URL: https://www.nad-me.com/
Submission: On October 23 via manual from EG — Scanned from CA

Summary

This website contacted 10 IPs in 1 countries across 9 domains to perform 26 HTTP transactions. The main IP is 142.250.191.115, located in United States and belongs to GOOGLE, US. The main domain is www.nad-me.com.
TLS certificate: Issued by WR3 on October 11th 2024. Valid for: 3 months.
This is the only time www.nad-me.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 142.250.191.115 15169 (GOOGLE)
1 142.251.41.40 15169 (GOOGLE)
2 13.107.253.40 8075 (MICROSOFT...)
9 142.250.72.97 15169 (GOOGLE)
4 23.57.90.69 20940 (AKAMAI-ASN1)
1 172.217.1.9 15169 (GOOGLE)
1 172.217.165.14 15169 (GOOGLE)
1 1 142.251.33.174 15169 (GOOGLE)
2 20.114.189.70 8075 (MICROSOFT...)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 13.107.21.237 8068 (MICROSOFT...)
26 10
Apex Domain
Subdomains
Transfer
9 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 10512
script.googleusercontent.com — Cisco Umbrella Rank: 47947
28 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 634
t.clarity.ms — Cisco Umbrella Rank: 6202
c.clarity.ms — Cisco Umbrella Rank: 1236
30 KB
5 nad-me.com
www.nad-me.com
118 KB
4 flaticon.com
cdn-icons-png.flaticon.com — Cisco Umbrella Rank: 46972
47 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 190
771 B
1 google.com
script.google.com — Cisco Umbrella Rank: 14294
1 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
1 blogger.com
www.blogger.com — Cisco Umbrella Rank: 12461
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
111 KB
26 9
Domain Requested by
8 blogger.googleusercontent.com www.nad-me.com
5 www.nad-me.com www.nad-me.com
4 cdn-icons-png.flaticon.com www.nad-me.com
2 c.clarity.ms 1 redirects
2 t.clarity.ms www.clarity.ms
2 www.clarity.ms www.nad-me.com
www.clarity.ms
1 c.bing.com 1 redirects
1 script.googleusercontent.com
1 script.google.com 1 redirects
1 www.google-analytics.com www.googletagmanager.com
1 www.blogger.com www.nad-me.com
1 www.googletagmanager.com www.nad-me.com
26 12
Subject Issuer Validity Valid
www.nad-me.com
WR3
2024-10-11 -
2025-01-09
3 months crt.sh
*.google-analytics.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
*.googleusercontent.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.flaticon.com
E6
2024-10-15 -
2025-01-13
3 months crt.sh
*.blogger.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.nad-me.com/
Frame ID: 8D2CCDEAA36EF74B6364571EE93BE1A1
Requests: 28 HTTP requests in this frame

Screenshot

Page Title

استراتيجيات حصرية لتحقيق الأهداف

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

26
Requests

92 %
HTTPS

0 %
IPv6

9
Domains

12
Subdomains

10
IPs

1
Countries

356 kB
Transfer

899 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://script.google.com/macros/s/AKfycbwsUhqAI9dGv4XgCmUcyDzoGbwziY-LPxCr4ZTlNxplzPkhsSHYKD4wcJi4UGnlAApgEg/exec?action=add&blogid=3717033617762447918&blogurl=www.nad-me.com HTTP 302
  • https://script.googleusercontent.com/macros/echo?user_content_key=euIH62BiXACWTRit6MYGY4MX0nWU4FYN-HL-OueCstQcpQAqodzqONxi1DSJwv7bSP61sKuVwb-45XWqIhdch_EDjfrlCHKuOJmA1Yb3SEsKFZqtv3DaNYcMrmhZHmUMWojr9NvTBuBLhyHCd5hHa_ewFmvUtEtZwPBkbnKNaDdA2hQCJMvMyOC3zDsQqjYmdjCjtFX9ZCO4Dj9rNaYAMLNrtXChU2wqHwOa2gTWx8glOtKNGYuTiwXIuFltvcj9RmkSfSpEspIjCSEJQ3CqJ8joVSD7dT2uIuRcKLLOZyXhX5pg_p7ANu2BxOCOMKpMEpa3pGZLC5g&lib=MaJGOH3flcGlgGhAPTUA_sE9ajs7K2js7
Request Chain 24
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CA20C495CF354B838424A615962BB94D&RedC=c.clarity.ms&MXFR=39304722A0296F271D755203A42961C5 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CA20C495CF354B838424A615962BB94D&MUID=1ED93FB8190661471A882A99182C602B

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.nad-me.com/
322 KB
98 KB
Document
General
Full URL
https://www.nad-me.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.191.115 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ord38s28-in-f19.1e100.net
Software
GSE /
Resource Hash
e208b11a62b4526d3d929bccc3a55860f98b5b11bc32a37fbbee1646e7d990ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
100205
content-type
text/html; charset=UTF-8
date
Wed, 23 Oct 2024 17:22:21 GMT
etag
W/"56533e2d380d77a0e02850f6a34a88e48e1066052645ee08e19313d13efd3757"
expires
Wed, 23 Oct 2024 17:22:21 GMT
last-modified
Wed, 23 Oct 2024 16:21:53 GMT
server
GSE
x-content-type-options
nosniff
x-robots-tag
all
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/
333 KB
111 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YS0MXHSXB0
Requested by
Host: www.nad-me.com
URL: https://www.nad-me.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.40 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz12s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2b1a2b79e7b1c801dcbab0bfe9cbae1e726cc38290f3e498a17446bac3a11aa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 23 Oct 2024 17:22:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 17:22:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
112474
x-xss-protection
0
server
Google Tag Manager
oko3ytt9sm
www.clarity.ms/tag/
738 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/oko3ytt9sm
Requested by
Host: www.nad-me.com
URL: https://www.nad-me.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1055e06ed423afeea5074a1edc29b37d17ac7c99d52bc87e42f80ba0673f0b1d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
738
date
Wed, 23 Oct 2024 17:22:22 GMT
content-type
application/x-javascript
x-azure-ref
20241023T172222Z-154bc68b95757pr842xvgxc5dg0000000660000000002gs6
AVvXsEiLIU2fIu7u8EDVd7HrC_6Ih0uI2ZuGBYUFrM1BO3Ih3_L7sr2ZjKGMmRDgwoLRzFa-Fwho1B0ft0EcmnO_P3txvcjR52rm27yX9S535EH2lyZjl2Dt3YCQ4Be-TutWHTSg5NPe-H5VFLeL6ulCzyyVuYqK1OBT-hhRFeFzx9PnHt8IMapU3E36r9a4PU0=w...
blogger.googleusercontent.com/img/a/
13 KB
14 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEiLIU2fIu7u8EDVd7HrC_6Ih0uI2ZuGBYUFrM1BO3Ih3_L7sr2ZjKGMmRDgwoLRzFa-Fwho1B0ft0EcmnO_P3txvcjR52rm27yX9S535EH2lyZjl2Dt3YCQ4Be-TutWHTSg5NPe-H5VFLeL6ulCzyyVuYqK1OBT-hhRFeFzx9PnHt8IMapU3E36r9a4PU0=w1600-h474-p-k-no-nu
Requested by
Host: www.nad-me.com
URL: https://www.nad-me.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
fife /
Resource Hash
711ca41b99bf1f35039ed4e065acf712612e4a3c598f7ec8015c55011d271d88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v5f4"
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 17:22:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13447
date
Wed, 23 Oct 2024 17:22:22 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="___________ _____ (1).png";filename*=UTF-8''%D8%A7%D8%B3%D8%AA%D8%B1%D8%A7%D8%AA%D9%8A%D8%AC%D9%8A%D8%A7%D8%AA%20%D8%AD%D8%B5%D8%B1%D9%8A%D8%A9%20(1).png
AVvXsEixn4C0JFv5-AyIsJ_0ddFWHXNL3xmyltJ4BLVpntgXuvzYmtLfBal4jsboal9U769JG0VnSjVGRNzM1nbzlBCmxwOxrFowP33g2IEiAwjprZroQ70qBrx-gF0DJKOSicr_kq1wvhAwbXrrElJhwlwIK855VEBsikCZ8m6V2cLNvUgOky7jhaGoFBN4uoU=s...
blogger.googleusercontent.com/img/a/
6 KB
7 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEixn4C0JFv5-AyIsJ_0ddFWHXNL3xmyltJ4BLVpntgXuvzYmtLfBal4jsboal9U769JG0VnSjVGRNzM1nbzlBCmxwOxrFowP33g2IEiAwjprZroQ70qBrx-gF0DJKOSicr_kq1wvhAwbXrrElJhwlwIK855VEBsikCZ8m6V2cLNvUgOky7jhaGoFBN4uoU=s1600
Requested by
Host: www.nad-me.com
URL: https://www.nad-me.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
fife /
Resource Hash
1608a976603298deea3f5fd6e3895ee3fc3070252e2db4bfe45218a67d9b74d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v5f2"
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 17:22:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6598
date
Wed, 23 Oct 2024 17:22:22 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="adobe_Ai_icon-icons.com_55479.png"
733547.png
cdn-icons-png.flaticon.com/512/733/
6 KB
7 KB
Image
General
Full URL
https://cdn-icons-png.flaticon.com/512/733/733547.png
Requested by
Host: www.nad-me.com
URL: https://www.nad-me.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.90.69 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-57-90-69.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2f54914b7ca6b3c1d20ecf16bdf9ebdbca0634f33198658b7e8562f9f01e75ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

x-goog-metageneration
1
x-amz-meta-goog-reserved-file-mtime
1518505312
etag
"021ada146ffb7c1753557ff29618d04c"
x-goog-stored-content-encoding
identity
x-amz-meta-x-goog-reserved-source-generation
1634241351250005
expires
Wed, 23 Oct 2024 17:22:22 GMT
x-goog-stored-content-length
6350
date
Wed, 23 Oct 2024 17:22:22 GMT
last-modified
Mon, 18 Sep 2023 23:35:38 GMT
content-type
image/png
vary
Accept-Encoding
x-default-rule
YES
cache-control
public, max-age=31536000
pragma
public
x-amz-checksum-crc32c
bUzqYA==
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1695080138045014
content-length
6350
733579.png
cdn-icons-png.flaticon.com/512/733/
13 KB
14 KB
Image
General
Full URL
https://cdn-icons-png.flaticon.com/512/733/733579.png
Requested by
Host: www.nad-me.com
URL: https://www.nad-me.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.90.69 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-57-90-69.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9858c37361c4533d0908e7b844a059b04d708acc50787354b207f906c0582221

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

x-goog-metageneration
1
x-amz-meta-goog-reserved-file-mtime
1518505312
etag
"8f35a40403a84631c4125c4f1859c7a6"
x-goog-stored-content-encoding
identity
x-amz-meta-x-goog-reserved-source-generation
1634241208417681
expires
Wed, 23 Oct 2024 17:22:22 GMT
x-goog-stored-content-length
13575
date
Wed, 23 Oct 2024 17:22:22 GMT
last-modified
Mon, 18 Sep 2023 23:35:40 GMT
content-type
image/png
vary
Accept-Encoding
x-default-rule
YES
cache-control
public, max-age=31536000
pragma
public
x-amz-checksum-crc32c
FklhmQ==
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1695080140178635
content-length
13575
733561.png
cdn-icons-png.flaticon.com/512/733/
7 KB
8 KB
Image
General
Full URL
https://cdn-icons-png.flaticon.com/512/733/733561.png
Requested by
Host: www.nad-me.com
URL: https://www.nad-me.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.90.69 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-57-90-69.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d41606de4645fbf1479231363170c596f53b7de624aea44b0c99ff78c6722151

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

x-goog-metageneration
1
x-amz-meta-goog-reserved-file-mtime
1518505312
etag
"926e2dcf5ab4220a359867614556df68"
x-goog-stored-content-encoding
identity
x-amz-meta-x-goog-reserved-source-generation
1634241351467043
expires
Wed, 23 Oct 2024 17:22:22 GMT
x-goog-stored-content-length
7407
date
Wed, 23 Oct 2024 17:22:22 GMT
last-modified
Mon, 18 Sep 2023 23:35:40 GMT
content-type
image/png
vary
Accept-Encoding
x-default-rule
YES
cache-control
public, max-age=31536000
pragma
public
x-amz-checksum-crc32c
Mczc+g==
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1695080140719300
content-length
7407
733585.png
cdn-icons-png.flaticon.com/512/733/
18 KB
19 KB
Image
General
Full URL
https://cdn-icons-png.flaticon.com/512/733/733585.png
Requested by
Host: www.nad-me.com
URL: https://www.nad-me.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.90.69 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-57-90-69.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8387574f7ebab08465d1419134bbff0e73bc26ca7220b18d16a264d67f996116

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

x-goog-metageneration
1
x-amz-meta-goog-reserved-file-mtime
1518505312
etag
"774352deeaa60ebe04164a1e28489771"
x-goog-stored-content-encoding
identity
x-amz-meta-x-goog-reserved-source-generation
1634241171742282
expires
Wed, 23 Oct 2024 17:22:22 GMT
x-goog-stored-content-length
18732
date
Wed, 23 Oct 2024 17:22:22 GMT
last-modified
Mon, 18 Sep 2023 23:35:37 GMT
content-type
image/png
vary
Accept-Encoding
x-default-rule
YES
cache-control
public, max-age=31536000
pragma
public
x-amz-checksum-crc32c
8sCpLQ==
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1695080137893665
content-length
18732
summary
www.nad-me.com/feeds/posts/
67 KB
15 KB
Fetch
General
Full URL
https://www.nad-me.com/feeds/posts/summary?alt=json
Requested by
Host: www.nad-me.com
URL: https://www.nad-me.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.191.115 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ord38s28-in-f19.1e100.net
Software
blogger-renderd /
Resource Hash
f7e4e8c14b6b0a170af41a325223e2a7c5098baa03f8f0eea2c01234c356596b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

cache-control
public, must-revalidate, proxy-revalidate, max-age=1
content-encoding
gzip
etag
W/"21b32ff913cc64e7d0c4acc08811bd0bcb03ce7913f043024ef81bc58870f6d6"
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 17:22:23 GMT
content-length
15121
date
Wed, 23 Oct 2024 17:22:22 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
last-modified
Wed, 23 Oct 2024 16:21:53 GMT
server
blogger-renderd
x-frame-options
SAMEORIGIN
summary
www.nad-me.com/feeds/posts/
3 KB
1 KB
Fetch
General
Full URL
https://www.nad-me.com/feeds/posts/summary?max-results=0&alt=json
Requested by
Host: www.nad-me.com
URL: https://www.nad-me.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.191.115 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ord38s28-in-f19.1e100.net
Software
blogger-renderd /
Resource Hash
255b13333bdbf1789c852debb96bf9ad8bee0cd44686e5681c91c54e455daa24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

cache-control
public, must-revalidate, proxy-revalidate, max-age=1
content-encoding
gzip
etag
W/"b4e85aa2c74787e95cfb01a90e93d747482d5c98591621bc0e55f16db4105741"
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 17:22:23 GMT
content-length
1222
date
Wed, 23 Oct 2024 17:22:22 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
last-modified
Wed, 23 Oct 2024 16:21:53 GMT
server
blogger-renderd
x-frame-options
SAMEORIGIN
4236214523622106043
www.blogger.com/feeds/1528210291448935155/posts/default/
2 KB
2 KB
Script
General
Full URL
https://www.blogger.com/feeds/1528210291448935155/posts/default/4236214523622106043?alt=json-in-script&callback=jls_i4dmdiwffx
Requested by
Host: www.nad-me.com
URL: https://www.nad-me.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.1.9 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
iad23s25-in-f9.1e100.net
Software
GSE /
Resource Hash
6a95f3854b7294bfc2c80bbad209c188fbbe9a21e28c62f8300cec3054d736f9
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

content-encoding
gzip
gdata-version
1.0
x-content-type-options
nosniff
sunset
Mon, 30 Sep 2024 23:59:59 GMT
expires
Wed, 23 Oct 2024 17:22:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
date
Wed, 23 Oct 2024 17:22:22 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept, X-GData-Authorization, GData-Version
last-modified
Sun, 13 Oct 2024 22:00:44 GMT
x-frame-options
SAMEORIGIN
link
<https://developers.google.com/blogger/docs/2.0/developers_guide>;rel="sunset";type="text/html"
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
cache-control
private, max-age=0, must-revalidate, no-transform
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
882
x-xss-protection
1; mode=block
server
GSE
truncated
/
699 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f2cc0afc7dc34e7be8d54ff4125e9ba7961bf044edb113b91c91eba9b097436

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
jzk44grl-google-adsense.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTfToB1RD5nCfp4bf-_VPz72GJjF0QWiRQA_St5QRwatthxdzgMY-yOwqo4_I_Oz5jTEnp-BhKWwpBDLeO8IsGxuQhmFbeodc6Vzi5GFTaIDPf9LrOiCXeGWDymnhhTfLaINdeBFykMk-MlXSX...
548 B
668 B
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTfToB1RD5nCfp4bf-_VPz72GJjF0QWiRQA_St5QRwatthxdzgMY-yOwqo4_I_Oz5jTEnp-BhKWwpBDLeO8IsGxuQhmFbeodc6Vzi5GFTaIDPf9LrOiCXeGWDymnhhTfLaINdeBFykMk-MlXSXY2H0Bvla6APjaBHKgU5mmB95eWLOxyh0H9MPHlJGQ7kM/w20/jzk44grl-google-adsense.jpg
Requested by
Host: www.nad-me.com
URL: https://www.nad-me.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
fife /
Resource Hash
49984255c96bbb544645ada9cc1a2f4bdb669f43f2222197edebe14c5d35c547
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v1c6"
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 17:22:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
548
date
Wed, 23 Oct 2024 17:22:22 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="jzk44grl-google-adsense.jpg"
%D9%85%D9%82%D9%88%D9%84%D8%A7%D8%AA-%D8%B9%D9%86-%D8%A7%D9%84%D8%B5%D8%AD%D8%A9.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-iEt1lysqIE8kxus0TRxNRIkLGFfxkMFQTMIgMKdt5B4u4TCF7J_UQmjJiDVos6BV-EcrF_dfX_ucZ7tpfPa-PnIPKYZQII16eekFmbSPhXLx9WxXpC1hg1Cx3UsE-4Q3SGFneVV4Dr1_lpnL...
773 B
959 B
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-iEt1lysqIE8kxus0TRxNRIkLGFfxkMFQTMIgMKdt5B4u4TCF7J_UQmjJiDVos6BV-EcrF_dfX_ucZ7tpfPa-PnIPKYZQII16eekFmbSPhXLx9WxXpC1hg1Cx3UsE-4Q3SGFneVV4Dr1_lpnLUUr_LfW8qnd_xQQzHXPMkfS8itoVWUZH5mHjyOmVgBs/w20/%D9%85%D9%82%D9%88%D9%84%D8%A7%D8%AA-%D8%B9%D9%86-%D8%A7%D9%84%D8%B5%D8%AD%D8%A9.png
Requested by
Host: www.nad-me.com
URL: https://www.nad-me.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
fife /
Resource Hash
55118a8cc60de80b95e8065707a103b1feb8aa2cb87dae8e37872bfded6470a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v5e3"
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 17:22:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
773
date
Wed, 23 Oct 2024 17:22:22 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="______-__-_____.png";filename*=UTF-8''%D9%85%D9%82%D9%88%D9%84%D8%A7%D8%AA-%D8%B9%D9%86-%D8%A7%D9%84%D8%B5%D8%AD%D8%A9.png
Screenshot%202024-10-22%20181752.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAkDynKjlyFQxfXTvs_ymKpg7rpvS9HVXz8JAhEbbl6c61ZLS0fe8AHKgCSMMCNNiW9aLsSz89bX2pAO8mjnObIhY47L2MQrvG9CiVHlrcf-w7t5pq1P_5MNfWhR-T4ZzifI6onD-XuP3SHbss...
826 B
939 B
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAkDynKjlyFQxfXTvs_ymKpg7rpvS9HVXz8JAhEbbl6c61ZLS0fe8AHKgCSMMCNNiW9aLsSz89bX2pAO8mjnObIhY47L2MQrvG9CiVHlrcf-w7t5pq1P_5MNfWhR-T4ZzifI6onD-XuP3SHbss-9RB9u3lEbR1oE06OxfCj14c8d6qUt3xAQ2_gZv9S60/w20/Screenshot%202024-10-22%20181752.png
Requested by
Host: www.nad-me.com
URL: https://www.nad-me.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
fife /
Resource Hash
0f784e617062bde04a45954b9fea1cebd66fb391b9e8083827ade588d7fd1797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v606"
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 17:22:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
826
date
Wed, 23 Oct 2024 17:22:22 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="Screenshot 2024-10-22 181752.png"
%D8%A5%D8%B6%D8%A7%D9%81%D8%A9%20%D8%B9%D9%86%D9%88%D8%A7%D9%86.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjOQYxqVN4fkRCZbrhg90iB6fN7SulbE742i3TQ28PVukLz9pRkjAOIva4602B3dlCQkxQMUK_Xto1SW7V4vKuTRV6gDegivPighG6CxxCFhEt5M1yGWpK_dgOt73G0YjCpTERULO1TqJBnxfnr...
620 B
788 B
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjOQYxqVN4fkRCZbrhg90iB6fN7SulbE742i3TQ28PVukLz9pRkjAOIva4602B3dlCQkxQMUK_Xto1SW7V4vKuTRV6gDegivPighG6CxxCFhEt5M1yGWpK_dgOt73G0YjCpTERULO1TqJBnxfnrzIYgpEPwklhrZrlOQiCBg4HjyIruLrRmj6fMmqlHsWk/w20/%D8%A5%D8%B6%D8%A7%D9%81%D8%A9%20%D8%B9%D9%86%D9%88%D8%A7%D9%86.jpg
Requested by
Host: www.nad-me.com
URL: https://www.nad-me.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
fife /
Resource Hash
5202ebe36b0baf6eeaebb8e53408eedfe49ddb8f2a098332dab01c4c2e78cc30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v5fb"
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 17:22:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
620
date
Wed, 23 Oct 2024 17:22:22 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="_____ _____.jpg";filename*=UTF-8''%D8%A5%D8%B6%D8%A7%D9%81%D8%A9%20%D8%B9%D9%86%D9%88%D8%A7%D9%86.jpg
tsl-prod.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDm8XhBhqWJgjUq9I-Dxpte7UTr-cLCQNFRut1AN8JYgVufwi33ZFm0_2m4nBaCe7BiZ-WG3hgfwya0NKf36d-wmmFNXFr6kkfwKoouCsjUdGzwr035pF5SEIE4xIXtpfuagK7Pc8eSh82yoRU...
825 B
925 B
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDm8XhBhqWJgjUq9I-Dxpte7UTr-cLCQNFRut1AN8JYgVufwi33ZFm0_2m4nBaCe7BiZ-WG3hgfwya0NKf36d-wmmFNXFr6kkfwKoouCsjUdGzwr035pF5SEIE4xIXtpfuagK7Pc8eSh82yoRUj-Acg3_nMafFkDwFTND4nVdrGm7bp1da0uacCVaBbH0/w20/tsl-prod.png
Requested by
Host: www.nad-me.com
URL: https://www.nad-me.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
fife /
Resource Hash
aacf46372c5e365123cc6cf4f4b60b4993a1a9792e36aaa750cf24ee432089e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v5e9"
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 17:22:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
825
date
Wed, 23 Oct 2024 17:22:22 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="tsl-prod.png"
2ab3dfd8-b1de-4fe6-84c2-3795199ad52d_16x9_1200x676.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6Uh8BuhAi3GrMUMpnrkg1PPHgQHBOSSR0bgp-fNgu8BtMao1O0IaeCzo2q_7B1cMl7pbv_YpJD3DhXdHGOMc_tYSXI74CF_sE06ynmhRX4QcAkpLgDKx3R1KPOEcsgBPzB8MH10HPcuQExwVh...
4 KB
4 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6Uh8BuhAi3GrMUMpnrkg1PPHgQHBOSSR0bgp-fNgu8BtMao1O0IaeCzo2q_7B1cMl7pbv_YpJD3DhXdHGOMc_tYSXI74CF_sE06ynmhRX4QcAkpLgDKx3R1KPOEcsgBPzB8MH10HPcuQExwVhXWqfn31DBSkv6jMmxfO5b9vQGIDAwDKvCuaE69hvtyA/w20/2ab3dfd8-b1de-4fe6-84c2-3795199ad52d_16x9_1200x676.jpg
Requested by
Host: www.nad-me.com
URL: https://www.nad-me.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
fife /
Resource Hash
75e8856234af0dec840099361df05bcdfaa920e808c1bc396f50d0c95f499b3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v5c4"
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 17:22:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3673
date
Wed, 23 Oct 2024 17:22:22 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="2ab3dfd8-b1de-4fe6-84c2-3795199ad52d_16x9_1200x676.jpg"
truncated
/
22 KB
22 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56eb00ddcdd61c5a33651856ab085f185eac9c08a996374cdce6d9de51092117

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.nad-me.com
Referer

Response headers

Content-Type
application/font-woff
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-YS0MXHSXB0&gtm=45je4ah0v9194886223za200&_p=1729704141874&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685~101823848&cid=147336468.1729704143&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729704142&sct=1&seg=0&dl=https%3A%2F%2Fwww.nad-me.com%2F&dt=%D8%A7%D8%B3%D8%AA%D8%B1%D8%A7%D8%AA%D9%8A%D8%AC%D9%8A%D8%A7%D8%AA%20%D8%AD%D8%B5%D8%B1%D9%8A%D8%A9%20%D9%84%D8%AA%D8%AD%D9%82%D9%8A%D9%82%20%D8%A7%D9%84%D8%A3%D9%87%D8%AF%D8%A7%D9%81&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1831
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YS0MXHSXB0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz12s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.nad-me.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 17:22:22 GMT
content-type
text/plain
server
Golfe2
echo
script.googleusercontent.com/macros/
Redirect Chain
  • https://script.google.com/macros/s/AKfycbwsUhqAI9dGv4XgCmUcyDzoGbwziY-LPxCr4ZTlNxplzPkhsSHYKD4wcJi4UGnlAApgEg/exec?action=add&blogid=3717033617762447918&blogurl=www.nad-me.com
  • https://script.googleusercontent.com/macros/echo?user_content_key=euIH62BiXACWTRit6MYGY4MX0nWU4FYN-HL-OueCstQcpQAqodzqONxi1DSJwv7bSP61sKuVwb-45XWqIhdch_EDjfrlCHKuOJmA1Yb3SEsKFZqtv3DaNYcMrmhZHmUMWoj...
0
0
Fetch
General
Full URL
https://script.googleusercontent.com/macros/echo?user_content_key=euIH62BiXACWTRit6MYGY4MX0nWU4FYN-HL-OueCstQcpQAqodzqONxi1DSJwv7bSP61sKuVwb-45XWqIhdch_EDjfrlCHKuOJmA1Yb3SEsKFZqtv3DaNYcMrmhZHmUMWojr9NvTBuBLhyHCd5hHa_ewFmvUtEtZwPBkbnKNaDdA2hQCJMvMyOC3zDsQqjYmdjCjtFX9ZCO4Dj9rNaYAMLNrtXChU2wqHwOa2gTWx8glOtKNGYuTiwXIuFltvcj9RmkSfSpEspIjCSEJQ3CqJ8joVSD7dT2uIuRcKLLOZyXhX5pg_p7ANu2BxOCOMKpMEpa3pGZLC5g&lib=MaJGOH3flcGlgGhAPTUA_sE9ajs7K2js7
Protocol
H3
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

Redirect headers

content-security-policy
script-src 'report-sample' 'nonce-omaC6f_D3srI3JypB7sFzg' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
location
https://script.googleusercontent.com/macros/echo?user_content_key=euIH62BiXACWTRit6MYGY4MX0nWU4FYN-HL-OueCstQcpQAqodzqONxi1DSJwv7bSP61sKuVwb-45XWqIhdch_EDjfrlCHKuOJmA1Yb3SEsKFZqtv3DaNYcMrmhZHmUMWojr9NvTBuBLhyHCd5hHa_ewFmvUtEtZwPBkbnKNaDdA2hQCJMvMyOC3zDsQqjYmdjCjtFX9ZCO4Dj9rNaYAMLNrtXChU2wqHwOa2gTWx8glOtKNGYuTiwXIuFltvcj9RmkSfSpEspIjCSEJQ3CqJ8joVSD7dT2uIuRcKLLOZyXhX5pg_p7ANu2BxOCOMKpMEpa3pGZLC5g&lib=MaJGOH3flcGlgGhAPTUA_sE9ajs7K2js7
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
528
date
Wed, 23 Oct 2024 17:22:25 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
server
GSE
x-frame-options
SAMEORIGIN
summary
www.nad-me.com/feeds/posts/
3 KB
0
Fetch
General
Full URL
https://www.nad-me.com/feeds/posts/summary?max-results=0&alt=json
Requested by
Host: www.nad-me.com
URL: https://www.nad-me.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.191.115 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ord38s28-in-f19.1e100.net
Software
blogger-renderd /
Resource Hash
255b13333bdbf1789c852debb96bf9ad8bee0cd44686e5681c91c54e455daa24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

cache-control
public, must-revalidate, proxy-revalidate, max-age=1
content-encoding
gzip
etag
W/"b4e85aa2c74787e95cfb01a90e93d747482d5c98591621bc0e55f16db4105741"
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 17:22:23 GMT
content-length
1222
date
Wed, 23 Oct 2024 17:22:22 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
last-modified
Wed, 23 Oct 2024 16:21:53 GMT
server
blogger-renderd
x-frame-options
SAMEORIGIN
clarity.js
www.clarity.ms/s/0.7.49/
64 KB
27 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.49/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/oko3ytt9sm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

x-azure-ref
20241023T172222Z-154bc68b95757pr842xvgxc5dg0000000660000000002gs9
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCF0FBF8E94E61"
x-fd-int-roxy-purgeid
51562430
x-ms-request-id
b7a2128a-e01e-003c-11e8-22071c000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Wed, 23 Oct 2024 17:22:22 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Sun, 20 Oct 2024 11:40:18 GMT
collect
t.clarity.ms/
0
278 B
XHR
General
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.nad-me.com/

Response headers

Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin
https://www.nad-me.com
Date
Wed, 23 Oct 2024 17:22:23 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CA20C495CF354B838424A615962BB94D&RedC=c.clarity.ms&MXFR=39304722A0296F271D755203A42961C5
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CA20C495CF354B838424A615962BB94D&MUID=1ED93FB8190661471A882A99182C602B
42 B
464 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CA20C495CF354B838424A615962BB94D&MUID=1ED93FB8190661471A882A99182C602B
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"8d3dafd6e71fdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Wed, 23 Oct 2024 17:22:24 GMT
content-type
image/gif
last-modified
Wed, 16 Oct 2024 16:24:13 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CA20C495CF354B838424A615962BB94D&MUID=1ED93FB8190661471A882A99182C602B
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6BB8FA4A8C20438D9B517F25E844C715 Ref B: YTO01EDGE0807 Ref C: 2024-10-23T17:22:24Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Wed, 23 Oct 2024 17:22:23 GMT
x-powered-by
ASP.NET
favicon.ico
www.nad-me.com/
9 KB
4 KB
Other
General
Full URL
https://www.nad-me.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.191.115 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ord38s28-in-f19.1e100.net
Software
GSE /
Resource Hash
b31fb8b833b62bd7561d64393ad506629bb1e9c0767f501b3a91c8b221485375
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.nad-me.com/

Response headers

cache-control
private, max-age=86400
content-encoding
gzip
etag
W/"56533e2d380d77a0e02850f6a34a88e48e1066052645ee08e19313d13efd3757"
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 17:22:23 GMT
content-length
3676
date
Wed, 23 Oct 2024 17:22:23 GMT
x-xss-protection
1; mode=block
content-type
image/x-icon; charset=UTF-8
last-modified
Wed, 23 Oct 2024 16:21:53 GMT
server
GSE
collect
t.clarity.ms/
0
278 B
XHR
General
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.nad-me.com/

Response headers

Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin
https://www.nad-me.com
Date
Wed, 23 Oct 2024 17:22:23 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| clarity function| gtag object| dataLayer function| $getScript object| _bl function| getPosts function| postsSurf function| postItemFeatures function| removeHTMLFromTitle function| _0xcb56 function| _0x26dc function| loadImages function| gbid function| storda function| pBD function| gbd function| ugth object| cookieOptions object| google_tag_manager object| google_tag_data object| googletag function| onYouTubeIframeAPIReady object| gaGlobal

12 Cookies

Domain/Path Name / Value
.nad-me.com/ Name: _ga_YS0MXHSXB0
Value: GS1.1.1729704142.1.0.1729704142.0.0.0
.nad-me.com/ Name: _ga
Value: GA1.1.147336468.1729704143
www.clarity.ms/ Name: CLID
Value: d0cadb91cc3d488fbc8f0b1991015c81.20241023.20251023
.nad-me.com/ Name: _clck
Value: fki1z1%7C2%7Cfq9%7C0%7C1757
.nad-me.com/ Name: _clsk
Value: 13uvj6z%7C1729704143448%7C1%7C1%7Ct.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 1ED93FB8190661471A882A99182C602B
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 1ED93FB8190661471A882A99182C602B
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1ED93FB8190661471A882A99182C602B
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
c.bing.com
c.clarity.ms
cdn-icons-png.flaticon.com
script.google.com
script.googleusercontent.com
t.clarity.ms
www.blogger.com
www.clarity.ms
www.google-analytics.com
www.googletagmanager.com
www.nad-me.com
13.107.21.237
13.107.253.40
142.250.191.115
142.250.72.97
142.251.33.174
142.251.41.40
172.217.1.9
172.217.165.14
20.110.205.119
20.114.189.70
23.57.90.69
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
0f784e617062bde04a45954b9fea1cebd66fb391b9e8083827ade588d7fd1797
1055e06ed423afeea5074a1edc29b37d17ac7c99d52bc87e42f80ba0673f0b1d
1608a976603298deea3f5fd6e3895ee3fc3070252e2db4bfe45218a67d9b74d4
255b13333bdbf1789c852debb96bf9ad8bee0cd44686e5681c91c54e455daa24
2b1a2b79e7b1c801dcbab0bfe9cbae1e726cc38290f3e498a17446bac3a11aa5
2f54914b7ca6b3c1d20ecf16bdf9ebdbca0634f33198658b7e8562f9f01e75ee
49984255c96bbb544645ada9cc1a2f4bdb669f43f2222197edebe14c5d35c547
5202ebe36b0baf6eeaebb8e53408eedfe49ddb8f2a098332dab01c4c2e78cc30
55118a8cc60de80b95e8065707a103b1feb8aa2cb87dae8e37872bfded6470a0
56eb00ddcdd61c5a33651856ab085f185eac9c08a996374cdce6d9de51092117
5f2cc0afc7dc34e7be8d54ff4125e9ba7961bf044edb113b91c91eba9b097436
6a95f3854b7294bfc2c80bbad209c188fbbe9a21e28c62f8300cec3054d736f9
711ca41b99bf1f35039ed4e065acf712612e4a3c598f7ec8015c55011d271d88
75e8856234af0dec840099361df05bcdfaa920e808c1bc396f50d0c95f499b3c
8387574f7ebab08465d1419134bbff0e73bc26ca7220b18d16a264d67f996116
9858c37361c4533d0908e7b844a059b04d708acc50787354b207f906c0582221
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
aacf46372c5e365123cc6cf4f4b60b4993a1a9792e36aaa750cf24ee432089e3
b31fb8b833b62bd7561d64393ad506629bb1e9c0767f501b3a91c8b221485375
d41606de4645fbf1479231363170c596f53b7de624aea44b0c99ff78c6722151
e208b11a62b4526d3d929bccc3a55860f98b5b11bc32a37fbbee1646e7d990ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7e4e8c14b6b0a170af41a325223e2a7c5098baa03f8f0eea2c01234c356596b