app.nbaa.org Open in urlscan Pro
104.20.167.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.emarketing.mgiemailsolutions.com/?qs=6fb0a8dd209d819f8a35c73515d43d2b86c432f19818b0a980afb9ee0e6e2d8660dd92ada1ac925825bea4b265e7...
Effective URL:
https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Submission: On February 12 via api (February 12th 2020, 4:15:29 pm UTC) from US

Summary HTTP 70 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 31 IPs in 7 countries across 28 domains to perform 70 HTTP transactions. The main IP is 104.20.167.25, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.nbaa.org.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on January 31st 2020. Valid for: 6 months.

This is the only time app.nbaa.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	66.231.94.105 66.231.94.105	22606 (EXACT-7) (EXACT-7)
8	104.20.167.25 104.20.167.25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
3	2606:2800:234... 2606:2800:234:660:118e:28f:1d8a:2522	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
4	104.20.166.25 104.20.166.25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:10c... 2a02:26f0:10c:38f::3adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	199.185.0.231 199.185.0.231	21592 (MULTIVIEW) (MULTIVIEW)
1	93.184.220.113 93.184.220.113	15133 (EDGECAST) (EDGECAST)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2600:9000:20e... 2600:9000:20eb:4e00:18:1fcd:349:ca21	16509 (AMAZON-02) (AMAZON-02)
2 4	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
3	2606:4700:303... 2606:4700:3036::6812:2077	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1 3	52.214.152.253 52.214.152.253	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2a05:f500:11:... 2a05:f500:11:101::b93f:9001	14413 (LINKEDIN) (LINKEDIN)
4	34.231.179.184 34.231.179.184	14618 (AMAZON-AES) (AMAZON-AES)
1	13.225.78.3 13.225.78.3	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:3::714 2a04:4e42:3::714	54113 (FASTLY) (FASTLY)
2	34.226.187.87 34.226.187.87	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2 2	54.229.35.82 54.229.35.82	16509 (AMAZON-02) (AMAZON-02)
2	52.22.20.103 52.22.20.103	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1 4	23.210.248.216 23.210.248.216	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	34.253.11.118 34.253.11.118	16509 (AMAZON-02) (AMAZON-02)
1	63.32.160.203 63.32.160.203	16509 (AMAZON-02) (AMAZON-02)
70	31

1 66.231.94.105 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.virt.s4.exacttarget.com

click.emarketing.mgiemailsolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.20.167.25 (United States)

ASN13335 (CLOUDFLARENET, US)

app.nbaa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:234:660:118e:28f:1d8a:2522 (United States)

ASN15133 (EDGECAST, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.20.166.25 (United States)

ASN13335 (CLOUDFLARENET, US)

nbaa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:38f::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.185.0.231 (United States)

ASN21592 (MULTIVIEW, US)

www.rumiview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.220.113 (London, United Kingdom)

ASN15133 (EDGECAST, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:4e00:18:1fcd:349:ca21 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.155.71.149 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-a.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6812:2077 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
conversation.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.214.152.253 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-152-253.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:11:101::b93f:9001 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.231.179.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-179-184.compute-1.amazonaws.com

polo.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.3 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-3.fra2.r.cloudfront.net

marco.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::714 (Ascension Island)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.226.187.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-187-87.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.35.82 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-35-82.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.22.20.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-20-103.compute-1.amazonaws.com

polo-v1.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.248.216 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-216.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.11.118 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-11-118.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.160.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-160-203.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	nbaa.org app.nbaa.org nbaa.org	243 KB
10	feathr.co cdn.feathr.co polo.feathr.co marco.feathr.co polo-v1.feathr.co conversation.feathr.co	170 KB
5	adroll.com 1 redirects s.adroll.com d.adroll.com	13 KB
4	facebook.com www.facebook.com	607 B
4	google.de www.google.de	439 B
4	google.com 1 redirects www.google.com	661 B
4	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	4 KB
4	crwdcntrl.net 1 redirects tags.crwdcntrl.net bcp.crwdcntrl.net	13 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	1 KB
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	23 KB
3	facebook.net connect.facebook.net	256 KB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
3	fonts.net fast.fonts.net	252 B
2	adsrvr.org 2 redirects match.adsrvr.org	953 B
2	chartbeat.net ping.chartbeat.net	336 B
2	sitescout.com pixel.sitescout.com	328 B
2	basis.net 2 redirects pixel-a.basis.net	315 B
2	rumiview.com www.rumiview.com	21 KB
2	googletagmanager.com www.googletagmanager.com	66 KB
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	136 B
1	twitter.com analytics.twitter.com	633 B
1	googleapis.com fonts.googleapis.com	490 B
1	t.co t.co	448 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	bizographics.com sjs.bizographics.com	2 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	fontawesome.com use.fontawesome.com	14 KB
1	mgiemailsolutions.com 1 redirects click.emarketing.mgiemailsolutions.com	237 B
70	28

	Domain	Requested by
8	app.nbaa.org	app.nbaa.org
4	s.adroll.com	1 redirects app.nbaa.org s.adroll.com
4	www.facebook.com	app.nbaa.org
4	polo.feathr.co	cdn.feathr.co app.nbaa.org
4	www.google.de	app.nbaa.org
4	www.google.com	1 redirects app.nbaa.org
4	nbaa.org	app.nbaa.org
3	googleads.g.doubleclick.net	www.googleadservices.com
3	bcp.crwdcntrl.net	1 redirects app.nbaa.org tags.crwdcntrl.net
3	connect.facebook.net	app.nbaa.org connect.facebook.net
3	www.google-analytics.com	1 redirects www.googletagmanager.com app.nbaa.org
3	fast.fonts.net	app.nbaa.org
2	conversation.feathr.co	polo.feathr.co conversation.feathr.co
2	polo-v1.feathr.co	app.nbaa.org conversation.feathr.co
2	match.adsrvr.org	2 redirects
2	ping.chartbeat.net	app.nbaa.org
2	px.ads.linkedin.com	1 redirects app.nbaa.org
2	pixel.sitescout.com	app.nbaa.org
2	pixel-a.basis.net	2 redirects
2	static.chartbeat.com	app.nbaa.org www.googletagmanager.com
2	www.rumiview.com	app.nbaa.org
2	www.googletagmanager.com	app.nbaa.org www.googletagmanager.com
1	d.adroll.com
1	d.adroll.mgr.consensu.org	1 redirects
1	analytics.twitter.com	static.ads-twitter.com
1	fonts.googleapis.com	conversation.feathr.co
1	t.co	app.nbaa.org
1	mab.chartbeat.com	static.chartbeat.com
1	marco.feathr.co	app.nbaa.org
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	static.ads-twitter.com	app.nbaa.org
1	cdn.feathr.co	app.nbaa.org
1	tags.crwdcntrl.net	www.googletagmanager.com
1	sjs.bizographics.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	use.fontawesome.com	app.nbaa.org
1	click.emarketing.mgiemailsolutions.com	1 redirects
70	38

This site contains links to these domains. Also see Links.

Domain
nbaa.org
twitter.com
www.facebook.com
www.linkedin.com
www.instagram.com
www.youtube.com
noplanenogain.org
www.ibac.org

Subject Issuer	Validity	Valid
ssl507290.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-31` - `2020-08-08`	6 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
s9.wac.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2019-01-16` - `2021-02-03`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2018-04-13` - `2020-04-17`	2 years	crt.sh
www.rumiview.com Go Daddy Secure Certificate Authority - G2	`2019-04-10` - `2021-04-10`	2 years	crt.sh
tags.crwdcntrl.net DigiCert SHA2 Secure Server CA	`2019-03-15` - `2021-04-07`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2019-04-10` - `2020-04-10`	a year	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-24` - `2020-10-09`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
polo.feathr.co Let's Encrypt Authority X3	`2019-12-15` - `2020-03-14`	3 months	crt.sh
marco.feathr.co Amazon	`2019-09-20` - `2020-10-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
f6.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-01-08` - `2020-08-07`	7 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
polo-v1.feathr.co Let's Encrypt Authority X3	`2019-12-15` - `2020-03-14`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2019-11-06` - `2020-12-06`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Frame ID: 2814541507C273BB278B92BD20046BBE
Requests: 66 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 735CB687B34E50B7799A3B1E2B804A3B
Requests: 1 HTTP requests in this frame

Frame: https://conversation.feathr.co/49c584b/main.js
Frame ID: B4C070E940E2DDE8622A9311E81CD5E2
Requests: 2 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=12671/rand=724734266/pv=y/seg=1.2.18/seg=1.2.19/seg=1.2.22/seg=1.2.26/seg=1.2.34/seg=1.2.35/seg=1.2.36/seg=16.7.4/seg=16.7.5/seg=NBAA/int=%23OpR%2382957%23app.nbaa.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23app.nbaa.org%20%3A%20Site%20Section%20%3A%20member/int=%23OpR%2382959%23app.nbaa.org%20%3A%20Site%20Section%20%3A%20member%20%3A%20join_renew/rt=ifr
Frame ID: F147DA9AB1D2CE8A6E0A34BBF6434FDD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://click.emarketing.mgiemailsolutions.com/?qs=6fb0a8dd209d819f8a35c73515d43d2b86c432f19818b0a980afb9ee0e6e2d8660dd92ad... HTTP 302
https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402 Page URL

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /chartbeat\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Matomo (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /piwik\.js|piwik\.php/i

Page Statistics

70
Requests

100 %
HTTPS

44 %
IPv6

28
Domains

38
Subdomains

31
IPs

7
Countries

857 kB
Transfer

3054 kB
Size

14
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://nbaa.org/
Title:

Search URL Search Domain Scan URL

URL: https://nbaa.org/#skip-to-content
Title: Skip to content

Search URL Search Domain Scan URL

URL: https://nbaa.org/about/
Title: About NBAA

Search URL Search Domain Scan URL

URL: https://nbaa.org/about/contact-nbaa/
Title: Contact NBAA

Search URL Search Domain Scan URL

URL: https://nbaa.org/about/contact-nbaa/nbaa-staff-directory/
Title: Staff Directory

Search URL Search Domain Scan URL

URL: https://nbaa.org/about/careers-with-nbaa/
Title: Careers with NBAA

Search URL Search Domain Scan URL

URL: https://nbaa.org/about/advertising-opportunities/
Title: Advertising with NBAA

Search URL Search Domain Scan URL

URL: https://nbaa.org/membership/join-nbaa
Title: Join NBAA

Search URL Search Domain Scan URL

URL: https://nbaa.org/membership/renew-your-membership
Title: Renew Your Membership

Search URL Search Domain Scan URL

URL: https://nbaa.org/membership/directory
Title: Member Directory

Search URL Search Domain Scan URL

URL: https://nbaa.org/about/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://twitter.com/nbaa
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NBAAfans/
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/national-business-aviation-association
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nbaaphotos/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/NBAAvideo
Title:

Search URL Search Domain Scan URL

URL: https://noplanenogain.org/
Title: Sponsor of

Search URL Search Domain Scan URL

URL: http://www.ibac.org/
Title: Member of International Business Aviation Council Ltd.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.emarketing.mgiemailsolutions.com/?qs=6fb0a8dd209d819f8a35c73515d43d2b86c432f19818b0a980afb9ee0e6e2d8660dd92ada1ac925825bea4b265e7bc26250ac90e49b5e227 HTTP 302
https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
https://pixel.sitescout.com/dmp/asyncPixelSync

Request Chain 28

https://bcp.crwdcntrl.net/5/c=12671/seg=1.2.18/seg=1.2.19/seg=1.2.22/seg=1.2.26/seg=1.2.34/seg=1.2.35/seg=1.2.36/seg=16.7.4/seg=16.7.5/seg=NBAA HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=12671/seg=1.2.18/seg=1.2.19/seg=1.2.22/seg=1.2.26/seg=1.2.34/seg=1.2.35/seg=1.2.36/seg=16.7.4/seg=16.7.5/seg=NBAA

Request Chain 29

https://pixel-a.basis.net/up/92080fb5100863f3?cntr_url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402 HTTP 301
https://pixel.sitescout.com/up/92080fb5100863f3?cntr_url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402

Request Chain 30

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1124327031&t=pageview&_s=1&dl=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&ul=en-us&de=UTF-8&dt=Join%2FRenew%20%7C%20NBAA%20-%20National%20Business%20Aviation%20Association&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=388594334&gjid=874081728&cid=1809572573.1581524107&tid=UA-549587-1&_gid=323153793.1581524107&_r=1&gtm=2wg1t0M69VQR3&z=840069805 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-549587-1&cid=1809572573.1581524107&jid=388594334&_gid=323153793.1581524107&gjid=874081728&_v=j81&z=840069805 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-549587-1&cid=1809572573.1581524107&jid=388594334&_v=j81&z=840069805 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-549587-1&cid=1809572573.1581524107&jid=388594334&_v=j81&z=840069805&slf_rd=1&random=3574472191

Request Chain 32

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=245329&url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&time=1581524107384 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D245329%26url%3Dhttps%253A%252F%252Fapp.nbaa.org%252Fmember%252Fjoin_renew%252F%253Fpc%253D129DUES%2526sc%253DDE206402%26time%3D1581524107384%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=245329&url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&time=1581524107384&liSync=true

Request Chain 54

https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5e44248b952c30000713355c&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5e44248b952c30000713355c&gdpr=0 HTTP 302
https://polo-v1.feathr.co/v1/analytics/match?f_id=5e44248b952c30000713355c&ttd_id=c70ba350-4c8b-4c42-81f2-5c636ee64f61

Request Chain 64

https://s.adroll.com/j/exp/FKCCI2B7WBBO3HADTPQ5VV/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 66

https://d.adroll.mgr.consensu.org/consent/iabcheck/FKCCI2B7WBBO3HADTPQ5VV?_s=32e95503100653b7e9323ed214747f28&_b=2 HTTP 302
https://d.adroll.com/consent/check/FKCCI2B7WBBO3HADTPQ5VV/?_s=32e95503100653b7e9323ed214747f28&_b=2

70 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
app.nbaa.org/member/join_renew/
Redirect Chain

http://click.emarketing.mgiemailsolutions.com/?qs=6fb0a8dd209d819f8a35c73515d43d2b86c432f19818b0a980afb9ee0e6e2d8660dd92ada1ac925825bea4b265e7bc26250ac90e49b5e227
https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

66 KB
13 KB

738ms
652ms

Document
text/html

104.20.167.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.167.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11f03d1a6232ce11d3014330915915d02b4e251c7461fed65ce62468973565f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: app.nbaa.org
:scheme: https
:path: /member/join_renew/?pc=129DUES&sc=DE206402
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 12 Feb 2020 16:15:06 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d8db84ef3c797e57e827af84e791d7bfc1581524105; expires=Fri, 13-Mar-20 16:15:05 GMT; path=/; domain=.nbaa.org; HttpOnly; SameSite=Lax PHPSESSID=8kpoh3a6uravq18o4h8o9agk3h; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 563fdbfa9f239c7b-AMS
content-encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Date: Wed, 12 Feb 2020 16:15:04 GMT
Connection: close
Content-Length: 183

GET
H2 200 all.css
use.fontawesome.com/releases/v5.7.0/css/ 53 KB
14 KB 49ms
12ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.0/css/all.css
Requested by: Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae

Request headers

Referer: https://app.nbaa.org/
Origin: https://app.nbaa.org
Sec-Fetch-Dest: style
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 12 Feb 2020 16:15:06 GMT
content-encoding: gzip
last-modified: Mon, 28 Jan 2019 19:11:44 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"251d28bd755f5269a4531df8a81d5664"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 _old.scss
app.nbaa.org/compiler/scss/ 316 KB
44 KB 631ms
628ms Stylesheet
text/css 104.20.167.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.nbaa.org/compiler/scss/_old.scss

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.167.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b45d97058f736f8d8468e33294aa805628714b675ff3325e0a049fff0136067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 12 Feb 2020 16:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Feb 2020 17:12:13 +0000
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"fb474bde59682770c12c196ee6029ba9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-scss-cache: true
content-type: text/css;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 563fdbfedb649c7b-AMS
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 old_join_renew.scss
app.nbaa.org/compiler/scss/ 10 KB
3 KB 636ms
634ms Stylesheet
text/css 104.20.167.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.nbaa.org/compiler/scss/old_join_renew.scss

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.167.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a91f006fe66458fcf9424d5e8e8511b488129f7869faec594662ca4dca22cfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 12 Feb 2020 16:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Feb 2020 17:11:57 +0000
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"95671eabcedbaa444c1e486dfdb58e28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-scss-cache: true
content-type: text/css;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 563fdbfedb659c7b-AMS
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 nbaa-main-logo.svg
app.nbaa.org/assets/img/ 7 KB
2 KB 652ms
650ms Image
image/svg+xml 104.20.167.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.nbaa.org/assets/img/nbaa-main-logo.svg

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.167.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d4d0a77c9e7249dbc0f3e4b34a66a3c97a7724b88d307b170056dcd24ab75b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 16:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 23 Aug 2019 17:28:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d60224d-1b21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 563fdbfedb669c7b-AMS

GET
H2 200 nbaa-main-logo-white.svg
app.nbaa.org/assets/img/ 2 KB
1 KB 622ms
621ms Image
image/svg+xml 104.20.167.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.nbaa.org/assets/img/nbaa-main-logo-white.svg

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.167.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930a44dceae49e513675a939638eaaa16443ef8c81699948d3aab9a039d75aeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 16:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 23 Aug 2019 17:28:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d60224d-824"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 563fdbff9c0b9c7b-AMS

GET
H2 200 no-plane-no-gain-logo.png
app.nbaa.org/assets/img/ 2 KB
2 KB 644ms
644ms Image
image/png 104.20.167.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.nbaa.org/assets/img/no-plane-no-gain-logo.png

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.167.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bddd20fe662ea973fef0c9f95f8b3ade5534c0296c65db8761798b75bd09e147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 2203
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 23 Aug 2019 17:28:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5d60224d-89b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 563fdc0378399c7b-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ibac-logo.png
app.nbaa.org/assets/img/ 1 KB
1 KB 650ms
649ms Image
image/png 104.20.167.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.nbaa.org/assets/img/ibac-logo.png

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.167.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98876b935f0a5a1eff10e6ea82ec9d3bda59e04f9650a4500aa53c301135bd9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 1326
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 23 Aug 2019 17:28:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5d60224d-52e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 563fdc06bc419c7b-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bundle.js Show response
app.nbaa.org/dist/ 375 KB
105 KB 1003ms
1003ms Script
application/javascript 104.20.167.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.nbaa.org/dist/bundle.js?v=54cded63

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.167.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

666c44a9033c6489927ae6641f3ec28603617ca4884ed2f29b4c4300ec1ba971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Feb 2020 17:04:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e3852ad-5ddeb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 563fdc02ef9c9c7b-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.css
fast.fonts.net/t/ 0
164 B 27ms
6ms Stylesheet
text/css 2606:2800:234:660:118e:28f:1d8a:2522
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=css&projectid=2611ccd9-f800-435c-b7d9-a99e7916004c
Requested by: Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:660:118e:28f:1d8a:2522 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41AE) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT
last-modified: Wed, 21 Feb 2018 12:55:22 GMT
server: ECS (fcn/41AE)
age: 21839664
etag: "616070693"
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
expires: Wed, 19 Feb 2020 16:15:07 GMT

GET
H2 200 1.css
fast.fonts.net/t/ 0
44 B 36ms
15ms Stylesheet
text/css 2606:2800:234:660:118e:28f:1d8a:2522
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=css&projectid=cab62b44-025f-4fed-9d62-655e977a401d
Requested by: Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:660:118e:28f:1d8a:2522 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41AE) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT
last-modified: Wed, 21 Feb 2018 12:55:22 GMT
server: ECS (fcn/41AE)
age: 21839664
etag: "616070693"
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
expires: Wed, 19 Feb 2020 16:15:07 GMT

GET
H2 200 1.css
fast.fonts.net/t/ 0
44 B 36ms
16ms Stylesheet
text/css 2606:2800:234:660:118e:28f:1d8a:2522
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=css&projectid=bebf85a1-0dbc-4d90-ab66-abe292000aa3
Requested by: Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:660:118e:28f:1d8a:2522 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41AE) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT
last-modified: Wed, 21 Feb 2018 12:55:22 GMT
server: ECS (fcn/41AE)
age: 21839664
etag: "616070693"
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
expires: Wed, 19 Feb 2020 16:15:07 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 175 KB
38 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M69VQR3

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eae166b1f268ee021d216f589aeeb179f3267ad22693a42e8982e499e911978c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38682
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Feb 2020 16:15:07 GMT

GET
H2 200 5c8d59c2-9c85-4a22-88e3-bf3fba01dcd8.woff2
nbaa.org/wp-content/themes/nbaa/assets/fonts/ 18 KB
18 KB 500ms
448ms Font
font/woff2 104.20.166.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nbaa.org/wp-content/themes/nbaa/assets/fonts/5c8d59c2-9c85-4a22-88e3-bf3fba01dcd8.woff2
Requested by: Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.166.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 566272b1f6b95c9a7fcbfaba57bd3cf128dc1cdea0640493fab7aee23fd1c92b

Request headers

Referer: https://app.nbaa.org/
Origin: https://app.nbaa.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT
cf-cache-status: MISS
last-modified: Sat, 27 Oct 2018 18:08:30 GMT
server: cloudflare
access-control-allow-origin: *
etag: "5bd4a99e-4664"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 563fdc071964c76d-AMS
content-length: 18020

GET
H2 200 bf8f8741-5f64-4db9-a877-a44624092e68.woff2
nbaa.org/wp-content/themes/nbaa/assets/fonts/ 17 KB
17 KB 526ms
474ms Font
font/woff2 104.20.166.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nbaa.org/wp-content/themes/nbaa/assets/fonts/bf8f8741-5f64-4db9-a877-a44624092e68.woff2
Requested by: Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.166.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 656081e0b58800278537fce8ef1dfc5714acbc96d574e6d36250eb4d80747e82

Request headers

Referer: https://app.nbaa.org/
Origin: https://app.nbaa.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT
cf-cache-status: MISS
last-modified: Sat, 27 Oct 2018 18:08:30 GMT
server: cloudflare
access-control-allow-origin: *
etag: "5bd4a99e-4358"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 563fdc071968c76d-AMS
content-length: 17240

GET
H2 200 3bdb4597-ff70-447c-8620-8836686bf840.woff2
nbaa.org/wp-content/themes/nbaa/assets/fonts/ 17 KB
17 KB 513ms
461ms Font
font/woff2 104.20.166.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nbaa.org/wp-content/themes/nbaa/assets/fonts/3bdb4597-ff70-447c-8620-8836686bf840.woff2
Requested by: Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.166.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 970ea5a6fdb12ab9b00f5911f109b3d85d03c87345259f48879a16bf62038470

Request headers

Referer: https://app.nbaa.org/
Origin: https://app.nbaa.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT
cf-cache-status: MISS
last-modified: Sat, 27 Oct 2018 18:08:30 GMT
server: cloudflare
access-control-allow-origin: *
etag: "5bd4a99e-43c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 563fdc071969c76d-AMS
content-length: 17344

GET
H2 200 5bfff3ac-e569-450d-918b-d564434e5e24.woff2
nbaa.org/wp-content/themes/nbaa/assets/fonts/ 18 KB
18 KB 514ms
466ms Font
font/woff2 104.20.166.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nbaa.org/wp-content/themes/nbaa/assets/fonts/5bfff3ac-e569-450d-918b-d564434e5e24.woff2
Requested by: Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.166.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f62c25f62d22488c4090c4a1eb6a459c39017f33059354337f59cb1aec8718d

Request headers

Referer: https://app.nbaa.org/
Origin: https://app.nbaa.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT
cf-cache-status: MISS
last-modified: Sat, 27 Oct 2018 18:08:30 GMT
server: cloudflare
access-control-allow-origin: *
etag: "5bd4a99e-4948"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 563fdc07196bc76d-AMS
content-length: 18760

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M69VQR3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6095
date: Wed, 12 Feb 2020 14:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Wed, 12 Feb 2020 16:33:32 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 87ms
36ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M69VQR3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9931
x-xss-protection: 0
server: cafe
etag: 8273558640064030436
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Feb 2020 16:15:07 GMT

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 3 KB
2 KB 12ms
11ms Script
application/x-javascript 2a02:26f0:10c:38f::3adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M69VQR3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:38f::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 12 Feb 2020 16:15:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=35788
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H/1.1 200
OK piwik.js Show response
www.rumiview.com/ 61 KB
21 KB 561ms
140ms Script
application/javascript 199.185.0.231
MULTIVIEW

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rumiview.com/piwik.js
Requested by: Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.185.0.231 , United States, ASN21592 (MULTIVIEW, US),
Reverse DNS
Software: nginx /
Resource Hash: 1439d8a1d7f4b4b07d4c9fbc7ea62b2a96a8774ae98e569e44ba0a6be5a0a776

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 12 Feb 2020 16:15:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 May 2019 08:53:27 GMT
Server: nginx
ETag: W/"5cd93087-f2a7"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Expires: Fri, 13 Mar 2020 16:15:07 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/12671/ 38 KB
11 KB 54ms
14ms Script
application/javascript 93.184.220.113
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/12671/cc.js?ns=_cc12671
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M69VQR3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.113 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBE) /
Resource Hash: 31b51cfee0843fd0e83a7f8801285c43140e3357e58023fc8a8fd13682ba1537

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT
content-encoding: gzip
last-modified: Thu, 16 Jan 2020 17:13:10 GMT
server: ECS (amb/6BBE)
age: 85398
etag: "5e2099a6-97a3+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=86400
content-length: 11227
expires: Thu, 13 Feb 2020 16:15:07 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: hHne1d1SWCk1M8UzAp/a1n/G11whoMQKtVUangrVT1Wkw9UjEW2FO97JkN3ABmlbcmAdiY0qCJ9DS0DxVFI5Jg==
x-fb-trip-id: 1850256238
date: Wed, 12 Feb 2020 16:15:07 GMT, Wed, 12 Feb 2020 16:15:07 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 35 KB
14 KB 200ms
6ms Script
application/x-javascript 2600:9000:20eb:4e00:18:1fcd:349:ca21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:4e00:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 14:29:34 GMT
content-encoding: gzip
last-modified: Tue, 29 Oct 2019 02:24:02 GMT
server: nginx
age: 6333
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: l7luGhEpamcqfetHVvBZJXqFVbfS24Ai6T70-g4LF-FjQAwxfOt0cA==
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
expires: Wed, 12 Feb 2020 16:29:34 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 19 KB
8 KB 201ms
8ms Script
application/x-javascript 2600:9000:20eb:4e00:18:1fcd:349:ca21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M69VQR3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:4e00:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 15:55:07 GMT
content-encoding: gzip
last-modified: Wed, 14 Aug 2019 01:44:12 GMT
server: nginx
age: 1200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: kX2vru6shSLe1AuHCu50FMUsP_Ur6fvnC_iUV1OER1km9h8YpgkmSg==
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
expires: Wed, 12 Feb 2020 17:55:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1030286479

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M69VQR3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16f6be1792dd6c48afd6016dbeb094d7c8fcea83673bdc93c3261f70b9899ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28367
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Feb 2020 16:15:07 GMT

GET
H/1.1

204

asyncPixelSync
pixel.sitescout.com/dmp/ Frame 735C
Redirect Chain

https://pixel-a.basis.net/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync

0
0

94ms
29ms

Document
text/plain

66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Host: pixel.sitescout.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://app.nbaa.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Response headers

Cache-Control: max-age=0,no-cache,no-store
Pragma: no-cache
Expires: Tue, 11 Oct 1977 12:34:56 GMT
P3P: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
Date: Wed, 12 Feb 2020 16:15:07 GMT
Server: AC1.1

Redirect headers

Content-length: 0
Location: https://pixel.sitescout.com/dmp/asyncPixelSync

GET
H2 200 boomerang.min.js Show response
cdn.feathr.co/js/ 113 KB
34 KB 52ms
27ms Script
application/javascript 2606:4700:3036::6812:2077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.feathr.co/js/boomerang.min.js
Requested by: Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:2077 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 880dd1410cf9bfe0f45193fe975b05e6915df228c6304d3b8f279f4e2275351c

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Jan 2020 04:21:07 GMT
server: cloudflare
age: 6763
etag: W/"875ba0ef01af6581f7677611021de48a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 563fdc072c66dfd3-FRA
x-amz-request-id: CC6861E473FD2264
x-amz-id-2: cSXQLI8MB00FAnnifmKRkukdYCA8s29rUOCugEgJLaJE2cxHLlnpz5cEPNB82Wko+G9TVnhoL/U=

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 826ms
20ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 16:15:08 GMT
content-encoding: gzip
age: 28855
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-fra19170-FRA
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1581524108.180794,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H/1.1

200
OK

seg=NBAA
bcp.crwdcntrl.net/5/ct=y/c=12671/seg=1.2.18/seg=1.2.19/seg=1.2.22/seg=1.2.26/seg=1.2.34/seg=1.2.35/seg=1.2.36/seg=16.7.4/seg=16.7.5/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=12671/seg=1.2.18/seg=1.2.19/seg=1.2.22/seg=1.2.26/seg=1.2.34/seg=1.2.35/seg=1.2.36/seg=16.7.4/seg=16.7.5/seg=NBAA
https://bcp.crwdcntrl.net/5/ct=y/c=12671/seg=1.2.18/seg=1.2.19/seg=1.2.22/seg=1.2.26/seg=1.2.34/seg=1.2.35/seg=1.2.36/seg=16.7.4/seg=16.7.5/seg=NBAA

49 B
1 KB

66ms
66ms

Image
image/gif

52.214.152.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=12671/seg=1.2.18/seg=1.2.19/seg=1.2.22/seg=1.2.26/seg=1.2.34/seg=1.2.35/seg=1.2.36/seg=16.7.4/seg=16.7.5/seg=NBAA
Requested by: Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.152.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-152-253.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Feb 2020 16:15:07 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: 10.45.17.97
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 12 Feb 2020 16:15:07 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://bcp.crwdcntrl.net/5/ct=y/c=12671/seg=1.2.18/seg=1.2.19/seg=1.2.22/seg=1.2.26/seg=1.2.34/seg=1.2.35/seg=1.2.36/seg=16.7.4/seg=16.7.5/seg=NBAA
Cache-Control: no-cache
X-Server: 10.45.10.102
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

92080fb5100863f3
pixel.sitescout.com/up/
Redirect Chain

https://pixel-a.basis.net/up/92080fb5100863f3?cntr_url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402
https://pixel.sitescout.com/up/92080fb5100863f3?cntr_url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402

43 B
328 B

94ms
30ms

Image
image/gif

66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/92080fb5100863f3?cntr_url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402
Requested by: Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Feb 2020 16:15:06 GMT
Server: AC1.1
P3P: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
Cache-Control: max-age=0,no-cache,no-store
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

Location: https://pixel.sitescout.com/up/92080fb5100863f3?cntr_url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402
Content-length: 0

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1124327031&t=pageview&_s=1&dl=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&ul=en-us&de=UTF-8&dt=Join%2F...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-549587-1&cid=1809572573.1581524107&jid=388594334&_gid=323153793.1581524107&gjid=874081728&_v=j81&z=840069805
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-549587-1&cid=1809572573.1581524107&jid=388594334&_v=j81&z=840069805
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-549587-1&cid=1809572573.1581524107&jid=388594334&_v=j81&z=840069805&slf_rd=1&random=3574472191

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-549587-1&cid=1809572573.1581524107&jid=388594334&_v=j81&z=840069805&slf_rd=1&random=3574472191

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Feb 2020 16:15:07 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Feb 2020 16:15:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-549587-1&cid=1809572573.1581524107&jid=388594334&_v=j81&z=840069805&slf_rd=1&random=3574472191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 14ms
13ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1124327031&t=pageview&_s=1&dl=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&ul=en-us&de=UTF-8&dt=Join%2FRenew%20%7C%20NBAA%20-%20National%20Business%20Aviation%20Association&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABB~&jid=1528367088&gjid=431421165&cid=1809572573.1581524107&tid=UA-271220-1&_gid=323153793.1581524107&_r=1&gtm=2wg1t0M69VQR3&z=1491251216

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 12 Feb 2020 16:15:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=245329&url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&time=1581524107384
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D245329%26url%3Dhttps%253A%252F%252Fapp.nbaa.org%252Fmember%252Fjoin_renew%252F%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=245329&url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&time=1581524107384&liSync=true

0
45 B

165ms
165ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=245329&url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&time=1581524107384&liSync=true
Requested by: Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: rZ279suz8hWQwQNmxioAAA==

Redirect headers

date: Wed, 12 Feb 2020 16:15:07 GMT
x-content-type-options: nosniff
linkedin-action: 1
status: 302
strict-transport-security: max-age=2592000
content-length: 0
x-li-uuid: zxbo7Muz8hVQ7Qcv4ioAAA==
server: Play
pragma: no-cache
x-li-pop: prod-tln1
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=245329&url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&time=1581524107384&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 1470755676537181 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 64ms
64ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1470755676537181?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1c69034f94a18f2daab4acedcebea81bcef0afb1c2248d3115ccddb76b56aa19

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: Z0Zdst1r6ZBDQcOLb8XToLckm/U8HWkhmw/Du7marwIHv357+PtQQqhoV0JLH9UyPUJdFFziJ29WaQN1AFUimA==
x-fb-trip-id: 1850256238
date: Wed, 12 Feb 2020 16:15:07 GMT, Wed, 12 Feb 2020 16:15:07 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrations Show response
polo.feathr.co/v1/accounts/587521bf7c1fea14b1fb6795/ 54 B
387 B 342ms
104ms XHR
application/json 34.231.179.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/accounts/587521bf7c1fea14b1fb6795/integrations

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.231.179.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-179-184.compute-1.amazonaws.com

Software

nginx/1.15.10 /

Resource Hash

68795cb80606f19d4ec0d92744af85048164f53500ad9535229c470fe24fe28a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://app.nbaa.org/
Origin: https://app.nbaa.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT
server: nginx/1.15.10
status: 200
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 54

GET
H2 200 refresh
marco.feathr.co/v1/ 43 B
584 B 251ms
122ms Image
image/gif 13.225.78.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marco.feathr.co/v1/refresh
Requested by: Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-3.fra2.r.cloudfront.net
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-apigw-id: Hyql1EIQIAMFnMQ=
x-amzn-requestid: 8813a5fb-4aea-4b0f-8dc1-b4c459645e38
access-control-allow-methods: *
content-type: image/gif
status: 200
x-amzn-trace-id: Root=1-5e44248b-761a29cf890a5498984de928;Sampled=0
x-cache: Miss from cloudfront
access-control-allow-origin: *
content-length: 43
x-amz-cf-id: 3YnVx748ZjtYiTjtF--VPVjex0bqkupoIf9tpRohRvQFaaYeSa_enQ==
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030286479/ 2 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1030286479/?random=1581524107460&cv=9&fst=1581524107460&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&tiba=Join%2FRenew%20%7C%20NBAA%20-%20National%20Business%20Aviation%20Association&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d239e2e5f5161153f0d3195b744becd68001dde3577c6d8265d360bda73c996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Wed, 12 Feb 2020 16:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1059
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/844434283/ 2 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/844434283/?random=1581524107463&cv=9&fst=1581524107463&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&tiba=Join%2FRenew%20%7C%20NBAA%20-%20National%20Business%20Aviation%20Association&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b61cd758313b78c226f15a1348bad526b07be3b96c8d5e35c0960358596c376e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Wed, 12 Feb 2020 16:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1060
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1030286479/ 42 B
249 B 21ms
21ms Image
image/gif 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1030286479/?random=1581524107460&cv=9&fst=1581523200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1t0&sendb=1&frm=0&url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&tiba=Join%2FRenew%20%7C%20NBAA%20-%20National%20Business%20Aviation%20Association&async=1&fmt=3&is_vtc=1&random=3437861004&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 12 Feb 2020 16:15:07 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1030286479/ 42 B
110 B 19ms
19ms Image
image/gif 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1030286479/?random=1581524107460&cv=9&fst=1581523200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1t0&sendb=1&frm=0&url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&tiba=Join%2FRenew%20%7C%20NBAA%20-%20National%20Business%20Aviation%20Association&async=1&fmt=3&is_vtc=1&random=3437861004&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 12 Feb 2020 16:15:07 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/844434283/ 42 B
114 B 33ms
32ms Image
image/gif 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/844434283/?random=1581524107463&cv=9&fst=1581523200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1t0&sendb=1&frm=0&url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&tiba=Join%2FRenew%20%7C%20NBAA%20-%20National%20Business%20Aviation%20Association&async=1&fmt=3&is_vtc=1&random=2759059372&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 12 Feb 2020 16:15:07 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/844434283/ 42 B
110 B 19ms
19ms Image
image/gif 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/844434283/?random=1581524107463&cv=9&fst=1581523200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1t0&sendb=1&frm=0&url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&tiba=Join%2FRenew%20%7C%20NBAA%20-%20National%20Business%20Aviation%20Association&async=1&fmt=3&is_vtc=1&random=2759059372&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 12 Feb 2020 16:15:07 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 299191654016663 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 60ms
60ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/299191654016663?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e99c9da9a545085b2588e2e5dece29f87a280c4b7767f2131bc4844289f7e78b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: IJ3GyfZ0GCiLa+CZeOZSelrnvDdFI1ZlDqWs797SoV1Q14WUc0u33j1vKe1xMtHAC20W6umOjH6lm7wl0weNlA==
x-fb-trip-id: 1850256238
date: Wed, 12 Feb 2020 16:15:07 GMT, Wed, 12 Feb 2020 16:15:07 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
250 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1470755676537181&ev=PageView&dl=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&rl=&if=false&ts=1581524107509&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1581524107508.1221815350&it=1581524107392&coo=false&rqm=GET

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT, Wed, 12 Feb 2020 16:15:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Wed, 12 Feb 2020 16:15:07 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030286479/ 2 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1030286479/?random=1581524107574&cv=9&fst=1581524107574&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1t0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&tiba=Join%2FRenew%20%7C%20NBAA%20-%20National%20Business%20Aviation%20Association&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9bc96411e5fd8d8f6fffc9008a4939b3c62eab84dc0fa56fb8d9a2f8c398aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Wed, 12 Feb 2020 16:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 171 B
462 B 123ms
108ms XHR
application/json 2a04:4e42:3::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=nbaa.org&domain=app.nbaa.org&path=%2Fmember%2Fjoin_renew%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::714 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4c6e1df39c04d6c1c0f1d4131df36121a0050f3efd18f405023bf1596a9f1b49

Request headers

Referer: https://app.nbaa.org/
Origin: https://app.nbaa.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT
content-encoding: gzip
age: 0
x-cache: MISS
status: 200
x-cache-hits: 0
content-length: 141
x-served-by: cache-fra19129-FRA
access-control-allow-origin: *
x-timer: S1581524108.593153,VS0,VE102
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Mon, 10 Feb 2020 16:15:07 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1030286479/ 42 B
114 B 28ms
27ms Image
image/gif 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1030286479/?random=1581524107574&cv=9&fst=1581523200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&tiba=Join%2FRenew%20%7C%20NBAA%20-%20National%20Business%20Aviation%20Association&async=1&fmt=3&is_vtc=1&random=3228190409&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 12 Feb 2020 16:15:07 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1030286479/ 42 B
110 B 20ms
20ms Image
image/gif 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1030286479/?random=1581524107574&cv=9&fst=1581523200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&tiba=Join%2FRenew%20%7C%20NBAA%20-%20National%20Business%20Aviation%20Association&async=1&fmt=3&is_vtc=1&random=3228190409&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 12 Feb 2020 16:15:07 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
103 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=299191654016663&ev=PageView&dl=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&rl=&if=false&ts=1581524107634&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1581524107508.1221815350&it=1581524107392&coo=false&rqm=GET

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 16:15:07 GMT, Wed, 12 Feb 2020 16:15:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Wed, 12 Feb 2020 16:15:07 GMT

GET
H2 200 script.js Show response
polo.feathr.co/v1/analytics/match/ 290 B
676 B 326ms
112ms Script
text/javascript 34.231.179.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/analytics/match/script.js?pk=feathr

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.231.179.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-179-184.compute-1.amazonaws.com

Software

nginx/1.15.10 /

Resource Hash

5a7a1add3dca4bff0596470bf0738d4fdb2d0267b2cc6a94144a47e98f3987ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 16:15:08 GMT
server: nginx/1.15.10
access-control-allow-origin: *
etag: "5e44248b952c30000713355c"
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/javascript
status: 200
cache-control: no-cache, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 290

GET
H2 200 pixel.js Show response
polo.feathr.co/v1/accounts/587521bf7c1fea14b1fb6795/ 273 B
640 B 327ms
112ms Script
text/javascript 34.231.179.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/accounts/587521bf7c1fea14b1fb6795/pixel.js?pk=feathr

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.231.179.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-179-184.compute-1.amazonaws.com

Software

nginx/1.15.10 /

Resource Hash

e15b7277a365a9dc933f5e5fda575b0ec26ba98395be5fe75dfd6205c567af7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 16:15:08 GMT
server: nginx/1.15.10
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/javascript
status: 200
cache-control: must-revalidate, max-age=14400
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 273

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 326ms
105ms Image
image/gif 34.226.187.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=nbaa.org&p=%2Fmember%2Fjoin_renew%2F&u=nx4wkB7XrQ1D3lbpV&d=app.nbaa.org&g=65855&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3207&t=BqRmXkChGJeTCvl-0ADT-si_D6HG7F&V=118&i=Join%2FRenew%20%7C%20NBAA%20-%20National%20Business%20Aviation%20Association&tz=-60&sn=1&sv=C2CpKnCeWAZCrYluvDTqBqvD2PG2G&sd=1&im=060b063f&_
Requested by: Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.187.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-187-87.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
pragma: no-cache
date: Wed, 12 Feb 2020 16:15:08 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK piwik.php
www.rumiview.com/ 43 B
183 B 201ms
201ms Image
image/gif 199.185.0.231
MULTIVIEW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rumiview.com/piwik.php?action_name=Join%2FRenew%20%7C%20NBAA%20-%20National%20Business%20Aviation%20Association&idsite=8622&rec=1&r=927000&h=17&m=15&s=8&url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&_id=ebd2a06b6bf51ea9&_idts=1581524108&_idvc=1&_idn=0&_viewts=1581524108&send_image=1&cookie=1&res=1600x1200&gt_ms=788&pv_id=mPCTwn
Requested by: Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.185.0.231 , United States, ASN21592 (MULTIVIEW, US),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 12 Feb 2020 16:15:08 GMT
Content-Encoding: none
Server: nginx
Content-Length: 43
Content-Type: image/gif

GET
H2 200 adsct
t.co/i/ 43 B
448 B 167ms
129ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o2jfd&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 16:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Wed, 12 Feb 2020 16:15:08 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 46a310b4f7fbf2ebb278d0c4af861ce4
x-transaction: 00194a870043cf1c
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

match
polo-v1.feathr.co/v1/analytics/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5e44248b952c30000713355c&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5e44248b952c30000713355c&gdpr=0
https://polo-v1.feathr.co/v1/analytics/match?f_id=5e44248b952c30000713355c&ttd_id=c70ba350-4c8b-4c42-81f2-5c636ee64f61

43 B
404 B

336ms
110ms

Image
image/gif

52.22.20.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://polo-v1.feathr.co/v1/analytics/match?f_id=5e44248b952c30000713355c&ttd_id=c70ba350-4c8b-4c42-81f2-5c636ee64f61

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.20.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-20-103.compute-1.amazonaws.com

Software

nginx/1.15.10 /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 12 Feb 2020 16:15:08 GMT
server: nginx/1.15.10
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/gif
status: 200
cache-control: max-age=0,no-cache,no-store
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 43

Redirect headers

pragma: no-cache
date: Wed, 12 Feb 2020 16:15:08 GMT
x-aspnet-version: 4.0.30319
location: https://polo-v1.feathr.co/v1/analytics/match?f_id=5e44248b952c30000713355c&ttd_id=c70ba350-4c8b-4c42-81f2-5c636ee64f61
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 302
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 267

GET
H2 200 crumb
polo.feathr.co/v1/analytics/ 43 B
403 B 585ms
584ms Image
image/gif 34.231.179.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://polo.feathr.co/v1/analytics/crumb?cb=1581524108393&a_id=587521bf7c1fea14b1fb6795&f_id=5e44248b952c30000713355c&ses_id=5e44248b26ec9cae68872365&flvr=page_view&loc_url=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&s_w=1600&s_h=1200&b_w=1600&b_h=1200&cust_params=e30=

Requested by

Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.231.179.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-179-184.compute-1.amazonaws.com

Software

nginx/1.15.10 /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 16:15:08 GMT
server: nginx/1.15.10
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/gif
status: 200
cache-control: max-age=0,no-cache,no-store
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 43

GET
H2 200 scout.js Show response
conversation.feathr.co/ 2 KB
1 KB 15ms
14ms Script
application/javascript 2606:4700:3036::6812:2077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conversation.feathr.co/scout.js
Requested by: Host: polo.feathr.co
URL: https://polo.feathr.co/v1/accounts/587521bf7c1fea14b1fb6795/pixel.js?pk=feathr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:2077 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ea603ca41fded331c23f894afd1891f89980970d75b95d31c0b2385ca81c75c

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 16:15:08 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 266
cf-polished: origSize=1886
x-cache: RefreshHit from cloudfront
status: 200
content-encoding: br
content-type: application/javascript
last-modified: Wed, 16 Jan 2019 23:22:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: aqohW.eWLT1hCJZ8gCEF3QZc4pxpebkI
cache-control: max-age=14400
x-amz-cf-pop: FRA6-C1
cf-ray: 563fdc0d785edfd3-FRA
x-amz-cf-id: l3ip5r9pJ474gCiZ-F6LUoA7dprosAR_g68wX-xBuLFOpdSe6swH7w==
cf-bgj: minify

GET
H2 200 main.js Show response
conversation.feathr.co/49c584b/ Frame B4C0 492 KB
131 KB 28ms
28ms Script
application/javascript 2606:4700:3036::6812:2077
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conversation.feathr.co/49c584b/main.js
Requested by: Host: conversation.feathr.co
URL: https://conversation.feathr.co/scout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:2077 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f83ab348d67b75afb59fc666aa941debd7ae229861ad07a70dac7144f5de166

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 16:15:08 GMT
via: 1.1 4eaf05435d5efcf9fee357dc50386904.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 112834
cf-polished: origSize=504520
x-cache: Miss from cloudfront
status: 200
content-encoding: br
x-amz-version-id: DyPTJJtTDXdvXF1JS6HaQE2ncBdWYuiL
last-modified: Wed, 16 Jan 2019 23:20:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
cf-ray: 563fdc0d98a6dfd3-FRA
x-amz-cf-id: 8jBhinFdjdS63B_P2JYeFw5VUWoZI-9o8bOyLW6-_23NNJxqbeQISA==
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 767 B
490 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: conversation.feathr.co
URL: https://conversation.feathr.co/49c584b/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 16:15:08 GMT
server: ESF
date: Wed, 12 Feb 2020 16:15:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Feb 2020 16:15:08 GMT

GET
H2 200 question Show response
polo-v1.feathr.co/v1/accounts/587521bf7c1fea14b1fb6795/ Frame B4C0 18 B
351 B 328ms
122ms Fetch
application/json 52.22.20.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://polo-v1.feathr.co/v1/accounts/587521bf7c1fea14b1fb6795/question?f_id=5e44248b952c30000713355c

Requested by

Host: conversation.feathr.co
URL: https://conversation.feathr.co/49c584b/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.20.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-20-103.compute-1.amazonaws.com

Software

nginx/1.15.10 /

Resource Hash

c9ada4c300c7ae31a34c4b23ce68bb4a96a07db8b8e12d7e8adca1fdc1584cb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://app.nbaa.org/
Origin: https://app.nbaa.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 12 Feb 2020 16:15:08 GMT
server: nginx/1.15.10
status: 200
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 18

GET
H/1.1 200
OK Cookie set rt=ifr
bcp.crwdcntrl.net/5/c=12671/rand=724734266/pv=y/seg=1.2.18/seg=1.2.19/seg=1.2.22/seg=1.2.26/seg=1.2.34/seg=1.2.35/seg=1.2.36/seg=16.7.4/seg=16.7.5/seg=NBAA/int=%23OpR%2382957%23app.nbaa.org%20%3A%2... Frame F147 0
0 73ms
73ms Document
text/html 52.214.152.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/c=12671/rand=724734266/pv=y/seg=1.2.18/seg=1.2.19/seg=1.2.22/seg=1.2.26/seg=1.2.34/seg=1.2.35/seg=1.2.36/seg=16.7.4/seg=16.7.5/seg=NBAA/int=%23OpR%2382957%23app.nbaa.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23app.nbaa.org%20%3A%20Site%20Section%20%3A%20member/int=%23OpR%2382959%23app.nbaa.org%20%3A%20Site%20Section%20%3A%20member%20%3A%20join_renew/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/12671/cc.js?ns=_cc12671
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.152.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-152-253.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: bcp.crwdcntrl.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://app.nbaa.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _cc_dc=1; _cc_id=801ee6ed155eb498b6fccd13554bde86; _cc_cc="ACZ4nGNQsDAwTE01S00xNDVNTTKxtEgyS0tOTjE0NjU1SUpJtTBjAII4F5VuBjgQefbojwzj%2FySG%2F4yMDO2Pe6Rg7DYkdgsSuxmJ3YDEfjDvP9ycl0hmvkBiP0di3zqpDmNeWDyHBcY%2Bd%2FQQM9zIqT2MMPbl53dkYezDSOovnXrEBmMv%2F2gJY7auf8oNY%2B9ffhSuFQDepGh%2F"; _cc_aud="ABR4nGNgYGCIc1HpZoABJgbW08wgBuvnU0ASADTYA%2Bk%3D"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://app.nbaa.org/

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Wed, 12 Feb 2020 16:15:09 GMT
Expires: 0
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_id=801ee6ed155eb498b6fccd13554bde86;Path=/;Domain=crwdcntrl.net;Expires=Sun, 08-Nov-2020 16:11:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQsDAwTE01S00xNDVNTTKxtEgyS0tOTjE0NjU1SUpJtTBjAII4F5Xef%2F%2F%2F%2F%2BdngAGRZ4%2F%2ByDD%2BT2L4z8jI0P64RwrGbkNityCxm5HYDUjsB%2FP%2Bw815iWTmCyT2cyT2rZPqMOaFxXNYYOxzRw8xw42c2sMIY19%2BfkcWxj6MpP7SqUdsMPbyj5YwZuv6p9ww9v7lR%2BFaAQMPbIs%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 08-Nov-2020 16:11:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGCIc1HpZYABJgbW08wgBuvnU0ASADUKA%2Bs%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 08-Nov-2020 16:11:00 GMT;Max-Age=23328000;SameSite=None;Secure
Vary: Accept-Encoding
X-Server: 10.45.16.103
Content-Length: 638
Connection: keep-alive

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
633 B 173ms
131ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o2jfd&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Wed, 12 Feb 2020 16:15:09 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 11b21e05320f9ca39f695a5c7679792f
x-transaction: 0069a2f700df59c1
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
150 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1470755676537181&ev=Microdata&dl=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&rl=&if=false&ts=1581524109012&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20Join%2FRenew%20%7C%20NBAA%20-%20National%20Business%20Aviation%20Association%20%22%2C%22meta%3Adescription%22%3A%22NBAA%20promotes%20the%20aviation%20interests%20of%20organizations%20utilizing%20general%20aviation%20aircraft%20for%20business%20purposes%20in%20the%20United%20States%20and%20worldwide.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1581524107508.1221815350&it=1581524107392&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 16:15:09 GMT, Wed, 12 Feb 2020 16:15:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Wed, 12 Feb 2020 16:15:09 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 34 KB
11 KB 71ms
22ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: app.nbaa.org
URL: https://app.nbaa.org/member/join_renew/?pc=129DUES&sc=DE206402
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 18193705ab98d0aa0d38c44621932f9599495d8e708fc41afb7ef892ab0895ae

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: lfmGdNKg5RpvOV9rgmEkoYf4yRMYp92f
Content-Encoding: gzip
x-amz-request-id: CF2698AF4ECDBB0C
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Wed, 12 Feb 2020 16:15:09 GMT
Connection: keep-alive
Content-Length: 10738
x-amz-id-2: XOPKCCC75hTreRBEowGrlWbCCdZ7Sq9AOTK9wflo/A42EY34c+mx3gheNXC+rUzATlHFDVwJg1E=
Last-Modified: Thu, 06 Feb 2020 22:47:39 GMT
Server: AmazonS3
ETag: "bdad36c9dcb5278bdd961fb364516719"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/FKCCI2B7WBBO3HADTPQ5VV/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

23ms
22ms

Script
application/javascript

23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: Y8nS1mIzhBe8JEQvENARcyn9JPX.scLz
Content-Encoding: gzip
x-amz-request-id: E1C9941DB941DD1E
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Wed, 12 Feb 2020 16:15:09 GMT
Connection: keep-alive
Content-Length: 48
x-amz-id-2: lqt/Q3YwSp0JZGFSkK+nCWTAycdLPcPppTHD0vKT62G9CJJy1uY9PFVXzze6e8zRgmHtjNxi+Co=
Last-Modified: Thu, 06 Feb 2020 23:04:12 GMT
Server: AmazonS3
ETag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Wed, 12 Feb 2020 16:15:09 GMT
Server: AkamaiGHost
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/FKCCI2B7WBBO3HADTPQ5VV/JM2BXLMFQJCZLJD2OW2XSV/ 0
705 B 117ms
77ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/FKCCI2B7WBBO3HADTPQ5VV/JM2BXLMFQJCZLJD2OW2XSV/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: ljbBCNnB7Kt98DuXzW1RsM83whIowTa6
x-amz-request-id: 94E6E8F4786E8516
x-amz-server-side-encryption: AES256
Date: Wed, 12 Feb 2020 16:15:09 GMT
Connection: keep-alive
Content-Length: 0
x-amz-id-2: eBTXq4vWkYBUDYYzruj9XNlIOFYZKRz4RAvTxTNCz9PjQ9p5NAv7GQ7qPT82RMrBOx8+2nyzYjA=
Last-Modified: Tue, 11 Feb 2020 16:52:42 GMT
Server: AmazonS3
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/FKCCI2B7WBBO3HADTPQ5VV/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/FKCCI2B7WBBO3HADTPQ5VV?_s=32e95503100653b7e9323ed214747f28&_b=2
https://d.adroll.com/consent/check/FKCCI2B7WBBO3HADTPQ5VV/?_s=32e95503100653b7e9323ed214747f28&_b=2

116 B
208 B

105ms
33ms

Script
application/javascript

63.32.160.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/FKCCI2B7WBBO3HADTPQ5VV/?_s=32e95503100653b7e9323ed214747f28&_b=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.160.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-160-203.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 3d1276c0417f4ab8e36d48a631dce2a6299baf4b918a411929d1b1a71e1fa09d

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 12 Feb 2020 16:15:09 GMT
server: nginx/1.16.1
content-length: 116
content-type: application/javascript

Redirect headers

status: 302
date: Wed, 12 Feb 2020 16:15:09 GMT
server: nginx/1.16.1
content-length: 105
location: https://d.adroll.com/consent/check/FKCCI2B7WBBO3HADTPQ5VV/?_s=32e95503100653b7e9323ed214747f28&_b=2

GET
H2 200 /
www.facebook.com/tr/ 44 B
104 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=299191654016663&ev=Microdata&dl=https%3A%2F%2Fapp.nbaa.org%2Fmember%2Fjoin_renew%2F%3Fpc%3D129DUES%26sc%3DDE206402&rl=&if=false&ts=1581524109136&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20Join%2FRenew%20%7C%20NBAA%20-%20National%20Business%20Aviation%20Association%20%22%2C%22meta%3Adescription%22%3A%22NBAA%20promotes%20the%20aviation%20interests%20of%20organizations%20utilizing%20general%20aviation%20aircraft%20for%20business%20purposes%20in%20the%20United%20States%20and%20worldwide.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1581524107508.1221815350&it=1581524107392&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 16:15:09 GMT, Wed, 12 Feb 2020 16:15:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Wed, 12 Feb 2020 16:15:09 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 106ms
105ms Image
image/gif 34.226.187.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=nbaa.org&p=%2Fmember%2Fjoin_renew%2F&u=nx4wkB7XrQ1D3lbpV&d=app.nbaa.org&g=65855&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=1200&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=3207&t=BqRmXkChGJeTCvl-0ADT-si_D6HG7F&V=118&tz=-60&sn=2&sv=C2CpKnCeWAZCrYluvDTqBqvD2PG2G&sd=1&im=060b063f&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.187.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-187-87.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://app.nbaa.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
pragma: no-cache
date: Wed, 12 Feb 2020 16:15:23 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.nbaa.org/	1970-01-19 07:18:45	Name: _pk_ses.8622.4c78 Value: *
app.nbaa.org/	1970-01-19 16:44:39	Name: _pk_id.8622.4c78 Value: ebd2a06b6bf51ea9.1581524108.1.1581524108.1581524108.
app.nbaa.org/	1970-01-19 07:18:45	Name: _cb_svref Value: null
app.nbaa.org/	1970-01-19 16:47:32	Name: _cb Value: nx4wkB7XrQ1D3lbpV
app.nbaa.org/	1970-01-19 16:47:32	Name: _cb_ls Value: 1
.nbaa.org/	1970-01-19 09:28:20	Name: _fbp Value: fb.1.1581524107508.1221815350
.app.nbaa.org/	1970-01-19 07:18:47	Name: feathr_session_id Value: 5e44248b26ec9cae68872365
.nbaa.org/	1970-01-19 07:18:44	Name: _gat_UA-271220-1 Value: 1
.nbaa.org/	1970-01-19 08:01:56	Name: __cfduid Value: d30dcbb4f1bce527174758c08d0f6cd891581524107
.nbaa.org/	1970-01-19 07:18:44	Name: _gat_UA-549587-1 Value: 1
.nbaa.org/	1970-01-19 07:20:10	Name: _gid Value: GA1.2.323153793.1581524107
.nbaa.org/	1970-01-20 00:49:56	Name: _ga Value: GA1.2.1809572573.1581524107
app.nbaa.org/	1970-01-19 16:47:32	Name: _chartbeat2 Value: .1581524108057.1581524108057.1.C2CpKnCeWAZCrYluvDTqBqvD2PG2G.1
.nbaa.org/	1970-01-19 09:28:20	Name: _gcl_au Value: 1.1.826925674.1581524107

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Duplicate Pixel ID: 1470755676537181.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
app.nbaa.org
bcp.crwdcntrl.net
cdn.feathr.co
click.emarketing.mgiemailsolutions.com
connect.facebook.net
conversation.feathr.co
d.adroll.com
d.adroll.mgr.consensu.org
fast.fonts.net
fonts.googleapis.com
googleads.g.doubleclick.net
mab.chartbeat.com
marco.feathr.co
match.adsrvr.org
nbaa.org
ping.chartbeat.net
pixel-a.basis.net
pixel.sitescout.com
polo-v1.feathr.co
polo.feathr.co
px.ads.linkedin.com
s.adroll.com
sjs.bizographics.com
static.ads-twitter.com
static.chartbeat.com
stats.g.doubleclick.net
t.co
tags.crwdcntrl.net
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.rumiview.com
104.20.166.25
104.20.167.25
104.244.42.131
104.244.42.197
13.225.78.3
151.101.12.157
172.217.18.2
199.185.0.231
23.111.9.35
23.210.248.216
2600:9000:20eb:4e00:18:1fcd:349:ca21
2606:2800:234:660:118e:28f:1d8a:2522
2606:4700:3036::6812:2077
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a00:1450:4001:809::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:820::2003
2a00:1450:4001:820::2004
2a00:1450:400c:c00::9a
2a02:26f0:10c:38f::3adf
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::714
2a05:f500:11:101::b93f:9001
2a05:f500:11:101::b93f:9005
34.226.187.87
34.231.179.184
34.253.11.118
52.214.152.253
52.22.20.103
54.229.35.82
63.32.160.203
66.155.71.149
66.231.94.105
93.184.220.113
0d4d0a77c9e7249dbc0f3e4b34a66a3c97a7724b88d307b170056dcd24ab75b3
0f83ab348d67b75afb59fc666aa941debd7ae229861ad07a70dac7144f5de166
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11f03d1a6232ce11d3014330915915d02b4e251c7461fed65ce62468973565f7
1439d8a1d7f4b4b07d4c9fbc7ea62b2a96a8774ae98e569e44ba0a6be5a0a776
16f6be1792dd6c48afd6016dbeb094d7c8fcea83673bdc93c3261f70b9899ede
18193705ab98d0aa0d38c44621932f9599495d8e708fc41afb7ef892ab0895ae
1c69034f94a18f2daab4acedcebea81bcef0afb1c2248d3115ccddb76b56aa19
1ea603ca41fded331c23f894afd1891f89980970d75b95d31c0b2385ca81c75c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
31b51cfee0843fd0e83a7f8801285c43140e3357e58023fc8a8fd13682ba1537
3d1276c0417f4ab8e36d48a631dce2a6299baf4b918a411929d1b1a71e1fa09d
3d239e2e5f5161153f0d3195b744becd68001dde3577c6d8265d360bda73c996
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4c6e1df39c04d6c1c0f1d4131df36121a0050f3efd18f405023bf1596a9f1b49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
566272b1f6b95c9a7fcbfaba57bd3cf128dc1cdea0640493fab7aee23fd1c92b
5a7a1add3dca4bff0596470bf0738d4fdb2d0267b2cc6a94144a47e98f3987ce
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
656081e0b58800278537fce8ef1dfc5714acbc96d574e6d36250eb4d80747e82
666c44a9033c6489927ae6641f3ec28603617ca4884ed2f29b4c4300ec1ba971
68795cb80606f19d4ec0d92744af85048164f53500ad9535229c470fe24fe28a
7a91f006fe66458fcf9424d5e8e8511b488129f7869faec594662ca4dca22cfd
7f62c25f62d22488c4090c4a1eb6a459c39017f33059354337f59cb1aec8718d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
880dd1410cf9bfe0f45193fe975b05e6915df228c6304d3b8f279f4e2275351c
930a44dceae49e513675a939638eaaa16443ef8c81699948d3aab9a039d75aeb
970ea5a6fdb12ab9b00f5911f109b3d85d03c87345259f48879a16bf62038470
98876b935f0a5a1eff10e6ea82ec9d3bda59e04f9650a4500aa53c301135bd9a
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b45d97058f736f8d8468e33294aa805628714b675ff3325e0a049fff0136067
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
b61cd758313b78c226f15a1348bad526b07be3b96c8d5e35c0960358596c376e
bddd20fe662ea973fef0c9f95f8b3ade5534c0296c65db8761798b75bd09e147
c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c
c9ada4c300c7ae31a34c4b23ce68bb4a96a07db8b8e12d7e8adca1fdc1584cb5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e15b7277a365a9dc933f5e5fda575b0ec26ba98395be5fe75dfd6205c567af7a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e99c9da9a545085b2588e2e5dece29f87a280c4b7767f2131bc4844289f7e78b
e9bc96411e5fd8d8f6fffc9008a4939b3c62eab84dc0fa56fb8d9a2f8c398aff
eae166b1f268ee021d216f589aeeb179f3267ad22693a42e8982e499e911978c
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

app.nbaa.org Open in urlscan Pro 104.20.167.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

100 %HTTPS

44 %IPv6

28 Domains

38 Subdomains

31 IPs

7 Countries

857 kBTransfer

3054 kBSize

14 Cookies

18 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

app.nbaa.org Open in urlscan Pro
104.20.167.25 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

100 %
HTTPS

44 %
IPv6

28
Domains

38
Subdomains

31
IPs

7
Countries

857 kB
Transfer

3054 kB
Size

14
Cookies

70 HTTP transactions
0 data transactions