Submitted URL: http://www.nlb.me/
Effective URL: https://www.nlb.me/
Submission: On September 12 via api from CH

Summary

This website contacted 14 IPs in 6 countries across 14 domains to perform 43 HTTP transactions. The main IP is 82.214.88.14, located in Serbia and belongs to AKTON-AS Akton Autonomous System, SI. The main domain is www.nlb.me.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 2nd 2019. Valid for: a year.
This is the only time www.nlb.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 82.214.88.14 25467 (AKTON-AS ...)
2 151.139.237.11 33438 (HIGHWINDS2)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 147.75.204.210 54825 (PACKET)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 23.210.248.44 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 147.75.84.99 54825 (PACKET)
10 2a00:1450:400... 15169 (GOOGLE)
4 52.218.84.234 16509 (AMAZON-02)
43 14
Domain Requested by
10 fonts.gstatic.com www.nlb.me
9 www.nlb.me 1 redirects www.nlb.me
4 s3-eu-west-1.amazonaws.com www.nlb.me
3 api.nlb.me cdn.rawgit.com
2 fonts.googleapis.com www.nlb.me
2 s7.addthis.com www.nlb.me
s7.addthis.com
2 www.google-analytics.com www.nlb.me
2 connect.facebook.net www.nlb.me
connect.facebook.net
2 cdn.rawgit.com www.nlb.me
api.nlb.me
1 v1.addthisedge.com s7.addthis.com
1 vars.hotjar.com static.hotjar.com
1 maxcdn.bootstrapcdn.com www.nlb.me
1 stats.g.doubleclick.net www.nlb.me
1 cdnjs.cloudflare.com www.nlb.me
1 www.facebook.com www.nlb.me
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.nlb.me
43 17
Subject Issuer Validity Valid
*.nlb.me
Sectigo RSA Domain Validation Secure Server CA
2019-07-02 -
2020-07-16
a year crt.sh
rawgit.com
COMODO RSA Domain Validation Secure Server CA
2018-12-29 -
2020-01-13
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-08-24 -
2019-10-19
2 months crt.sh
*.google-analytics.com
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3
2019-08-07 -
2019-11-05
3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3
2019-08-07 -
2019-11-05
3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-08-10 -
2020-02-16
6 months crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2019-06-06 -
2020-09-04
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months crt.sh
*.googleapis.com
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months crt.sh
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA
2018-10-03 -
2019-10-12
a year crt.sh
vars.hotjar.com
Let's Encrypt Authority X3
2019-08-07 -
2019-11-05
3 months crt.sh
*.google.com
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months crt.sh
*.s3-eu-west-1.amazonaws.com
DigiCert Baltimore CA-2 G2
2018-11-08 -
2019-11-06
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.nlb.me/
Frame ID: 1E9F7D05773CFC492D4B4232177EEE19
Requests: 38 HTTP requests in this frame

Frame: https://api.nlb.me/proxy.html
Frame ID: 65FEFFE75F99D2930122193C600D557C
Requests: 4 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: 27E4A3E59EDEB8C97CB64C648176A74A
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.nlb.me/ HTTP 301
    https://www.nlb.me/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /addthis\.com\/js\//i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

43
Requests

100 %
HTTPS

57 %
IPv6

14
Domains

17
Subdomains

14
IPs

6
Countries

1445 kB
Transfer

4321 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.nlb.me/ HTTP 301
    https://www.nlb.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.nlb.me/
Redirect Chain
  • http://www.nlb.me/
  • https://www.nlb.me/
6 KB
2 KB
Document
General
Full URL
https://www.nlb.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.214.88.14 , Serbia, ASN25467 (AKTON-AS Akton Autonomous System, SI),
Reverse DNS
nlbcpm.hostuj.me
Software
Apache /
Resource Hash
abe51ffe81c4c19f4b408980f9bdc829f5715b9c8e084fafa89d4a84aec80cfa

Request headers

Host
www.nlb.me
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 20:22:28 GMT
Server
Apache
Accept-Ranges
bytes
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Pragma
no-cache
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Expires
Thu, 1 Jan 1970 00:00:00 GMT
Content-Length
2155
Connection
close
Content-Type
text/html

Redirect headers

Date
Thu, 12 Sep 2019 20:22:28 GMT
Server
Apache
Location
https://www.nlb.me/
Cache-Control
max-age=2592000
Expires
Sat, 12 Oct 2019 20:22:28 GMT
Content-Length
227
Connection
close
Content-Type
text/html; charset=iso-8859-1
main.a80a3245.css
www.nlb.me/assets/styles/
298 KB
49 KB
Stylesheet
General
Full URL
https://www.nlb.me/assets/styles/main.a80a3245.css
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.214.88.14 , Serbia, ASN25467 (AKTON-AS Akton Autonomous System, SI),
Reverse DNS
nlbcpm.hostuj.me
Software
Apache /
Resource Hash
5be3839e30b65b8b83a2840410c34be09a61d818883987f50f5c3af69de14404

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 20:22:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Sep 2019 08:20:46 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
50312
Expires
Sat, 12 Oct 2019 20:22:28 GMT
xdomain.min.js
cdn.rawgit.com/jpillora/xdomain/0.7.3/dist/
13 KB
6 KB
Script
General
Full URL
https://cdn.rawgit.com/jpillora/xdomain/0.7.3/dist/xdomain.min.js
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.11 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
dc4f0289aa2474b29da804b344ed78778292e79717f0bc30e0bb1caffb0a6d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 20:22:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
NetDNA-cache/2.2
status
200
etag
W/"cb1e75f3920ed1638d23eb65faf7e3db4f2c5863"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315569000, immutable
strict-transport-security
max-age=31536000; preload
x-robots-tag
none
rawgit-cache-status
HIT
webapp.93fe00d3.js
www.nlb.me/scripts/
1 MB
396 KB
Script
General
Full URL
https://www.nlb.me/scripts/webapp.93fe00d3.js
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.214.88.14 , Serbia, ASN25467 (AKTON-AS Akton Autonomous System, SI),
Reverse DNS
nlbcpm.hostuj.me
Software
Apache /
Resource Hash
412fe37e0e1445be8fc5a32a8d2990b0ea0514ff1b61595c725091ae30aaf6f9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 20:22:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Sep 2019 10:25:28 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
close
Accept-Ranges
bytes
Expires
Sat, 12 Oct 2019 20:22:28 GMT
templates.08129311.js
www.nlb.me/scripts/
663 KB
76 KB
Script
General
Full URL
https://www.nlb.me/scripts/templates.08129311.js
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.214.88.14 , Serbia, ASN25467 (AKTON-AS Akton Autonomous System, SI),
Reverse DNS
nlbcpm.hostuj.me
Software
Apache /
Resource Hash
7ef0a57414aa188d1ee74c1a6f4d46cb9c7f8feceb316f9392a27a40e20d1fdc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 20:22:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Sep 2019 08:20:57 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
close
Accept-Ranges
bytes
Expires
Sat, 12 Oct 2019 20:22:28 GMT
fbevents.js
connect.facebook.net/en_US/
121 KB
31 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
31604
x-xss-protection
0
pragma
public
x-fb-debug
4x5+zz7Ry99oONKVCaXOanZxBI5nqpAgfGeZc5J76ay4vZgzLCx2rgWo+bUcMtj58lonFNSt8UN3lsHxGg0GTg==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Thu, 12 Sep 2019 20:22:29 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
5936
date
Thu, 12 Sep 2019 18:43:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Thu, 12 Sep 2019 20:43:33 GMT
hotjar-130410.js
static.hotjar.com/c/
3 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-130410.js?sv=5
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.204.210 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-4
Software
openresty /
Resource Hash
cf9ec3bee264e9fc347cb416d57382a9d8f36393d4c3f633d21c29a91526bbf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 20:22:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
section-io-tag
hotjar
age
112
status
200
section-io-cache
Hit
vary
Accept-Encoding
content-length
1719
server
openresty
cache-control
max-age=60
x-frame-options
SAMEORIGIN
etag
W/c2558f5c83d135fefd46062036e3363e
access-control-max-age
600
section-io-origin-status
304
access-control-allow-origin
*
x-cache-hit
1
section-io-origin-time-seconds
0.068
section-io-id
1ea45d8c9324455d1b43551e02a4750c
accept-ranges
bytes
content-type
application/javascript
1786599281586692
connect.facebook.net/signals/config/
68 KB
18 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1786599281586692?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
2264a1013cdc39b1e1aa7cf302614d1b71d03d7c4afe1c6bb9bdf46042e416da
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-xss-protection
0
pragma
public
x-fb-debug
Ii2z8DQf7Q0uzcPe+zGU+4ZKV4UexBMoTZ9wLH3gawXaQYvSS53PGT/Zo1vyFIqNRzrIyBTr2o5lbM9/y5O/OA==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Thu, 12 Sep 2019 20:22:29 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
modules.29a329b2f7876a65f063.js
script.hotjar.com/
427 KB
72 KB
Script
General
Full URL
https://script.hotjar.com/modules.29a329b2f7876a65f063.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-130410.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.204.210 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-4
Software
/
Resource Hash
cf35f386309b6d7909d1e0f6d9f386620352110e961204286a35183c89e71d6f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 20:22:29 GMT
content-encoding
br
last-modified
Tue, 10 Sep 2019 16:42:07 GMT
status
200
etag
"a61484c0e907e615bb6412a5955255a4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.028
section-io-origin-status
200
accept-ranges
bytes
section-io-id
0b2fb5ddc6ff692940fe081af268266c
content-length
73030
/
www.facebook.com/tr/
44 B
247 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1786599281586692&ev=PageView&dl=https%3A%2F%2Fwww.nlb.me%2F&rl=&if=false&ts=1568319749275&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=28&fbp=fb.1.1568319749274.551827178&it=1568319749163&coo=false&rqm=GET
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 20:22:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 12 Sep 2019 20:22:29 GMT
jquery.mousewheel.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/
3 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js?_=1568319749555
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/scripts/webapp.93fe00d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 20:22:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
12953691
status
200
served-in-seconds
0.008
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:13 GMT
server
cloudflare
etag
W/"5afd494d-ad3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5154980309fc8c9e-VIE
expires
Tue, 01 Sep 2020 20:22:29 GMT
addthis_widget.js
s7.addthis.com/js/300/
349 KB
113 KB
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/scripts/webapp.93fe00d3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
bf39734c6b0b0aa2a63217dc803eaba3d79520d3bdd30c4018ee10a181b2b2fb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 11 Sep 2019 20:38:55 GMT
server
nginx/1.15.8
etag
W/"5d795b5f-5755d"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
status
200
date
Thu, 12 Sep 2019 20:22:29 GMT
x-host
s7.addthis.com
content-length
115051
mCSB_buttons.png
www.nlb.me/assets/styles/
6 KB
6 KB
Image
General
Full URL
https://www.nlb.me/assets/styles/mCSB_buttons.png
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/scripts/webapp.93fe00d3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.214.88.14 , Serbia, ASN25467 (AKTON-AS Akton Autonomous System, SI),
Reverse DNS
nlbcpm.hostuj.me
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/assets/styles/main.a80a3245.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Sep 2019 20:22:29 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
close
Accept-Ranges
bytes
Content-Length
2155
Expires
Thu, 1 Jan 1970 00:00:00 GMT
proxy.html
api.nlb.me/ Frame 65FE
121 B
619 B
Document
General
Full URL
https://api.nlb.me/proxy.html
Requested by
Host: cdn.rawgit.com
URL: https://cdn.rawgit.com/jpillora/xdomain/0.7.3/dist/xdomain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.214.88.14 , Serbia, ASN25467 (AKTON-AS Akton Autonomous System, SI),
Reverse DNS
nlbcpm.hostuj.me
Software
Apache /
Resource Hash
b7094028ce2bf8829ee37470c86b0c4b292d4808a78d80b92bb9589072047342

Request headers

Host
api.nlb.me
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
same-site
Referer
https://www.nlb.me/
Accept-Encoding
gzip, deflate, br
Cookie
_ga=GA1.2.1265989089.1568319749; _gid=GA1.2.1696601225.1568319749; _fbp=fb.1.1568319749274.551827178; _hjid=f02a763d-754e-4968-bb2e-511ad406ddfd; _gat=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.nlb.me/

Response headers

Date
Thu, 12 Sep 2019 20:22:29 GMT
Server
Apache
Accept-Ranges
bytes
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Access-Control-Allow-Headers
fl-access-token,Content-Type,locale,section,X-Requested-With
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, DELETE
Pragma
no-cache
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Expires
Thu, 1 Jan 1970 00:00:00 GMT
Content-Length
127
Connection
close
Content-Type
text/html
collect
www.google-analytics.com/
35 B
99 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=789609218&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nlb.me%2F&dp=%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgEAB~&jid=261318273&gjid=1471591756&cid=1265989089.1568319749&tid=UA-69488326-1&_gid=1696601225.1568319749&z=650379501
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 00:26:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1886153
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-69488326-1&cid=1265989089.1568319749&jid=261318273&gjid=1471591756&_gid=1696601225.1568319749&_u=KGBAgEAB~&z=1103855411
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 12 Sep 2019 20:22:29 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/
3 KB
598 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Istok+Web:400,700&subset=latin,latin-ext
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
edbe89711001a327252bfaa72e151f4c281d99ec106d51d060c2c474ef68815e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 12 Sep 2019 20:22:29 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 12 Sep 2019 20:22:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Thu, 12 Sep 2019 20:22:29 GMT
css
fonts.googleapis.com/
11 KB
832 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300italic,400,400italic,700&subset=latin,latin-ext
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
3059c7f3dfea51ffb25b27032c7f1484e124632f60dc95c6f5aa32ab801cc80f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 12 Sep 2019 20:22:29 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 12 Sep 2019 20:22:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Thu, 12 Sep 2019 20:22:29 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/
26 KB
6 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 20:22:29 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
status
200
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
6079
box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame 27E4
0
0
Document
General
Full URL
https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-130410.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.84.99 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-90f3a29ef7448451db5af955688970d7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.nlb.me/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.nlb.me/

Response headers

status
200
date
Thu, 12 Sep 2019 20:22:29 GMT
content-type
text/html
content-length
787
cache-control
max-age=31536000
content-encoding
br
last-modified
Wed, 14 Aug 2019 14:14:11 GMT
etag
"5ee1a7ca3792b75767626ba3f51572aa"
section-io-origin-status
200
section-io-origin-time-seconds
0.051
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
247041e26e162dc07cf816a699393c62
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/scripts/webapp.93fe00d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:300,300italic,400,400italic,700&subset=latin,latin-ext
Origin
https://www.nlb.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 24 Aug 2019 14:56:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
1661135
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11016
x-xss-protection
0
expires
Sun, 23 Aug 2020 14:56:54 GMT
xdomain.min.js
cdn.rawgit.com/jpillora/xdomain/0.6.17/dist/ Frame 65FE
13 KB
6 KB
Script
General
Full URL
https://cdn.rawgit.com/jpillora/xdomain/0.6.17/dist/xdomain.min.js
Requested by
Host: api.nlb.me
URL: https://api.nlb.me/proxy.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.11 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1001727ee1109e05bbbfc31002e5fe72a5eeed8f83ac5b8c2d38a9e137983149
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://api.nlb.me/proxy.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 20:22:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
NetDNA-cache/2.2
status
200
etag
W/"e5a1e17d9e7a4c1753a1ec93441497687f3bf6de"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315569000, immutable
strict-transport-security
max-age=31536000; preload
x-robots-tag
none
rawgit-cache-status
HIT
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5672801052354083/
861 B
613 B
Script
General
Full URL
https://v1.addthisedge.com/live/boost/ra-5672801052354083/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.8.v20180619) /
Resource Hash
514a32ac79ec525a6569e5081cfa70aa5f868c4ae8e117f954b14b8f2b7aed25

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 20:22:30 GMT
content-encoding
gzip
surrogate-key
ra-5672801052354083
server
Jetty(9.4.8.v20180619)
cache-tag
ra-5672801052354083
etag
-321443204--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
status
200
cache-control
public, max-age=59, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
367
pocetna
api.nlb.me/v1/landingpages/ Frame 65FE
13 KB
2 KB
XHR
General
Full URL
https://api.nlb.me/v1/landingpages/pocetna?extended_fields=image,boxes.image,seo_image,modules
Requested by
Host: cdn.rawgit.com
URL: https://cdn.rawgit.com/jpillora/xdomain/0.6.17/dist/xdomain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.214.88.14 , Serbia, ASN25467 (AKTON-AS Akton Autonomous System, SI),
Reverse DNS
nlbcpm.hostuj.me
Software
Apache / PHP/5.6.40
Resource Hash
aec632fc5af3e1694a0500a832fe05649a1d4a36d1fba0512330f32655899186

Request headers

Accept
application/json, text/plain, */*
Referer
https://api.nlb.me/proxy.html
locale
me
section
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Thu, 12 Sep 2019 20:22:30 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, DELETE
Content-Type
application/json
Cache-Control
no-cache, max-age=2592000
Connection
close
Access-Control-Allow-Headers
fl-access-token,Content-Type,locale,section,X-Requested-With
Content-Length
1920
Expires
Sat, 12 Oct 2019 20:22:30 GMT
stanovnistvo
api.nlb.me/v1/menus/chain/ Frame 65FE
24 KB
3 KB
XHR
General
Full URL
https://api.nlb.me/v1/menus/chain/stanovnistvo?extended_fields=menuTabs.menuTabItems.menuTabItemLinks,menuTabs.menuTabItems.image
Requested by
Host: cdn.rawgit.com
URL: https://cdn.rawgit.com/jpillora/xdomain/0.6.17/dist/xdomain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.214.88.14 , Serbia, ASN25467 (AKTON-AS Akton Autonomous System, SI),
Reverse DNS
nlbcpm.hostuj.me
Software
Apache / PHP/5.6.40
Resource Hash
333b49b14c5c0d94563ec00b6909f7889f37a5ce08f87a04c31820410837580f

Request headers

Accept
application/json, text/plain, */*
Referer
https://api.nlb.me/proxy.html
locale
me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Thu, 12 Sep 2019 20:22:30 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, DELETE
Content-Type
application/json
Cache-Control
no-cache, max-age=2592000
Connection
close
Access-Control-Allow-Headers
fl-access-token,Content-Type,locale,section,X-Requested-With
Content-Length
2978
Expires
Sat, 12 Oct 2019 20:22:30 GMT
layers.8eebb73346d2e9041c7a.js
s7.addthis.com/static/
263 KB
76 KB
Script
General
Full URL
https://s7.addthis.com/static/layers.8eebb73346d2e9041c7a.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
055de8868a2f067358a5abf7a789ce7b5c2d7d6793ae839e3e0c494bfc8379db
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 11 Sep 2019 20:38:55 GMT
server
nginx/1.15.8
etag
W/"5d795b5f-41b9f"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Thu, 12 Sep 2019 20:22:30 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77529
x1-s01c2b147ce.6ee6dc2b.png
www.nlb.me/assets/images/sprites/
7 KB
7 KB
Image
General
Full URL
https://www.nlb.me/assets/images/sprites/x1-s01c2b147ce.6ee6dc2b.png
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/scripts/webapp.93fe00d3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.214.88.14 , Serbia, ASN25467 (AKTON-AS Akton Autonomous System, SI),
Reverse DNS
nlbcpm.hostuj.me
Software
Apache /
Resource Hash
9e97d86afd6a41c14b7f06bb2ca8c9ba92ee74cfa37fd0bdda07c19e8ae1dcf9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/assets/styles/main.a80a3245.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 20:22:30 GMT
Last-Modified
Tue, 27 Aug 2019 12:30:19 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
close
Accept-Ranges
bytes
Content-Length
7048
Expires
Fri, 11 Sep 2020 20:22:30 GMT
nlbicon.f1beffc7.woff
www.nlb.me/assets/fonts/
25 KB
14 KB
Font
General
Full URL
https://www.nlb.me/assets/fonts/nlbicon.f1beffc7.woff
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/scripts/webapp.93fe00d3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.214.88.14 , Serbia, ASN25467 (AKTON-AS Akton Autonomous System, SI),
Reverse DNS
nlbcpm.hostuj.me
Software
Apache /
Resource Hash
65299bf5c73e14297c316d53fd89818f93652cf3f3dce33a0e67d742925ce0ed

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.nlb.me/assets/styles/main.a80a3245.css
Origin
https://www.nlb.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 20:22:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Sep 2017 09:13:18 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
font/woff
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
14146
Expires
Sat, 12 Oct 2019 20:22:30 GMT
3qTqojGmgSyUukBzKslhvU5q-WMVQhTMMg.woff2
fonts.gstatic.com/s/istokweb/v14/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/istokweb/v14/3qTqojGmgSyUukBzKslhvU5q-WMVQhTMMg.woff2
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/scripts/webapp.93fe00d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
951c12c10d89fea39e74afbac9dfcc76a00dfa52818e4ee5dc4e64bb9c7cf9e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Istok+Web:400,700&subset=latin,latin-ext
Origin
https://www.nlb.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 10:46:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:15:09 GMT
server
sffe
age
1762588
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11080
x-xss-protection
0
expires
Sat, 22 Aug 2020 10:46:02 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/scripts/webapp.93fe00d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:300,300italic,400,400italic,700&subset=latin,latin-ext
Origin
https://www.nlb.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 25 Aug 2019 08:41:22 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
1597268
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11180
x-xss-protection
0
expires
Mon, 24 Aug 2020 08:41:22 GMT
3qTvojGmgSyUukBzKslpBmt_1EEYaA.woff2
fonts.gstatic.com/s/istokweb/v14/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/istokweb/v14/3qTvojGmgSyUukBzKslpBmt_1EEYaA.woff2
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/scripts/webapp.93fe00d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
17430e6d91c8c0d6eb94a948c6d6002a78a443c622160a46bb0c390838aec9bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Istok+Web:400,700&subset=latin,latin-ext
Origin
https://www.nlb.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 24 Aug 2019 14:53:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:13:08 GMT
server
sffe
age
1661359
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11112
x-xss-protection
0
expires
Sun, 23 Aug 2020 14:53:11 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/scripts/webapp.93fe00d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:300,300italic,400,400italic,700&subset=latin,latin-ext
Origin
https://www.nlb.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 18:28:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
870863
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11020
x-xss-protection
0
expires
Tue, 01 Sep 2020 18:28:07 GMT
KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/scripts/webapp.93fe00d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:300,300italic,400,400italic,700&subset=latin,latin-ext
Origin
https://www.nlb.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 15:12:01 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:46 GMT
server
sffe
age
1487429
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
8024
x-xss-protection
0
expires
Tue, 25 Aug 2020 15:12:01 GMT
KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/
12 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/scripts/webapp.93fe00d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:300,300italic,400,400italic,700&subset=latin,latin-ext
Origin
https://www.nlb.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:16:13 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
1497977
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
12680
x-xss-protection
0
expires
Tue, 25 Aug 2020 12:16:13 GMT
3qTvojGmgSyUukBzKslpCGt_1EEYaC7F.woff2
fonts.gstatic.com/s/istokweb/v14/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/istokweb/v14/3qTvojGmgSyUukBzKslpCGt_1EEYaC7F.woff2
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/scripts/webapp.93fe00d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
058d95e46ae3adf5d4a83dc099aa4f8586a92f52f391d9e2658593e0e6cba4b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Istok+Web:400,700&subset=latin,latin-ext
Origin
https://www.nlb.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 25 Aug 2019 08:24:49 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:13:14 GMT
server
sffe
age
1598261
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
12164
x-xss-protection
0
expires
Mon, 24 Aug 2020 08:24:49 GMT
KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/scripts/webapp.93fe00d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:300,300italic,400,400italic,700&subset=latin,latin-ext
Origin
https://www.nlb.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 12:03:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
893954
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
7924
x-xss-protection
0
expires
Tue, 01 Sep 2020 12:03:16 GMT
1555075785-super-brzi-kredit-grupe-1920x1080-i_1920x1080.jpg
s3-eu-west-1.amazonaws.com/nlb-media-fabrika/
345 KB
345 KB
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/nlb-media-fabrika/1555075785-super-brzi-kredit-grupe-1920x1080-i_1920x1080.jpg
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/scripts/webapp.93fe00d3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.84.234 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
01d100e9edeef22f25d144a74d848dd6a3bb05e377f6151f4f4f9bb9ed932d8f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 20:22:31 GMT
Last-Modified
Fri, 12 Apr 2019 13:29:47 GMT
Server
AmazonS3
x-amz-request-id
C847AF6D6B869A00
ETag
"dbeaaf18cd5d161bc46dc1b4bec35176"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
353254
x-amz-id-2
ILH23yB36TjrkjG3iEYU0Ue8z/8At0KhTVQjkHL9Fb/1Fa6Pme2BJP9MZcPbiTZapL8tv6C+1Gc=
nlb-instagram.png
s3-eu-west-1.amazonaws.com/nlb-media/assets/
4 KB
4 KB
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/nlb-media/assets/nlb-instagram.png
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/scripts/webapp.93fe00d3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.84.234 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
63553d439aaa5467098a5ebdc76562600f7200319b46068b6727e39bf8dbd252

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/assets/styles/main.a80a3245.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 20:22:31 GMT
Last-Modified
Mon, 05 Aug 2019 10:00:20 GMT
Server
AmazonS3
x-amz-request-id
D802DCB25856019F
ETag
"562dc890cc715b873b6387bdb694401d"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4105
x-amz-id-2
rrW/crcRv2QmrQy+XR6mpKmpQZskXOlHwEG8M7DbFeo/nuoSZazaD2GCBMsD/ujpIReIE8+mmeM=
1565003670-viber-ljubo-1920x1080-i_170x170.jpg
s3-eu-west-1.amazonaws.com/nlb-media-fabrika/
27 KB
27 KB
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/nlb-media-fabrika/1565003670-viber-ljubo-1920x1080-i_170x170.jpg
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/scripts/webapp.93fe00d3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.84.234 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
91bbfa91e33254605b2a78a6b2b5de274c518324a1aa5ce693957261aa4a5f9f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 20:22:31 GMT
Last-Modified
Mon, 05 Aug 2019 11:14:36 GMT
Server
AmazonS3
x-amz-request-id
9B4AD0F69DC4996A
ETag
"ecabfebed02b13a5c228ccf479012ea9"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
27680
x-amz-id-2
XExv2T8AhgUXoH1qaCSXE6QPDZnF+Y8r6wmncKAo3sJAGMmk76dSItKoHJJAqGwqrkJRDsJ08Ts=
KFOlCnqEu92Fr1MmSU5fChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fChc4AMP6lbBP.woff2
Requested by
Host: www.nlb.me
URL: https://www.nlb.me/scripts/webapp.93fe00d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b58c11dac0fae1d40040bda04c6d4d8d5ba9f2cde7a53568f0741c973b301abb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:300,300italic,400,400italic,700&subset=latin,latin-ext
Origin
https://www.nlb.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 10:47:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:40 GMT
server
sffe
age
1762493
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
8088
x-xss-protection
0
expires
Sat, 22 Aug 2020 10:47:37 GMT
euromoney-logo.d29654ae.png
www.nlb.me/assets/images/
31 KB
32 KB
Image
General
Full URL
https://www.nlb.me/assets/images/euromoney-logo.d29654ae.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.214.88.14 , Serbia, ASN25467 (AKTON-AS Akton Autonomous System, SI),
Reverse DNS
nlbcpm.hostuj.me
Software
Apache /
Resource Hash
49a056941398a2b9e1bcdc765e5d015793f1a3586b7aeba0f7146c0b06fa5213

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 20:22:30 GMT
Last-Modified
Thu, 15 Aug 2019 13:23:09 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
close
Accept-Ranges
bytes
Content-Length
32119
Expires
Fri, 11 Sep 2020 20:22:30 GMT
1520586077-partneri-1-i_170x170.jpg
s3-eu-west-1.amazonaws.com/nlb-media-fabrika/
25 KB
25 KB
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/nlb-media-fabrika/1520586077-partneri-1-i_170x170.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.84.234 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1ee9a2090408aa8f5310650b90636740a69ee67b149509cf83582b41ea638bd1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nlb.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 20:22:31 GMT
Last-Modified
Fri, 09 Mar 2018 09:01:24 GMT
Server
AmazonS3
x-amz-request-id
109E74C2D38301F1
ETag
"654d80e32708668eb7756c3bbf95038b"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
25427
x-amz-id-2
Tu0C3iwnCd1+ylwOQGFJUcd2NLB7OSCY56VF8VDfPmD69YPlgHyKsBhRqIYNblf/Aak3AVNDMsE=

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| xhook function| xdomain object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| duScrollDefaultEasing object| duScroll object| backtop object| ngFileUpload function| saveAs function| ics function| getApiBaseUrl function| getApiChatUrl function| $ function| jQuery function| _ object| eventie function| EventEmitter function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| imagesLoaded object| angular function| moment object| NProgress object| angulartics function| require object| d3 object| FileAPI boolean| mCustomScrollbar object| bowser function| cb function| raf function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_config object| addthis_share object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks

7 Cookies

Domain/Path Name / Value
www.nlb.me/ Name: __atuvs
Value: 5d7aa905cdb0e4a9000
www.nlb.me/ Name: __atuvc
Value: 1%7C37
.nlb.me/ Name: _fbp
Value: fb.1.1568319749274.551827178
.nlb.me/ Name: _hjid
Value: f02a763d-754e-4968-bb2e-511ad406ddfd
.nlb.me/ Name: _ga
Value: GA1.2.1265989089.1568319749
.nlb.me/ Name: _gid
Value: GA1.2.1696601225.1568319749
.nlb.me/ Name: _gat
Value: 1

2 Console Messages

Source Level URL
Text
console-api error URL: https://www.nlb.me/scripts/webapp.93fe00d3.js(Line 7)
Message:
TypeError: Cannot read property 'getItem' of null at Object.<anonymous> (https://www.nlb.me/scripts/webapp.93fe00d3.js:40:19452) at e (https://www.nlb.me/scripts/webapp.93fe00d3.js:6:26620) at Object.f [as instantiate] (https://www.nlb.me/scripts/webapp.93fe00d3.js:6:26712) at https://www.nlb.me/scripts/webapp.93fe00d3.js:7:17009 at https://www.nlb.me/scripts/webapp.93fe00d3.js:12:8397 at ga (https://www.nlb.me/scripts/webapp.93fe00d3.js:7:12846) at p (https://www.nlb.me/scripts/webapp.93fe00d3.js:7:6657) at h (https://www.nlb.me/scripts/webapp.93fe00d3.js:7:2769) at https://www.nlb.me/scripts/webapp.93fe00d3.js:7:2298 at k (https://www.nlb.me/scripts/webapp.93fe00d3.js:12:7796)
console-api error URL: https://www.nlb.me/scripts/webapp.93fe00d3.js(Line 7)
Message:
TypeError: Cannot read property 'getItem' of null at https://www.nlb.me/scripts/webapp.93fe00d3.js:45:23549 at https://www.nlb.me/scripts/webapp.93fe00d3.js:8:21186 at e (https://www.nlb.me/scripts/webapp.93fe00d3.js:6:28414) at https://www.nlb.me/scripts/webapp.93fe00d3.js:6:29862

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.nlb.me
cdn.rawgit.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
s3-eu-west-1.amazonaws.com
s7.addthis.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
v1.addthisedge.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.nlb.me
147.75.204.210
147.75.84.99
151.139.237.11
2001:4de0:ac19::1:b:3b
23.210.248.44
2606:4700::6813:c497
2a00:1450:4001:809::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:825::200e
2a00:1450:400c:c06::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.218.84.234
82.214.88.14
01d100e9edeef22f25d144a74d848dd6a3bb05e377f6151f4f4f9bb9ed932d8f
055de8868a2f067358a5abf7a789ce7b5c2d7d6793ae839e3e0c494bfc8379db
058d95e46ae3adf5d4a83dc099aa4f8586a92f52f391d9e2658593e0e6cba4b5
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1001727ee1109e05bbbfc31002e5fe72a5eeed8f83ac5b8c2d38a9e137983149
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
17430e6d91c8c0d6eb94a948c6d6002a78a443c622160a46bb0c390838aec9bb
1ee9a2090408aa8f5310650b90636740a69ee67b149509cf83582b41ea638bd1
2264a1013cdc39b1e1aa7cf302614d1b71d03d7c4afe1c6bb9bdf46042e416da
3059c7f3dfea51ffb25b27032c7f1484e124632f60dc95c6f5aa32ab801cc80f
333b49b14c5c0d94563ec00b6909f7889f37a5ce08f87a04c31820410837580f
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
412fe37e0e1445be8fc5a32a8d2990b0ea0514ff1b61595c725091ae30aaf6f9
49a056941398a2b9e1bcdc765e5d015793f1a3586b7aeba0f7146c0b06fa5213
514a32ac79ec525a6569e5081cfa70aa5f868c4ae8e117f954b14b8f2b7aed25
5be3839e30b65b8b83a2840410c34be09a61d818883987f50f5c3af69de14404
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
63553d439aaa5467098a5ebdc76562600f7200319b46068b6727e39bf8dbd252
65299bf5c73e14297c316d53fd89818f93652cf3f3dce33a0e67d742925ce0ed
7ef0a57414aa188d1ee74c1a6f4d46cb9c7f8feceb316f9392a27a40e20d1fdc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
91bbfa91e33254605b2a78a6b2b5de274c518324a1aa5ce693957261aa4a5f9f
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
951c12c10d89fea39e74afbac9dfcc76a00dfa52818e4ee5dc4e64bb9c7cf9e4
9e97d86afd6a41c14b7f06bb2ca8c9ba92ee74cfa37fd0bdda07c19e8ae1dcf9
abe51ffe81c4c19f4b408980f9bdc829f5715b9c8e084fafa89d4a84aec80cfa
aec632fc5af3e1694a0500a832fe05649a1d4a36d1fba0512330f32655899186
b58c11dac0fae1d40040bda04c6d4d8d5ba9f2cde7a53568f0741c973b301abb
b7094028ce2bf8829ee37470c86b0c4b292d4808a78d80b92bb9589072047342
bf39734c6b0b0aa2a63217dc803eaba3d79520d3bdd30c4018ee10a181b2b2fb
cf35f386309b6d7909d1e0f6d9f386620352110e961204286a35183c89e71d6f
cf9ec3bee264e9fc347cb416d57382a9d8f36393d4c3f633d21c29a91526bbf8
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc4f0289aa2474b29da804b344ed78778292e79717f0bc30e0bb1caffb0a6d96
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edbe89711001a327252bfaa72e151f4c281d99ec106d51d060c2c474ef68815e
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4