1XyLstuCzwk5fRB_9DAMzHOywmIQIWy7rzwykFDAs3hA3byZary8W9SQ6sQ99jqPiZHw5m-ddcQPU0yHT
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 Jun 2024 16:18:10 GMT
server
State of North Dakota
etag
"af33e-61a12cbbf5ce8"
content-type
image/jpeg
accept-ranges
bytes
content-length
717630
x-xss-protection
1; mode=block
ndgov-banner.jpg
www.nd.gov/banner/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nd.gov/banner/images/ndgov-banner.jpg
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.38 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
e72a2a85de4e59f6420027b6a033da632bd0cf53cf47e5bb5e55adf531d5e0a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jul 2024 08:54:43 GMT
x-content-type-options
nosniff
last-modified
Wed, 18 Feb 2015 16:07:12 GMT
server
State of North Dakota
etag
"7c1fe0f4944bd01:0"
content-type
image/jpeg
accept-ranges
bytes
content-length
5502
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		320 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E2DZPG5QJR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ86ZGS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8bef2508b323ae685d5b219d906275c54e65db2a2d5aa4ffd472cc24bc22b1a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107380
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 Jul 2024 08:54:44 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ86ZGS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 31 Jul 2024 07:50:35 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3849
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 31 Jul 2024 09:50:35 GMT
destination
www.googletagmanager.com/gtag/ 		239 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-10836231964&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ86ZGS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
29587d6b2a3b83b4f123d65feeaf98421b81599cc24c7e30d4f263f5f7f35ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86434
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Jul 2024 08:54:44 GMT
07768ff0-11aa-013b-a293-0cc47abd0334
tag.simpli.fi/sifitag/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/07768ff0-11aa-013b-a293-0cc47abd0334
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ86ZGS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.70.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
612fff39d4fa58ac4a731d0f34ca3b24fb8b666a39ab027c7657a6e0fc48b4a8

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 08:54:44 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id
F-dATZ6z8Y56tyLYTzbB
expires
Thu, 01 Jan 1970 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		224 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 31 Jul 2024 08:54:44 GMT
document-policy
force-load-at-top
x-fb-server-load
38
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=58, rtx=0, c=12, mss=1297, tbw=2798, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
vOWbFjFmKMkGdYgznlz2pAYdzttksjTAWzDvfdqSyZZUdCyk/EYLO40En1C8BBy/KGUIX7H9RCE64d8PJ1SF+w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10836231964/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10836231964/?random=1722416084578&cv=11&fst=1722416084578&bg=ffffff&guid=ON&async=1&gtm=45be47t0v885333506z8835271990za201zb835271990&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fgf.nd.gov%2Fhunting&hn=www.googleadservices.com&frm=0&tiba=Hunting%20%7C%20North%20Dakota%20Game%20and%20Fish&npa=0&pscdl=noapi&auid=916562148.1722416084&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10836231964&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
b10c98fd15e4700574393be8db3b51d9e5420574f0ae185cb37f4e149792cbd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 08:54:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1374
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-E2DZPG5QJR&gtm=45je47t0v883762264z8835271990za200zb835271990&_p=1722416083993&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=1931447060.1722416085&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1722416084&sct=1&seg=0&dl=https%3A%2F%2Fgf.nd.gov%2Fhunting&dt=Hunting%20%7C%20North%20Dakota%20Game%20and%20Fish&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true&tfd=1954
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E2DZPG5QJR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 08:54:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gf.nd.gov
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1750892647&t=pageview&_s=1&dl=https%3A%2F%2Fgf.nd.gov%2Fhunting&ul=en-us&de=UTF-8&dt=Hunting%20%7C%20North%20Dakota%20Game%20and%20Fish&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=379173549&gjid=63415802&cid=1931447060.1722416085&tid=UA-39059471-1&_gid=642700964.1722416085&_r=1&_slc=1&gtm=45He47t0n81PQ86ZGSv835271990za200&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&z=1297783840
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 08:54:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gf.nd.gov
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
587107945012477
connect.facebook.net/signals/config/ 		71 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/587107945012477?v=2.9.162&r=stable&domain=gf.nd.gov&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
feb0aa1b6b4b436fdb0be7f15bff2fd0b9422d227b5f8700894ebd006218c70d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 31 Jul 2024 08:54:44 GMT
document-policy
force-load-at-top
x-fb-server-load
34
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=63, rtx=0, c=65, mss=1297, tbw=64221, tp=-1, tpl=-1, uplat=53, ullat=0
pragma
public
x-fb-debug
ZQJQhf9l5hSUYcUEmy1J1qT65lYfqlf1Qpv7hGl6L0iwHCKCaiAdG7XW58Sl4VKeEaP+brymR+SKirtUQKb0tQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10836231964/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10836231964/?random=1722416084578&cv=11&fst=1722412800000&bg=ffffff&guid=ON&async=1&gtm=45be47t0v885333506z8835271990za201zb835271990&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fgf.nd.gov%2Fhunting&hn=www.googleadservices.com&frm=0&tiba=Hunting%20%7C%20North%20Dakota%20Game%20and%20Fish&npa=0&pscdl=noapi&auid=916562148.1722416084&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLRRzuasFqp01JZusImwhyOmd96H4_mA&random=3815357742&rmt_tld=0&ipr=y
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 08:54:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=587107945012477&ev=PageView&dl=https%3A%2F%2Fgf.nd.gov%2Fhunting&rl=&if=false&ts=1722416084925&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722416084922.819885693321181370&cs_est=true&ler=empty&cdl=API_unavailable&it=1722416084781&coo=false&rqm=GET
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=58, rtx=0, c=10, mss=1297, tbw=2781, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 31 Jul 2024 08:54:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=587107945012477&ev=PageView&dl=https%3A%2F%2Fgf.nd.gov%2Fhunting&rl=&if=false&ts=1722416084925&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722416084922.819885693321181370&cs_est=true&ler=empty&cdl=API_unavailable&it=1722416084781&coo=false&rqm=FGET
Requested by
Host: gf.nd.gov
URL: https://gf.nd.gov/hunting
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Wed, 31 Jul 2024 08:54:45 GMT
document-policy
force-load-at-top
x-fb-server-load
35
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397720757050157730", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=58, rtx=0, c=10, mss=1297, tbw=3095, tp=-1, tpl=-1, uplat=52, ullat=0
pragma
no-cache
x-fb-debug
kzx3p9EI9bBaYB+PXlfDsKVU4XjlbSe+GjxkMXuq8NLgwtTh5W4SjsHsOXf6K2Uds3Fn+fYgKd0dGQAdZKmYjg==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397720757050157730"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
p
i.simpli.fi/ 		796 B
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=388039&cb=sifi_att_591._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/07768ff0-11aa-013b-a293-0cc47abd0334
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.70.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
db142dcb106b872ce405bda5fa75693bcc796a9da1196ee088a3121642be2a43

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 08:54:45 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ndgf-favicon.png
gf.nd.gov/themes/custom/ndgf/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gf.nd.gov/themes/custom/ndgf/ndgf-favicon.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.234.159.62 Devils Lake, United States, ASN19530 (NDIN-STATE, US),
Reverse DNS
Software
State of North Dakota /
Resource Hash
5e7e7b3309124587d10371905294f3ef7014b3d51b7d95e28d9075ef68d52c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gf.nd.gov/hunting
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 18 Sep 2023 13:32:28 GMT
server
State of North Dakota
etag
"54f-605a22c721ad0"
content-type
image/png
accept-ranges
bytes
content-length
1359
x-xss-protection
1; mode=block
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=535CD5923C4D406792370DCA5305818E
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=8bfc6abbff&gdpr=0&gdpr_consent=
68 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=8bfc6abbff&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.211.213.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-213-240.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Wed, 31 Jul 2024 08:54:45 GMT
via
1.1 1bd7d779bed244375679d82e1821cc3c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
location
https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=8bfc6abbff&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
Go-1AGgAxASQw9wJxCCvkx4vZJH0JV8m_hVBOOQDQFWjJQFM3BjTWQ==
RX-a5dde442-df3f-4c98-a67d-fcbd18ff3da2-005
sync.targeting.unrulymedia.com/csync/
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/535CD5923C4D406792370DCA5305818E
  • https://sync.1rx.io/usersync/simplifi/535CD5923C4D406792370DCA5305818E?zcc=1&cb=1722416088725
  • https://sync.targeting.unrulymedia.com/csync/RX-a5dde442-df3f-4c98-a67d-fcbd18ff3da2-005
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-a5dde442-df3f-4c98-a67d-fcbd18ff3da2-005
Protocol
H2
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:49 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

content-type
text/html
pragma
no-cache
date
Wed, 31 Jul 2024 08:54:45 GMT
cache-control
no-store, no-cache, must-revalidate
location
https://sync.targeting.unrulymedia.com/csync/RX-a5dde442-df3f-4c98-a67d-fcbd18ff3da2-005
expires
0
xuid
eb2.3lift.com/
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=535CD5923C4D406792370DCA5305818E&dongle=yf3
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=535CD5923C4D406792370DCA5305818E&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
37 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=535CD5923C4D406792370DCA5305818E&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Wed, 31 Jul 2024 08:54:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

location
/xuid?ld=1&mid=7969&xuid=535CD5923C4D406792370DCA5305818E&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
date
Wed, 31 Jul 2024 08:54:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=535CD5923C4D406792370DCA5305818E
43 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=535CD5923C4D406792370DCA5305818E
Protocol
H2
Server
2600:1f18:612b:4264:8c4d:9723:8c91:a92a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 31 Jul 2024 08:54:45 GMT
server
nginx
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

Redirect headers

date
Wed, 31 Jul 2024 08:54:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://simplifi.partners.tremorhub.com/sync?UISF=535CD5923C4D406792370DCA5305818E
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 30 Jul 2024 08:54:45 GMT
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=535CD5923C4D406792370DCA5305818E
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=535CD5923C4D406792370DCA5305818E
95 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=535CD5923C4D406792370DCA5305818E
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:45 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Wed, 31 Jul 2024 08:54:45 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=535CD5923C4D406792370DCA5305818E
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
empty.gif
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=535CD5923C4D406792370DCA5305818E
  • https://d.agkn.com/pixel/10751/?che=1722416085769&ip=38.132.118.69&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D213440604960007017277
  • https://um.simpli.fi/aa_px?sk=213440604960007017277
  • https://um.simpli.fi/empty.gif
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
35.236.220.17 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
17.220.236.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:46 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43

Redirect headers

date
Wed, 31 Jul 2024 08:54:46 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
/empty.gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=535CD5923C4D406792370DCA5305818E
43 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=535CD5923C4D406792370DCA5305818E
Protocol
H2
Server
2600:9000:2073:2200:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 08:54:45 GMT
via
1.1 ec8b1bfbf511818c606f196b49f871e2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
kLwKcxPvgOZmdP8G3FBGqmbYHdtCmGwu1wNvZX_WtDUEheTxyHlpng==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 31 Jul 2024 08:54:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=535CD5923C4D406792370DCA5305818E
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 30 Jul 2024 08:54:45 GMT
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://um.simpli.fi/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:535CD5923C4D406792370DCA5305818E
42 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:535CD5923C4D406792370DCA5305818E
Protocol
H2
Server
207.65.37.184 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 31 Jul 2024 08:54:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
content-type
image/gif; charset=utf-8

Redirect headers

date
Wed, 31 Jul 2024 08:54:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:535CD5923C4D406792370DCA5305818E
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 30 Jul 2024 08:54:45 GMT
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://um.simpli.fi/freewheel
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=535CD5923C4D406792370DCA5305818E
43 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=535CD5923C4D406792370DCA5305818E
Protocol
HTTP/1.1
Server
63.251.28.231 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jul 2024 08:54:45 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1722416085973000-305

Redirect headers

date
Wed, 31 Jul 2024 08:54:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=535CD5923C4D406792370DCA5305818E
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 30 Jul 2024 08:54:45 GMT
engine
pbid.pro-market.net/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=535CD5923C4D406792370DCA5305818E;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=535CD5923C4D406792370DCA5305818E;mimetype=img;sr
  • https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=NzQ0MzQ2NDQyNjMyNjc5MTU0
  • https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESENwziUh59dTFt_Hc3ZMNjco&google_cver=1
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESENwziUh59dTFt_Hc3ZMNjco&google_cver=1
Protocol
H2
Server
2600:1901:0:8eee:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 08:54:45 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp1
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
43
expires
Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jul 2024 08:54:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESENwziUh59dTFt_Hc3ZMNjco&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
315
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=535CD5923C4D406792370DCA5305818E&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=535CD5923C4D406792370DCA5305818E&j=0&xl8blockcheck=1
0
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=535CD5923C4D406792370DCA5305818E&j=0&xl8blockcheck=1
Protocol
H2
Server
52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-156-250.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Wed, 31 Jul 2024 08:54:45 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=535CD5923C4D406792370DCA5305818E&j=0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
sync
ups.analytics.yahoo.com/ups/55964/
Redirect Chain
  • https://um.simpli.fi/yahoo
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=535CD5923C4D406792370DCA5305818E
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=535CD5923C4D406792370DCA5305818E&verify=true
0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55964/sync?uid=535CD5923C4D406792370DCA5305818E&verify=true
Protocol
H2
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.134 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.134
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55964/sync?uid=535CD5923C4D406792370DCA5305818E&verify=true
date
Wed, 31 Jul 2024 08:54:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.134
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=535CD5923C4D406792370DCA5305818E
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=535CD5923C4D406792370DCA5305818E
Protocol
HTTP/1.1
Server
52.201.36.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-36-253.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 31 Jul 2024 08:54:45 GMT

Redirect headers

date
Wed, 31 Jul 2024 08:54:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.bfmio.com/sync?pid=141&uid=535CD5923C4D406792370DCA5305818E
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 30 Jul 2024 08:54:45 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=535CD5923C4D406792370DCA5305818E
62 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=535CD5923C4D406792370DCA5305818E
Protocol
H2
Server
23.55.200.222 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-200-222.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 31 Jul 2024 08:54:45 GMT
content-length
62
x-request-id
681f4e3f16ce87fc6ccc90ea8cb1ec86
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

date
Wed, 31 Jul 2024 08:54:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://stags.bluekai.com/site/29931?id=535CD5923C4D406792370DCA5305818E
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 30 Jul 2024 08:54:45 GMT
tpid=535CD5923C4D406792370DCA5305818E
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=535CD5923C4D406792370DCA5305818E
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=535CD5923C4D406792370DCA5305818E
49 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=535CD5923C4D406792370DCA5305818E
Protocol
H2
Server
35.169.151.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-151-38.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 08:54:45 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.59.136
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jul 2024 08:54:45 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=535CD5923C4D406792370DCA5305818E
cache-control
no-cache
x-server
10.40.56.49
content-length
0
expires
0
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=535CD5923C4D406792370DCA5305818E
  • https://ce.lijit.com/merge?pid=2&3pid=535CD5923C4D406792370DCA5305818E&dnr=1
43 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=535CD5923C4D406792370DCA5305818E&dnr=1
Protocol
H2
Server
44.199.145.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-145-123.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 08:54:45 GMT
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jul 2024 08:54:45 GMT
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ce.lijit.com/merge?pid=2&3pid=535CD5923C4D406792370DCA5305818E&dnr=1
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
0
expires
Fri, 20 Mar 2009 00:00:00 GMT
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=535CD5923C4D406792370DCA5305818E
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogNTM1Q0Q1OTIzQzRENDA2NzkyMzcwRENBNTMwNTgxOEUQABoNCNX3p7UGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0f92cc3d09899ecf1f52b4ac1252645d6069c808d3cb933df3f7ebb90a36b30e791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0f92cc3d09899ecf1f52b4ac1252645d6069c808d3cb933df3f7ebb90a36b30e791426b5417dce21&rand=04277481
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0f92cc3d09899ecf1f52b4ac1252645d6069c808d3cb933df3f7ebb90a36b30e791426b5417dce21&rand=04277481&expected_cookie=66710737-cb6a-45a1-a78d-907e981be910
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0f92cc3d09899ecf1f52b4ac1252645d6069c808d3cb933df3f7ebb90a36b30e791426b5417dce21&rand=04277481&expected_cookie=66710737-cb6a-45a1-a78d-907e981be910
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:45 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 8FDB2FB3310944139DED6D6F1C406163 Ref B: MIA301000103051 Ref C: 2024-07-31T08:54:46Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYehz8AdPH2F3Y0biTHTQ==

Redirect headers

date
Wed, 31 Jul 2024 08:54:45 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 7BBFC1FCBF25406EA1DC3215B8575CDF Ref B: MIA301000103051 Ref C: 2024-07-31T08:54:46Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
/db_sync?pid=10339&puuid=0f92cc3d09899ecf1f52b4ac1252645d6069c808d3cb933df3f7ebb90a36b30e791426b5417dce21&rand=04277481&expected_cookie=66710737-cb6a-45a1-a78d-907e981be910
x-li-proto
http/2
content-length
0
x-li-uuid
AAYehz7+QyyAOlYmmKuJaw==
/
www.google.com/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1722416085233&cv=7&fst=1722416085233&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=596554539&cv=7&fst=1722416085233&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHB...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=596554539&cv=7&fst=1722416085233&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscr...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/1026675585/?random=596554539&cv=7&fst=1722416085233&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIocKz9_PQhwMV7RpoCB1OZSGwMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2dmLm5kLmdvdi8&is_vtc=1&cid=CAQSKQDaQooLeNgqSA5tND8k0cbItC7BZnq1ShlaW26Osysp5BctAPhtW2wf&random=279047440
Protocol
H3
Server
172.253.115.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 08:54:45 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jul 2024 08:54:45 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-conversion/1026675585/?random=596554539&cv=7&fst=1722416085233&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIocKz9_PQhwMV7RpoCB1OZSGwMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2dmLm5kLmdvdi8&is_vtc=1&cid=CAQSKQDaQooLeNgqSA5tND8k0cbItC7BZnq1ShlaW26Osysp5BctAPhtW2wf&random=279047440
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spotx_match
um.simpli.fi/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/spotx_match
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.236.220.17 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
17.220.236.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 31 Jul 2024 08:54:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
bounce
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=535CD5923C4D406792370DCA5305818E
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D535CD5923C4D406792370DCA5305818E
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D535CD5923C4D406792370DCA5305818E
Protocol
H2
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 08:54:45 GMT
an-x-request-uuid
f4839793-11f6-4103-8806-fd120d66051e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.69; 38.132.118.69; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jul 2024 08:54:45 GMT
an-x-request-uuid
1567a2c6-b48e-429f-bdb7-9459e72bc93b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D535CD5923C4D406792370DCA5305818E
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.69; 38.132.118.69; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=535CD5923C4D406792370DCA5305818E&expires=365
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=535CD5923C4D406792370DCA5305818E&expires=365
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
44e748b6247b033344ab4f6b8c0f8cbb
Expires
0

Redirect headers

date
Wed, 31 Jul 2024 08:54:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=535CD5923C4D406792370DCA5305818E&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 30 Jul 2024 08:54:45 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=535CD5923C4D406792370DCA5305818E
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=535CD5923C4D406792370DCA5305818E
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=535CD5923C4D406792370DCA5305818E
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 08:54:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=535CD5923C4D406792370DCA5305818E
date
Wed, 31 Jul 2024 08:54:45 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEHV29O94hZut4rILpjHipa0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=535CD5923C4D406792370DCA5305818E
  • https://um.simpli.fi/g_match?id=
0
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Server
35.236.220.17 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
17.220.236.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gf.nd.gov/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:54:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 30 Jul 2024 08:54:45 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jul 2024 08:54:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://um.simpli.fi/g_match?id=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer function| jQuery object| drupalSettings object| Drupal object| Modernizr function| dateType object| onappearance function| openGNFHelpSection object| google_tag_manager object| google_tag_data string| $target object| $link string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| GooglebQhCsO function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| sifi_att_591

60 Cookies

Domain/Path Name / Value
.nd.gov/ Name: _gcl_au
Value: 1.1.916562148.1722416084
.simpli.fi/ Name: suid
Value: 535CD5923C4D406792370DCA5305818E
.nd.gov/ Name: _ga_E2DZPG5QJR
Value: GS1.1.1722416084.1.0.1722416084.0.0.0
.nd.gov/ Name: _ga
Value: GA1.2.1931447060.1722416085
.nd.gov/ Name: _gid
Value: GA1.2.642700964.1722416085
.nd.gov/ Name: _gat_UA-39059471-1
Value: 1
.nd.gov/ Name: _fbp
Value: fb.1.1722416084922.819885693321181370
.simpli.fi/ Name: uid_syncd_secure
Value: true
.doubleclick.net/ Name: IDE
Value: AHWqTUlH9iRWM1-j5IErPs2kSWi_ETd7ePo3mp8YCaktzXXaVU0Ml7-F6e3Ut8tL
.tapad.com/ Name: TapAd_TS
Value: 1722416085622
.tapad.com/ Name: TapAd_DID
Value: 6675881e-95d7-4605-a818-3a544ca74880
.3lift.com/ Name: tluidp
Value: 1343483792744161131047
.3lift.com/ Name: tluid
Value: 1343483792744161131047
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a5dde442-df3f-4c98-a67d-fcbd18ff3da2-005%22%7D
.smaato.net/ Name: SCM
Value: 8bfc6abbff
.smaato.net/ Name: SCMs
Value: 8bfc6abbff
.smaato.net/ Name: SCM1001136
Value: 8bfc6abbff
.agkn.com/ Name: ab
Value: 0001%3AdD0pNCv6UmrLkm2y75nb97H0KKJzFBhx
.openx.net/ Name: i
Value: 6ae63384-5cf5-46c1-a41e-726b261b17d7|1722416085
.rlcdn.com/ Name: rlas3
Value: EFDk0Io1IyvlHIuURp7ewuYvl2DZV1zPIb4gtLQunKI=
.intentiq.com/ Name: IQver
Value: 1.9
.adnxs.com/ Name: XANDR_PANID
Value: LKmYf2O8cdVKANJRWAX5C8hcE2N-3O7FUhu2Xb5qT-S5tnwPaAso3fMuBlgIY9xvBKTwn5vWG_Jqi5iE_SSLtbHlSK8PxMFqq78f5yxCyxw.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 6436260642160243313
.yahoo.com/ Name: A3
Value: d=AQABBNX7qWYCEAMhG2E56HZMTdbIEGmqRPgFEgEBAQFNq2azZtxH0iMA_eMAAA&S=AQAAAnrPJH1U8J-6BWI_bPagfzo
.rlcdn.com/ Name: pxrc
Value: CNX3p7UGEgUI6AcQABIFCOhHEAA=
.lijit.com/ Name: ljt_reader
Value: JFQ2AQZHEFogr5mfSCiLjcLw
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: b017c8a052b5d066379f541964adc953
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:535CD5923C4D406792370DCA5305818E&KRTB&23486-uid:535CD5923C4D406792370DCA5305818E&KRTB&23489-uid:535CD5923C4D406792370DCA5305818E&KRTB&23539-uid:535CD5923C4D406792370DCA5305818E
.pubmatic.com/ Name: PugT
Value: 1722416085
.bfmio.com/ Name: __141_cid
Value: 535CD5923C4D406792370DCA5305818E
.bfmio.com/ Name: __io_cid
Value: f75c71534160aa35ddb11c0b9b24ec796fe78b51
.rubiconproject.com/ Name: audit_p
Value: 1|fslz6uMsiEhufuND6HT40lZJPuBWYGHJ2HqHFPBSYoM8fCYmOTvXg9kRe0NPKwxOSS72IWFX8iVw0S94mtzOHxX1ClJMS060s8vYM4pkAilQYeHVRSNf5K03VUg1dB3ZG133ne9nEA2sm8kZ2nmJ9WKwsq3afJjYwP3NzD435qNZYr2f2sSAEVDfv570ZGhx
.rubiconproject.com/ Name: khaos
Value: LZ9M2DO3-Q-LRJ9
.rubiconproject.com/ Name: khaos_p
Value: LZ9M2DO3-Q-LRJ9
.rubiconproject.com/ Name: audit
Value: 1|fslz6uMsiEhufuND6HT40lZJPuBWYGHJ2HqHFPBSYoM8fCYmOTvXg9kRe0NPKwxOSS72IWFX8iVw0S94mtzOHxX1ClJMS060s8vYM4pkAilQYeHVRSNf5K03VUg1dB3ZG133ne9nEA2sm8kZ2nmJ9WKwsq3afJjYwP3NzD435qNZYr2f2sSAEVDfv570ZGhx
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.pro-market.net/ Name: anHistory
Value: "5nl4sj3jv94i+2+!#7%.$F#Jl^"
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2GVQwZ=Q[!]tbPl1N!7On*M$=BX04jGmloieG*te8X`4gX.a_5kRg`4h:3J`7sy/)yJ-lv/XF`P(hw9P-HC_#twmz)o>W?
.analytics.yahoo.com/ Name: IDSYNC
Value: 176k~2juw
.ads.stickyadstv.com/ Name: UID
Value: 46b772cf6be9eb308a2a7a3241e05362
.ads.stickyadstv.com/ Name: uid-bp-26865
Value: 535CD5923C4D406792370DCA5305818E
.lijit.com/ Name: _ljtrtb_2
Value: 535CD5923C4D406792370DCA5305818E
.exelator.com/ Name: EE
Value: "711c42b19e24f2f26fe846976300e50d"
.bluekai.com/ Name: bku
Value: blx99BUf3VjILTza
.bluekai.com/ Name: bkpa
Value: KJy9nyexd02pSUHknp/8mE1hwtkAwEDpBDBWBEA01616HexyBMz81M1l1WHexEDp1eDT1ECa9y9A29+G
.sharethrough.com/ Name: stx_user_id
Value: c08e2db9-bc4a-40bf-9ce9-d76e6272c6d7
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a5dde442-df3f-4c98-a67d-fcbd18ff3da2-005%22%7D
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHc0DDZxCjJ0DLVyCTNKM3ILC3VwsTM0tzM2MAg1dQgZXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIfEl%252BUWb6otDgxUUpaQyLSopPBZ9oYQAAc0gpdQ%253D%253D"
.pippio.com/ Name: did
Value: BxAXWNXzW7Uz4Z6P
.pippio.com/ Name: didts
Value: 1722416086
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CNb3p7UGEgYIgr0rEAA=
.agkn.com/ Name: u
Value: C|0AAAAAAAALjy4VgAAAAAA
.pro-market.net/ Name: anProfile
Value: "5nl4sj3jv94i+1+1f=1+1g=1+1j=57:1+rs=s+rt=200105501D0500010000000000000007+s2=(shhcr9)+vm=24-535CD5923C4D406792370DCA5305818E:53-CAESENwziUh59dTFt_Hc3ZMNjco"
.linkedin.com/ Name: li_sugr
Value: 66710737-cb6a-45a1-a78d-907e981be910
.linkedin.com/ Name: bcookie
Value: "v=2&72fea8ce-1a7c-4ca5-8d05-bc6ef1b8176c"
.linkedin.com/ Name: lidc
Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3302:u=1:x=1:i=1722416086:t=1722502486:v=2:sig=AQFh92GgVBOPDFWrJ1EvwtKVKGvgzm_r"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.stickyadstv.com
bcp.crwdcntrl.net
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
d.agkn.com
eb2.3lift.com
fei.pro-market.net
gf.nd.gov
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
loadm.exelator.com
match.sharethrough.com
pbid.pro-market.net
pippio.com
pixel.rubiconproject.com
pixel.tapad.com
px.ads.linkedin.com
s.ad.smaato.net
simplifi.partners.tremorhub.com
stags.bluekai.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
tag.simpli.fi
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.nd.gov
107.178.254.65
13.249.39.128
142.250.31.155
142.251.111.155
165.234.159.38
165.234.159.62
172.253.115.104
172.253.115.155
207.65.37.184
23.55.200.222
2600:1901:0:8eee::
2600:1f18:612b:4264:8c4d:9723:8c91:a92a
2600:9000:2073:2200:1b:6b7d:2300:93a1
2600:9000:2199:c800:19:fc2c:a140:93a1
2600:9000:2305:800:1b:5138:8a40:93a1
2607:f8b0:4004:c0b::61
2607:f8b0:4004:c0b::71
2620:1ec:21::14
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
3.225.218.10
34.111.113.62
34.86.70.109
35.169.151.38
35.236.220.17
35.244.154.8
35.244.159.8
35.71.139.29
44.199.145.123
52.0.156.250
52.201.36.253
54.211.213.240
63.251.28.231
68.67.179.166
69.173.151.100
69.194.240.13
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
1648decd9102ce853ec53efbf85a160e7cf012cfcd7fcc6fa786a6cbe59d18a4
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
276f5e623fb2ebc940ecadb435136eab0b80f082c838676dc183ca4db80201a0
29587d6b2a3b83b4f123d65feeaf98421b81599cc24c7e30d4f263f5f7f35ff1
2ccb66eceb05e6d15ca71a6605ec4e75dbb7d25f97cfe15409204fa2f7e212df
2eb1e06699f798f60eabe6c424f50853c94e177fabac510380929161c248e0b1
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
3d900fbea88e71e68a005d33702c34f6bca28f955dc0d8a58c495587da834ca7
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5e7e7b3309124587d10371905294f3ef7014b3d51b7d95e28d9075ef68d52c68
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
612fff39d4fa58ac4a731d0f34ca3b24fb8b666a39ab027c7657a6e0fc48b4a8
7d1266de8af673dcac0b9ba20e6af9c3a962011853d75de4600c328b7b8f0723
85a5fb72be03e0d02061563dc1009b9ecfbe9d1ac7caf326fb5e067b7cfd4dee
89b77318f861a230b8dff7df82b0ea26501f95bb26c283ea7299542283fc04e4
8bef2508b323ae685d5b219d906275c54e65db2a2d5aa4ffd472cc24bc22b1a4
923935d813106205b31d3953b21e34a007f32758ec0c3d2ba6dd3dda1f8cf6e9
939fe220ac3999512e38ecd5397d7334210c1568e7aec55eb6c6f4d1316c8353
9d9a65913227fff89598654fbdb82cc3a4b6cca716a3f74e1babdf29803cf3e4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a8ed13cd7f2f82e4e8d9e9d41d71baaef1b12adfdc593558ea76f6c94fbd3e0d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b10c98fd15e4700574393be8db3b51d9e5420574f0ae185cb37f4e149792cbd9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb1ac5b5424ece57f08a63b8db52cf90fc40daa770bf0f9ef658b958d830faad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d000b0138ab662c93e95bf083f39f82952dbdfebdb8912296895e2b7ef25e636
d16e675e2659ddc9bc00ed093db5e4d59e5b8a7625e222c5740c5979e8501d3c
d6cac9b1acb112eecfba71f09ae763abaa72419fb46d0496bdc79d0d2f64f1e4
db142dcb106b872ce405bda5fa75693bcc796a9da1196ee088a3121642be2a43
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de609b08622626ddc509e8f003dc8ef6e3732dad0b976f5737a273f1fac0d0e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50612a75abebced5d551b1118ff014c35dbc3eb1ccba320ba5dedeb36e9aacb
e60308ce5d2c4d35688f9053f27a6dc77b57416a48d99aba624c158b827c6e89
e72a2a85de4e59f6420027b6a033da632bd0cf53cf47e5bb5e55adf531d5e0a9
e89b4be1b17daf27f6c814c6458ec4391708a742e12acced06df5b18469d5919
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ebe1002b09d0810c66c735181b49562a2e2a6fd15e2c55a9fcd2e67e272abe89
ec8bdc3ef213a0c13c49043ea7fa0110f5582b96137737e55812b42e854188c4
edd08583de145a81a93f435a635a3201b34630cdfbec43bed6b28e9f638daf6f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f47d56f4e42a0fd576ee274454e24c085010b464b849cabe80041c88aaf45363
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
feb0aa1b6b4b436fdb0be7f15bff2fd0b9422d227b5f8700894ebd006218c70d
fede027d4cad3220417697ffa7da185857aac84ae289bc8d7c2768cb3d7b194a