nationalbankopen.com Open in urlscan Pro
141.193.213.10 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nationalbankopen.com/
Submission: On February 20 via automatic, source certstream-suspicious (February 20th 2023, 3:26:51 pm UTC) — Scanned from DE

Summary HTTP 166 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 44 IPs in 8 countries across 39 domains to perform 166 HTTP transactions. The main IP is 141.193.213.10, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is nationalbankopen.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 4th 2022. Valid for: a year.

This is the only time nationalbankopen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	141.193.213.10 141.193.213.10	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a00:1450:400... 2a00:1450:400d:80e::2008	15169 (GOOGLE) (GOOGLE)
2 3	104.16.107.139 104.16.107.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	13.225.78.63 13.225.78.63	16509 (AMAZON-02) (AMAZON-02)
1 2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
5 10	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1	35.185.45.56 35.185.45.56	15169 (GOOGLE) (GOOGLE)
10	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
3	34.111.146.217 34.111.146.217	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.225.85.149 13.225.85.149	16509 (AMAZON-02) (AMAZON-02)
3	141.193.213.11 141.193.213.11	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.15.12 18.66.15.12	16509 (AMAZON-02) (AMAZON-02)
2	104.64.112.94 104.64.112.94	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:808::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.189.26 13.224.189.26	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
1	13.224.189.10 13.224.189.10	16509 (AMAZON-02) (AMAZON-02)
7	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	63.34.186.145 63.34.186.145	16509 (AMAZON-02) (AMAZON-02)
2	35.244.160.208 35.244.160.208	15169 (GOOGLE) (GOOGLE)
30	2620:1ec:4e:1... 2620:1ec:4e:1::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	52.50.220.58 52.50.220.58	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.254.165.240 34.254.165.240	16509 (AMAZON-02) (AMAZON-02)
7 7	18.203.152.154 18.203.152.154	16509 (AMAZON-02) (AMAZON-02)
7 8	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:16ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 12	52.31.229.114 52.31.229.114	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	3.121.27.153 3.121.27.153	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
2 2	13.225.78.101 13.225.78.101	16509 (AMAZON-02) (AMAZON-02)
1 1	18.205.204.69 18.205.204.69	14618 (AMAZON-AES) (AMAZON-AES)
1	108.128.244.129 108.128.244.129	16509 (AMAZON-02) (AMAZON-02)
1 1	52.208.98.204 52.208.98.204	16509 (AMAZON-02) (AMAZON-02)
8 8	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2 2	52.48.136.44 52.48.136.44	16509 (AMAZON-02) (AMAZON-02)
166	44

36 141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

nationalbankopen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.107.139 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

v2.zopim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-63.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States) 1 redirects

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.166 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

12743290.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4923687.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5357220.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6037123.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.185.45.56 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 56.45.185.35.bc.googleusercontent.com

tag.retargeter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.141 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.146.217 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 217.146.111.34.bc.googleusercontent.com

chat.satis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.85.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-149.fra2.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

tcadserver.rain-digital.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-12.vie50.r.cloudfront.net

w.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.64.112.94 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-112-94.deploy.static.akamaitechnologies.com

www.bnc.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-26.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-10.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.186.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-186-145.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.160.208 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 208.160.244.35.bc.googleusercontent.com

prod-satisfilabs-resources-gcs.satis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2620:1ec:4e:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

static.rolex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.50.220.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-220-58.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.165.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-165-240.eu-west-1.compute.amazonaws.com

nationalbankofcanada.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.203.152.154 (Dublin, Ireland) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-152-154.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.226 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:16ea (United States)

ASN13335 (CLOUDFLARENET, US)

idpix.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.31.229.114 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-229-114.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.27.153 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8eee:: (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.101 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-101.fra2.r.cloudfront.net

ads.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.205.204.69 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-204-69.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.244.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-244-129.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.98.204 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-98-204.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.66.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.136.44 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-136-44.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	nationalbankopen.com nationalbankopen.com	4 MB
30	rolex.com static.rolex.com — Cisco Umbrella Rank: 57268	194 KB
27	everesttech.net 21 redirects cm.everesttech.net — Cisco Umbrella Rank: 1029 pixel.everesttech.net — Cisco Umbrella Rank: 4493 sync-tm.everesttech.net — Cisco Umbrella Rank: 586	10 KB
21	doubleclick.net 12 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 12743290.fls.doubleclick.net 4923687.fls.doubleclick.net 5357220.fls.doubleclick.net 6037123.fls.doubleclick.net — Cisco Umbrella Rank: 45431 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	8 KB
10	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 199 nationalbankofcanada.demdex.net — Cisco Umbrella Rank: 431254	13 KB
10	google.com adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 4596	2 KB
10	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	451 KB
7	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	349 B
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
5	satis.fi chat.satis.fi — Cisco Umbrella Rank: 27030 prod-satisfilabs-resources-gcs.satis.fi — Cisco Umbrella Rank: 28491	62 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 628 script.hotjar.com — Cisco Umbrella Rank: 767 vars.hotjar.com — Cisco Umbrella Rank: 914 in.hotjar.com — Cisco Umbrella Rank: 1676	74 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6232	669 B
3	rain-digital.ca tcadserver.rain-digital.ca	208 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1442 insight.adsrvr.org — Cisco Umbrella Rank: 568	3 KB
3	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 385 ib.adnxs.com — Cisco Umbrella Rank: 203	3 KB
3	zopim.com 2 redirects v2.zopim.com — Cisco Umbrella Rank: 9796	244 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 514	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 693	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 533	1 KB
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1417 beacon.krxd.net — Cisco Umbrella Rank: 581	529 B
2	scorecardresearch.com 2 redirects ads.scorecardresearch.com — Cisco Umbrella Rank: 2480	600 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 196	55 KB
2	bnc.ca www.bnc.ca — Cisco Umbrella Rank: 401248	29 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 74	63 KB
2	mouseflow.com 1 redirects cdn.mouseflow.com — Cisco Umbrella Rank: 6741	17 KB
2	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 1881 ekr.zdassets.com — Cisco Umbrella Rank: 2160	8 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	169 KB
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 882	453 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 420	273 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 316	239 B
1	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 751	206 B
1	pro-market.net 1 redirects fei.pro-market.net — Cisco Umbrella Rank: 2207	323 B
1	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 993	418 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 241	612 B
1	media6degrees.com idpix.media6degrees.com — Cisco Umbrella Rank: 1729	205 B
1	soundcloud.com w.soundcloud.com — Cisco Umbrella Rank: 14141	4 KB
1	retargeter.com tag.retargeter.com — Cisco Umbrella Rank: 283942
0	omtrdc.net Failed nationalbankofcanada.d2.sc.omtrdc.net Failed
0	acuityplatform.com Failed acuityplatform.com Failed
166	39

	Domain	Requested by
36	nationalbankopen.com	nationalbankopen.com
30	static.rolex.com	nationalbankopen.com static.rolex.com
12	pixel.everesttech.net	6 redirects
10	connect.facebook.net	nationalbankopen.com connect.facebook.net 12743290.fls.doubleclick.net 5357220.fls.doubleclick.net
9	dpm.demdex.net	www.bnc.ca nationalbankopen.com
8	sync-tm.everesttech.net	8 redirects
8	cm.g.doubleclick.net	7 redirects
7	cm.everesttech.net	7 redirects
7	www.facebook.com	nationalbankopen.com 12743290.fls.doubleclick.net 5357220.fls.doubleclick.net
5	www.google-analytics.com	nationalbankopen.com www.google-analytics.com
5	adservice.google.com	12743290.fls.doubleclick.net 6037123.fls.doubleclick.net 5357220.fls.doubleclick.net 4923687.fls.doubleclick.net
4	5357220.fls.doubleclick.net	2 redirects www.googletagmanager.com
3	region1.analytics.google.com	www.googletagmanager.com
3	www.google.de	nationalbankopen.com
3	tcadserver.rain-digital.ca	nationalbankopen.com
3	chat.satis.fi	www.googletagmanager.com chat.satis.fi
3	v2.zopim.com	2 redirects nationalbankopen.com
2	match.prod.bidr.io	2 redirects
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	ads.scorecardresearch.com	2 redirects
2	insight.adsrvr.org	js.adsrvr.org
2	cdnjs.cloudflare.com	static.rolex.com
2	prod-satisfilabs-resources-gcs.satis.fi	chat.satis.fi
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google.com	nationalbankopen.com
2	www.bnc.ca	www.googletagmanager.com
2	6037123.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	4923687.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.youtube.com	nationalbankopen.com www.youtube.com
2	secure.adnxs.com	1 redirects nationalbankopen.com
2	12743290.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	cdn.mouseflow.com	1 redirects nationalbankopen.com
2	www.googletagmanager.com	nationalbankopen.com www.googletagmanager.com
1	image2.pubmatic.com
1	us-u.openx.net
1	ib.adnxs.com
1	pixel.rubiconproject.com
1	sync.crwdcntrl.net	1 redirects
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	fei.pro-market.net	1 redirects
1	ps.eyeota.net	1 redirects
1	c.bing.com	1 redirects
1	idpix.media6degrees.com
1	nationalbankofcanada.demdex.net	www.bnc.ca
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	ekr.zdassets.com	v2.zopim.com
1	w.soundcloud.com	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	tag.retargeter.com	nationalbankopen.com
1	static.hotjar.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	static.zdassets.com	nationalbankopen.com
0	nationalbankofcanada.d2.sc.omtrdc.net Failed	www.bnc.ca
0	acuityplatform.com Failed	www.googletagmanager.com
166	58

This site contains links to these domains. Also see Links.

Domain
am.ticketmaster.com
www.tenniscanada.com
rolex.com
www.atptour.com
tenniscanada.com
omniumbanquenationale.com
www.nbc.ca
about.rogers.com
www.pages08.net
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
nationalbankopen.com Cloudflare Inc ECC CA-3	`2022-10-04` - `2023-10-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.wpengine.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.satis.fi Sectigo RSA Domain Validation Secure Server CA	`2022-10-20` - `2023-10-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
tcadserver.rain-digital.ca Cloudflare Inc ECC CA-3	`2022-10-03` - `2023-10-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.soundcloud.com GlobalSign GCC R3 DV TLS CA 2020	`2023-01-24` - `2024-02-25`	a year	crt.sh
bnc.ca Entrust Certification Authority - L1K	`2023-02-13` - `2024-02-13`	a year	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2022-11-10` - `2023-11-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
static.rolex.com GlobalSign RSA OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
dstillery.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-05` - `2023-04-28`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://nationalbankopen.com/
Frame ID: 49A8D1503631530613DE46B564BEB28C
Requests: 84 HTTP requests in this frame

Frame: https://12743290.fls.doubleclick.net/activityi;dc_pre=CIe089K0pP0CFcmUmwodIcMGhw;src=12743290;type=nboobn;cat=tenni0;ord=1;num=1251698602957;gtm=45He32f0;auiddc=500775428.1676906804;~oref=https%3A%2F%2Fnationalbankopen.com%2F
Frame ID: A4F0C77030177113D344988BC100A986
Requests: 6 HTTP requests in this frame

Frame: https://4923687.fls.doubleclick.net/activityi;dc_pre=CJeR_dK0pP0CFQbMmgoddAULWw;src=4923687;type=gar_r0;cat=gar_o0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7891649075843.365
Frame ID: 407C73ADB4399D028F0836AB3E44D2CF
Requests: 2 HTTP requests in this frame

Frame: https://5357220.fls.doubleclick.net/activityi;dc_pre=CNiz_dK0pP0CFUm5mgodkIQCLw;src=5357220;type=bnc-d0;cat=bnc-d008;u1=[Campaign%20Name];u5=couperogers;u7=2nd-party;u8=couperogers;u9=[Section];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5914317543352.299
Frame ID: 1C3252955C522477FB90DD94DA2B5156
Requests: 6 HTTP requests in this frame

Frame: https://5357220.fls.doubleclick.net/activityi;dc_pre=CNm1_dK0pP0CFUrOmgodUrAP1Q;src=5357220;type=cprogers;cat=bnc-b00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID]
Frame ID: 4492B32C000F0F6C06D9F9A8DB72D7E6
Requests: 6 HTTP requests in this frame

Frame: https://6037123.fls.doubleclick.net/activityi;dc_pre=CPaQ_NK0pP0CFcjKmgodJ_YJbQ;src=6037123;type=sportrtg;cat=roger00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3754518318220.812
Frame ID: 375C8410626C74DF8B98201D902EA0CE
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
Frame ID: 342DAB0AE55C3FD5946505C907C072B2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BBB3BFA64D5041E46F465CF84D0DD31E
Requests: 1 HTTP requests in this frame

Frame: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Frame ID: 01D19D5C8CF44D9308CDABE20AF9FB3C
Requests: 16 HTTP requests in this frame

Frame: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Frame ID: 824B228B62DF771359DFFEC02B17CA38
Requests: 16 HTTP requests in this frame

Frame: https://nationalbankofcanada.demdex.net/dest5.html?d_nsid=undefined
Frame ID: 1B012A993C1A42996F29320D49A9445E
Requests: 24 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=r0vkorq&ref=https%3A%2F%2Fnationalbankopen.com%2F&upid=kfa26lu&upv=1.1.0
Frame ID: 0CA3923E8FE096CCF2CE02EE52FA2B14
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=s694vku&ref=https%3A%2F%2Fnationalbankopen.com%2F&upid=chkn1c2&upv=1.1.0
Frame ID: 8A6404AAB6352252562743FFCE1A7FF8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - National Bank OpenFeuille_Erable_Vignette_Rouge

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Zendesk Chat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

v2\.zopim\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

166
Requests

82 %
HTTPS

31 %
IPv6

39
Domains

58
Subdomains

44
IPs

8
Countries

5534 kB
Transfer

10626 kB
Size

40
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://am.ticketmaster.com/nbopentoronto/#/
Title: MY ACCOUNT +

Search URL Search Domain Scan URL

URL: http://www.tenniscanada.com/
Title: Tennis Canada

Search URL Search Domain Scan URL

URL: http://rolex.com/

Search URL Search Domain Scan URL

URL: https://am.ticketmaster.com/nbopentoronto/?_ga=2.138072240.1811422498.1657555166-1876151753.1657115464#/
Title: My Account +

Search URL Search Domain Scan URL

URL: https://www.atptour.com/

Search URL Search Domain Scan URL

URL: https://tenniscanada.com/
Title: .st0{fill:#630B1A;} .st1{fill:#FFFFFF;} .st2{fill:#FF001A;} .st3{clip-path:url(#SVGID_00000083807020454300758840000017543919925596147332_);fill:#FF001A;}

Search URL Search Domain Scan URL

URL: https://omniumbanquenationale.com/en/tickets/single-sessions/centre-court/
Title: Get tickets!

Search URL Search Domain Scan URL

URL: https://www.nbc.ca/about-us/social-responsibility/tennis.html

Search URL Search Domain Scan URL

URL: https://about.rogers.com/news-ideas/bringing-year-round-tennis-to-communities-across-canada-with-tennis-canada/

Search URL Search Domain Scan URL

URL: https://omniumbanquenationale.com/en/national-bank-open-tickets-montreal/
Title: Montreal Tickets

Search URL Search Domain Scan URL

URL: https://www.pages08.net/archtics-internationalcanada/TennisCanadaToronto
Title: SIGN UP

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nbotoronto
Title: facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/NBOtoronto
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TCtenniscanada
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nbotoronto/
Title: instagram

Search URL Search Domain Scan URL

URL: https://www.nbc.ca/
Title: Visit National Bank Website

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://v2.zopim.com/?5qQGcRV1pFGLctuRo6PaxcmXeEoYyXKB HTTP 302
https://static.zdassets.com/ekr/asset_composer.js

Request Chain 38

https://cdn.mouseflow.com/projects/0396f0fb-9e31-4227-8f86-fad5e1d9d22f.js HTTP 301
https://cdn.mouseflow.com/projects/0396f0fb-9e31-4227-8f86-fad5e1d9d22f_eu.js

Request Chain 39

https://12743290.fls.doubleclick.net/activityi;src=12743290;type=nboobn;cat=tenni0;ord=1;num=1251698602957;gtm=45He32f0;auiddc=500775428.1676906804;~oref=https%3A%2F%2Fnationalbankopen.com%2F HTTP 302
https://12743290.fls.doubleclick.net/activityi;dc_pre=CIe089K0pP0CFcmUmwodIcMGhw;src=12743290;type=nboobn;cat=tenni0;ord=1;num=1251698602957;gtm=45He32f0;auiddc=500775428.1676906804;~oref=https%3A%2F%2Fnationalbankopen.com%2F

Request Chain 42

https://secure.adnxs.com/seg?add=25077528&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25077528%26t%3D1

Request Chain 51

https://4923687.fls.doubleclick.net/activityi;src=4923687;type=gar_r0;cat=gar_o0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7891649075843.365 HTTP 302
https://4923687.fls.doubleclick.net/activityi;dc_pre=CJeR_dK0pP0CFQbMmgoddAULWw;src=4923687;type=gar_r0;cat=gar_o0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7891649075843.365

Request Chain 52

https://5357220.fls.doubleclick.net/activityi;src=5357220;type=bnc-d0;cat=bnc-d008;u1=[Campaign%20Name];u5=couperogers;u7=2nd-party;u8=couperogers;u9=[Section];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5914317543352.299 HTTP 302
https://5357220.fls.doubleclick.net/activityi;dc_pre=CNiz_dK0pP0CFUm5mgodkIQCLw;src=5357220;type=bnc-d0;cat=bnc-d008;u1=[Campaign%20Name];u5=couperogers;u7=2nd-party;u8=couperogers;u9=[Section];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5914317543352.299

Request Chain 53

https://5357220.fls.doubleclick.net/activityi;src=5357220;type=cprogers;cat=bnc-b00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID] HTTP 302
https://5357220.fls.doubleclick.net/activityi;dc_pre=CNm1_dK0pP0CFUrOmgodUrAP1Q;src=5357220;type=cprogers;cat=bnc-b00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID]

Request Chain 54

https://6037123.fls.doubleclick.net/activityi;src=6037123;type=sportrtg;cat=roger00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3754518318220.812 HTTP 302
https://6037123.fls.doubleclick.net/activityi;dc_pre=CPaQ_NK0pP0CFcjKmgodJ_YJbQ;src=6037123;type=sportrtg;cat=roger00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3754518318220.812

Request Chain 86

https://v2.zopim.com/w?5qQGcRV1pFGLctuRo6PaxcmXeEoYyXKB HTTP 302
https://v2.zopim.com/bin/v/widget_v2.334.js

Request Chain 138

https://cm.everesttech.net/cm/dd?d_uuid=08620288859865270480083353299093669004 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-ORNQAAAEnXwAOV

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDg2MjAyODg4NTk4NjUyNzA0ODAwODMzNTMyOTkwOTM2NjkwMDQ= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENsGPut0ycrx5wAuZIuIfw0&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 144

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1PUk5RQUFBRW5Yd0FPVg&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEAIrlfXP9PgyeHptbGH1wBk&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 145

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1PUk5RQUFBRW5Yd0FPVg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEAIrlfXP9PgyeHptbGH1wBk&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 146

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1PUk5RQUFBRW5Yd0FPVg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEAIrlfXP9PgyeHptbGH1wBk&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 147

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1PUk5RQUFBRW5Yd0FPVg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEAIrlfXP9PgyeHptbGH1wBk&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 148

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1PUk5RQUFBRW5Yd0FPVg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEAIrlfXP9PgyeHptbGH1wBk&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 149

https://c.bing.com/c.gif?uid=08620288859865270480083353299093669004&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=26B791899D5D657A1BB183379C8F64CD

Request Chain 150

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1PUk5RQUFBRW5Yd0FPVg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEAIrlfXP9PgyeHptbGH1wBk&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 151

https://ps.eyeota.net/match?bid=6j5b2cv&uid=08620288859865270480083353299093669004&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 152

https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=08620288859865270480083353299093669004 HTTP 302
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-8680690130162466183

Request Chain 153

https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=08620288859865270480083353299093669004&rn=1676906805240&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D08620288859865270480083353299093669004 HTTP 302
https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=08620288859865270480083353299093669004&rn=1676906805240&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D08620288859865270480083353299093669004 HTTP 302
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=08620288859865270480083353299093669004

Request Chain 154

https://usermatch.krxd.net/um/v2?partner=adobe&id=08620288859865270480083353299093669004 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=08620288859865270480083353299093669004

Request Chain 155

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=08620288859865270480083353299093669004?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

Request Chain 156

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1PUk5RQUFBRW5Yd0FPVg==

Request Chain 157

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y-ORNQAAAEnXwAOV&expires=90

Request Chain 158

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-ORNQAAAEnXwAOV HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-ORNQAAAEnXwAOV&C=1

Request Chain 159

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=Y-ORNQAAAEnXwAOV

Request Chain 160

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y-ORNQAAAEnXwAOV

Request Chain 161

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-ORNQAAAEnXwAOV

Request Chain 162

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y-ORNQAAAEnXwAOV&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y-ORNQAAAEnXwAOV&img=1&__user_check__=1&sync_id=fcefae81-b132-11ed-b8d0-1093d7b30406

Request Chain 163

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y-ORNQAAAEnXwAOV&t=2592000&o=0

Request Chain 164

https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAIf607H5yIAACGZRCtVPA?gdpr=0

166 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
nationalbankopen.com/ 400 KB
68 KB 484ms
436ms Document
text/html 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://nationalbankopen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 0cad534a8ad95abaa529495f352e357cb02459ecfbf49123d1bcc9bdfa2ebab8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79c8431e0cdc3a7a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 20 Feb 2023 15:26:43 GMT
link: <https://nationalbankopen.com/wp-json/>; rel="https://api.w.org/" <https://nationalbankopen.com/wp-json/wp/v2/pages/50>; rel="alternate"; type="application/json" <https://nationalbankopen.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPo2hrV6TOF6zYGAMXQartK%2F0imglwNHEbn8mQetGFK7FXwdFtM%2FmM%2FjxsjEb0sgIW8XHJF8OSVQdKrCNeIoftcQP2XsPZMemXcoVDZAA2biv%2FZKfJJePWL%2FPEtgcxd2JGt9rYyx"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 4
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

GET
H2 200 style.min.css
nationalbankopen.com/wp-includes/css/dist/block-library/ 93 KB
13 KB 21ms
18ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://nationalbankopen.com/wp-includes/css/dist/block-library/style.min.css?ver=1671205794
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 15:49:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 328820
etag: W/"639c93a2-172a9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3Wo4k21Aw47FfrCB6Gl9YH98%2F%2Bka0swDMOllY20boqYq9xF4Xt2JY6S12AO4vouLhD58BCmJfYkAm9VIljwVhzWIDE70dTn3rNGq6ji0wiAG26%2FYi70o7kieKB%2B0bNcfKQtR0OP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c84320ba913a7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 classic-themes.min.css
nationalbankopen.com/wp-includes/css/ 217 B
474 B 34ms
32ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://nationalbankopen.com/wp-includes/css/classic-themes.min.css?ver=1671205794
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 15:49:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 328820
etag: W/"639c93a2-d9"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2BY6PgEDYCo1Ql8LETHUzwjQWvfeUjZHUsYYd9VTyvwsFv%2F2pgJ8cL5gjAJV9DUeXSLg43qeOwpSEy%2ByIpJR3%2FS9UoKcFeLDp1AsZxjTNKLfNx8BBQKmw6cLEM1rxgCMIoDwewTE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c84320ba943a7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 dashicons.min.css
nationalbankopen.com/wp-includes/css/ 58 KB
35 KB 22ms
20ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://nationalbankopen.com/wp-includes/css/dashicons.min.css?ver=1671205794
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 15:49:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 328819
etag: W/"639c93a2-e688"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YBlhn1Zo%2Bnot3dcNgvGe1k4wi724Nu7wJ069Op6TVdkg%2B6snXz9r7bCkT85U5av66jRDd8CARbf71CS%2B9PhcQqH%2FYw302e4pBdLNPNvDUAJmZ9Z4ezAYjf3iFnJwxn8p2xYiXzB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c84320ba963a7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 thickbox.css
nationalbankopen.com/wp-includes/js/thickbox/ 3 KB
1 KB 29ms
26ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://nationalbankopen.com/wp-includes/js/thickbox/thickbox.css?ver=1671205794
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 15:49:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 328819
etag: W/"639c93a2-a63"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hz6iu1FR94R%2FZhvvxiXnRQnJQKIvkMMBNtoCuVrmwdSvVpVJcUiIBxQX7h6MTMaPATVhbqcZFkaCCjdJImXDvdzw1cIWIlxW2S5FxAH7S7Z%2FFFFC3bEeDeUP1d9Ou6sTrqsAoDDk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c84320ba973a7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 wppb_sc_main_frontend.css
nationalbankopen.com/wp-content/plugins/profile-builder-pro/add-ons-advanced/social-connect/assets/css/ 8 KB
2 KB 27ms
25ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://nationalbankopen.com/wp-content/plugins/profile-builder-pro/add-ons-advanced/social-connect/assets/css/wppb_sc_main_frontend.css?ver=1671205803
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98ba2b13fc00b5a97b7edff08111fa2ced3daeac939545630d0fd257f9ee6c22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 15:50:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 328819
etag: W/"639c93ab-1f54"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZOvrFp2rTc2tQ7oHo%2BuxsKd3pvq83fSHnxuG6XfwIv%2BQYe3Mv5qfhi53HRx4uFmL0RzKYMhrfhlEAmNfGmFNEbivNp6fvyW0cK4lTZME2%2FxYnS8wmchyc%2BdpvOhYGyqXNlGPSAY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c84320ba9b3a7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/css/ 342 KB
46 KB 31ms
29ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/css/style.css?ver=1671205801
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: df57959f4855ea8956f132d27130564a68c11270a90ad00615ea8ddcd0ea5905

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 15:50:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 328819
etag: W/"639c93a9-5567e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yk%2B9g%2Fz8xdLtFhN%2FKraCisGhn3ozctH%2BRp62fab063bWr6SpcyWAW7gkGeMHpjpYdCqpRK1SRMnz3xRBuwhbrKBefCu6QpTtgw9yYEkSdilvabhDrMtOFPCrWAnMOFO92j0qBNI"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c84320ba9d3a7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.fancybox.css
nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/css/ 17 KB
4 KB 26ms
24ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/css/jquery.fancybox.css?ver=1671205801
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 610c934df3c85c1caa5336a9a2198ad6b6a11407cb16e6b02faf5135be7521a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 15:50:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 328819
etag: W/"639c93a9-4484"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BI%2FDLsQpFmZqS%2BOmIsah6rckOy3GKpOvca6GgtcTffLTiGiKwP%2B3xZ78gV7nk4ma%2B%2FDDopW2y3Ynz9xZaubWxR268l%2FNM6HPk3s%2F%2FG852uF8g5BlEcl%2Bj8YS8boHX08oP3xJZokX"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c84320ca9f3a7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
nationalbankopen.com/wp-includes/js/jquery/ 88 KB
32 KB 28ms
27ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://nationalbankopen.com/wp-includes/js/jquery/jquery.min.js?ver=1671205794
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 15:49:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 328819
etag: W/"639c93a2-15e54"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IB2P9xUfyjlEBTgdcjP2RtTAZ3ZceWfILjSGHVtADRhyyWoDllaqg9KQYcys0Id5cl7YvY81lWOCwXo6eAOg3Y%2FuGOtG2yOPpTUsdxUABWrL0NFlbim6aD9Rej84I1U5UQjG0ds5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c84320caa03a7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
nationalbankopen.com/wp-includes/js/jquery/ 11 KB
4 KB 23ms
22ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://nationalbankopen.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1671205794
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 15:49:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 328819
etag: W/"639c93a2-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbI8PeSAWXLMq%2FKzj1fV6brwWIdr0F9RCVN4git68kL5CgrZ5mDmUsLNWphl%2B%2FGQWtNToPY7xyew%2Bg%2F0jx715%2BqUbmEsGXSxMrHWh3cMvwWdOrVzp7GuSwPDF%2B3T8RzYy2tEXter"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c84320caa23a7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 wppb_sc_main.js Show response
nationalbankopen.com/wp-content/plugins/profile-builder-pro/add-ons-advanced/social-connect/assets/js/ 20 KB
3 KB 27ms
26ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://nationalbankopen.com/wp-content/plugins/profile-builder-pro/add-ons-advanced/social-connect/assets/js/wppb_sc_main.js?ver=1671205804
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b8378ef6b1f94981d826859346cea71f0eb67c7bbd409a83f55916c65444b5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 15:50:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 328819
etag: W/"639c93ac-50e1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUo7v4Sk4UcGdArfyyvobZNY44S%2FRK8fGs%2Fa6jKsVX29i46ZCP%2BIpt2W9ct5hkh1nE%2B9eA%2BER4burO98dmDM3luNxsxg9AqSYURIZHLHV2so6JE6NdcXlEwqo0LkbNLADNaMjHrj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c84320caa43a7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 265 KB
90 KB 127ms
54ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MHMRC

Requested by

Host: nationalbankopen.com
URL: https://nationalbankopen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

15f3435a23e229b215ca119c4a2d876cd99bd71bc0fb3b0429e0f1f7f90aba29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91823
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Feb 2023 15:26:43 GMT

GET
H3 200 Gilroy-Medium.woff
nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/font/ 64 KB
65 KB 33ms
27ms Font
font/woff 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/font/Gilroy-Medium.woff
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/css/style.css?ver=1671205801
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76ff8fb73041c0c36887086bef8de4a0feefef4698ac68315697e4a979a93e94

Request headers

Referer: https://nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/css/style.css?ver=1671205801
Origin: https://nationalbankopen.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 680556
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66044
last-modified: Fri, 16 Dec 2022 15:50:01 GMT
server: cloudflare
etag: "639c93a9-101fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOBCrrvXGu8xnquNQ%2B3kas3F%2Ftam3socW%2FCNzFAH7%2BHedmQrPm5IRzTxThObRtMtXj7Pk5Cg%2BjlFo%2F1%2BShcBq3ubo1yIhFvj3GtmlI9CNthlY%2FP50dxQOBTHjzvnFVycpBXZ8FUY"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c843212eaf9bbf-FRA

GET
H3 200 NBGroteskPro-75MFett.woff2
nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/font/ 25 KB
26 KB 26ms
20ms Font
font/woff2 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/font/NBGroteskPro-75MFett.woff2
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/css/style.css?ver=1671205801
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7a516867ee056ee9f4530c1ade0c0c94ab64b98f2737045f6884c43bd070e68

Request headers

Referer: https://nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/css/style.css?ver=1671205801
Origin: https://nationalbankopen.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 680556
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25912
last-modified: Fri, 16 Dec 2022 15:50:01 GMT
server: cloudflare
etag: "639c93a9-6538"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flX5EFW%2BXKBoQ40bOVt%2F24wkUeK5NF3Xl2w0Sm767cizySIOH7EcFS8KfPofHTQdXX9EE6m8d8uB2BwAGQUoPkqXwxhwiYirwnfAHmIYCQfbYLOjeO6vLhriV74owgT4DCkHWLzl"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c843212eb39bbf-FRA

GET
H3 200 Gilroy-Bold.woff
nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/font/ 62 KB
63 KB 32ms
25ms Font
font/woff 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/font/Gilroy-Bold.woff
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/css/style.css?ver=1671205801
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c5b37a9d539ea9198f1670d2e943533c41b1e98fd03f7a8c8877277c4be5cd1

Request headers

Referer: https://nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/css/style.css?ver=1671205801
Origin: https://nationalbankopen.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62582
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63916
last-modified: Fri, 16 Dec 2022 15:50:01 GMT
server: cloudflare
etag: "639c93a9-f9ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkwaM%2FrClN6tGElsUU3lL0iJr8Yi%2BKJP3egDt%2F4qTHJhyNKdOZTr%2BTuxUax0DIg0fxztHU%2BbTaKNACjBPAikl%2FhTE7rN8eyCdN2yQJqoY6KF2oEwtytbfQhm2NAIyd2jNirm%2FPIG"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c843214ed49bbf-FRA

GET
H3 200 MSI_9669.jpg
nationalbankopen.com/wp-content/uploads/2023/01/ 412 KB
412 KB 36ms
35ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nationalbankopen.com/wp-content/uploads/2023/01/MSI_9669.jpg
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51e949da090f46611b0e131fe1480066690cf404386ee8993184d432f7b4e8fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63952
cf-polished: origSize=457169, status=webp_bigger
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 421418
cf-bgj: imgq:100,h2pri
last-modified: Mon, 23 Jan 2023 07:10:31 GMT
server: cloudflare
etag: "40f55566b32363194fa580b85842116b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wo2DBsRLbJPZPDduVpuFcScL%2FMGqCdLnxQHFQr5630rKWvgjC7NQ2%2FAiScLq3oMxot1OnhHyzMg9u1gs42a%2F9tRv5E4lxqN%2BiBBHT%2BfHhs9om8ImflDgLLbsB3mLLlpOEP9%2FGZS5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79c8432228859bbf-FRA
expires: Tue, 21 Mar 2023 21:40:51 GMT

GET
H3 200 2MS_6461-e1675192473625.jpg
nationalbankopen.com/wp-content/uploads/2022/10/ 423 KB
424 KB 26ms
25ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nationalbankopen.com/wp-content/uploads/2022/10/2MS_6461-e1675192473625.jpg
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b20de5289b8b4e568465be38c98c336d52e4b87a3c9a744a37e8ef677c6159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 69877
cf-polished: origSize=494412, status=webp_bigger
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 433183
cf-bgj: imgq:100,h2pri
last-modified: Sun, 12 Feb 2023 07:10:27 GMT
server: cloudflare
etag: "bcd67a3e7a867321adb98b72edf921b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ElAyuJ9Wy51EuzsDv3qzN2jhINNCJppZ%2FhCNtpUCiNd5O97qxbxCFcuxoyo6P5%2FqvINMT0pJI%2BPgPLoWe%2BkaPeVa8sYdvbzElE1Cu86bANxlJmjsuSb0qNfYCqI2EyQWTGMhiMF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79c8432228899bbf-FRA
expires: Tue, 21 Mar 2023 20:02:06 GMT

GET
H3 200 NADAL_Rafael_20190807_PR_017-e1626225496937-1.jpg
nationalbankopen.com/wp-content/uploads/2022/12/ 135 KB
136 KB 58ms
57ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nationalbankopen.com/wp-content/uploads/2022/12/NADAL_Rafael_20190807_PR_017-e1626225496937-1.jpg
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d92baf6fb5e9702284b08171e5cb71811fcbd81f0f68d1b58a991b7906141e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63952
cf-polished: origSize=168223, status=webp_bigger
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 138641
cf-bgj: imgq:100,h2pri
last-modified: Wed, 28 Dec 2022 07:22:09 GMT
server: cloudflare
etag: "f18b089d26cd1b6224446742dd247470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYWFZ03ApFSV4g%2Bu5uHaTRu6H%2BeF%2FS9lFB9PrKl9miEEI9GBqJwP36zWhf1H7kI0vdemO4iWb1twNPv9BTBRn8%2F8UWnw2s5KX9oB0hXNag5DsPd5EL61zy8rkDQconbOSr3qI4k4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79c84322288b9bbf-FRA
expires: Tue, 21 Mar 2023 21:40:51 GMT

GET
H3 200 20180807-ppower1453-1-6-e1664899245805.jpg
nationalbankopen.com/wp-content/uploads/2019/10/ 147 KB
148 KB 18ms
17ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nationalbankopen.com/wp-content/uploads/2019/10/20180807-ppower1453-1-6-e1664899245805.jpg
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: eecb17e464400ccf4ef386885fd53f6e6105c2ca0e1084affce8dc6793c4f2f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63952
cf-polished: origSize=188617, status=webp_bigger
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 150707
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Oct 2022 07:10:10 GMT
server: cloudflare
etag: "5d238ed723b61f1cbe057a8279398f1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2HEjAwGpxZb2bOa7uwWk4i4%2F9xOeUWCrzpAz7h0IqySd%2FXA4e589HzApnJ%2FNXK%2BgBaogCDiuOYJKP1JD%2BUbhquaT54jl6Sz7koYZfKmkoEvBbzP1E6EzFNT7%2FpkJD65U41ugzBUy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79c84322288c9bbf-FRA
expires: Tue, 21 Mar 2023 21:40:51 GMT

GET
H3 200 Auger-Aliassime_felix_12177.jpg
nationalbankopen.com/wp-content/uploads/2022/12/ 330 KB
331 KB 61ms
61ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nationalbankopen.com/wp-content/uploads/2022/12/Auger-Aliassime_felix_12177.jpg
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d2ace1d858beb521a39960cc81249567788a6e2815f603042f7ea3c835a3313

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63952
cf-polished: origFmt=jpeg, origSize=642759
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Auger-Aliassime_felix_12177.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 338160
cf-bgj: imgq:100,h2pri
last-modified: Wed, 28 Dec 2022 07:16:11 GMT
server: cloudflare
etag: "7236b2a24b6e57c7c8496ed17dbb1b2f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uv%2Fx67Zu1ta7i8Sz6scHann%2BmmhfJK%2FWci1oSdoi5ivju%2FHq%2B%2F2TyXInXC%2B0RXnNXEBC0G8E36UHq9mdf0H1AwDJZyz%2FbCj5qBpLgTJLEB7gvaryn%2FlZ36iNlMSagqcsrIOVMCH8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79c84322288f9bbf-FRA
expires: Tue, 21 Mar 2023 21:40:51 GMT

GET
H3 200 AUGER-ALIASSIME_Felix_20190806_PR_246-2-768x768.jpg
nationalbankopen.com/wp-content/uploads/2019/10/ 50 KB
51 KB 59ms
55ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nationalbankopen.com/wp-content/uploads/2019/10/AUGER-ALIASSIME_Felix_20190806_PR_246-2-768x768.jpg
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52ea7a22b775d2b8989634eedad7bd2941c054b5b9098cfe55852aff43382deb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73684
cf-polished: origSize=63994, status=webp_bigger
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51528
cf-bgj: imgq:100,h2pri
last-modified: Mon, 14 Oct 2019 07:47:08 GMT
server: cloudflare
etag: "d0d918fc271c931326ca769fbf5556c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6d0%2BiIC%2BMDce3KiRCHseE1EhVkLALoQ%2Fdm4la%2BWAxbaG9xPkhmRwOTefn3kRZt1m%2Fsv9PphGeVsp1%2FYDqWoytcLSsQWyKIj%2BjkpicP%2BHeS9TT%2FbwxGVdMHnDcUJC6CSOr%2FVRCrp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79c8432248d79bbf-FRA
expires: Tue, 21 Mar 2023 18:58:39 GMT

GET
H3 200 20220808_PP_NBO2022_TA10824400019-e1660085796786-768x768.jpg
nationalbankopen.com/wp-content/uploads/2022/08/ 71 KB
71 KB 47ms
44ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nationalbankopen.com/wp-content/uploads/2022/08/20220808_PP_NBO2022_TA10824400019-e1660085796786-768x768.jpg
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8c5f0592db51e5bce4c757dfb94cb1ca930d8f5c1f2f35f59d3e18c3c26174a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83054
cf-polished: origSize=90771, status=webp_bigger
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72329
cf-bgj: imgq:100,h2pri
last-modified: Sun, 21 Aug 2022 07:10:47 GMT
server: cloudflare
etag: "d38e3b86a281d83e11bb5f05c76a9e19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4gSZTzAukFs4pHrdM6S93x2pM7Sm6Pk5MpE6jTPitr2Jtkts1kcR6AF0itawqmzP1iKyVOFf5eMZ7SzCfC7B7GJodaBLj9Xw4CbePo7Z39qNRRLEu0Z7IMLIIz1WtoHBzkoLNuwx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79c8432248d89bbf-FRA
expires: Tue, 21 Mar 2023 16:22:29 GMT

GET
H3 200 273873571_5116339095090372_6205527657953308075_n-e1676308164368-1300x669.jpg
nationalbankopen.com/wp-content/uploads/2023/02/ 105 KB
105 KB 49ms
45ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nationalbankopen.com/wp-content/uploads/2023/02/273873571_5116339095090372_6205527657953308075_n-e1676308164368-1300x669.jpg
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6add7cecb53f7d1c2c26f4c5f3e7b87abdacf5bf6af43b3905d3ea62759b1a77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63952
cf-polished: origSize=110754, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 107253
cf-bgj: imgq:100,h2pri
last-modified: Mon, 13 Feb 2023 17:09:24 GMT
server: cloudflare
etag: "63ea6ec4-1b0a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e430ZQjFHo0j6IwUXjdroP8ySCTiZt0HVaf27V%2Fzu0ZqKkKhrQCKFda7nsYogC1NqcFeGEF7yN9FWs%2FoGJhdmNwM4uaeaFC%2Blg0WNLQzCWwvt606hh19sT14l%2B%2FxLB7h73PzyhxX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c8432248dc9bbf-FRA
expires: Tue, 21 Mar 2023 21:40:51 GMT

GET
H3 200 ashe-landscape-1000x761-1-e1675705832317-1000x669.jpg
nationalbankopen.com/wp-content/uploads/2023/02/ 119 KB
120 KB 50ms
47ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nationalbankopen.com/wp-content/uploads/2023/02/ashe-landscape-1000x761-1-e1675705832317-1000x669.jpg
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe971a2f7da3d2357053fda7375bc86812556801f43a2440b9a8507d0556d960

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63952
cf-polished: origSize=141608, status=webp_bigger
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 121803
cf-bgj: imgq:100,h2pri
last-modified: Sat, 18 Feb 2023 07:10:20 GMT
server: cloudflare
etag: "934b8092ff7b083547418f88191d590c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLGoyttbk8d329sIcSunwwerPflsSHsdmclb%2FLEbr5N%2BIlZ7jgx%2BXelEZrPJtEkQrqSqibHrMA9E%2Fr2gLGFZS24CJ74cXp3gvVxXFVfk1xKdebR8b2r5IwylHtTcTEzCkeYGOywo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79c8432248e09bbf-FRA
expires: Tue, 21 Mar 2023 21:40:51 GMT

GET
H3 200 3MS_1371-e1675177893771-1300x669.jpg
nationalbankopen.com/wp-content/uploads/2023/01/ 94 KB
95 KB 51ms
48ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nationalbankopen.com/wp-content/uploads/2023/01/3MS_1371-e1675177893771-1300x669.jpg
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d09c2958b18bba0794da34c5ad7639cd34c226651672407e8930bd0ffae87a05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63936
cf-polished: origSize=124947, status=webp_bigger
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 96256
cf-bgj: imgq:100,h2pri
last-modified: Sun, 12 Feb 2023 07:10:32 GMT
server: cloudflare
etag: "48ad2f5999e39ad47c446971b81b3ebe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzbO8J8exShur9284w7uApuFvmvZiX60ad9dGURCt4el8GgXCOAN7rj%2B4YwCwcnCETFgxcZbz0ZFZbObn21tQtuu%2BXrkC%2FSaGxUykz0cqul%2FskK71JBIwW0dC9iJ%2FyxHoj3cNsmS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79c8432248e19bbf-FRA
expires: Tue, 21 Mar 2023 21:41:07 GMT

GET
H3 200 FnpbDpLWIAAWhE2-1300x669.jpg
nationalbankopen.com/wp-content/uploads/2023/01/ 130 KB
130 KB 53ms
50ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nationalbankopen.com/wp-content/uploads/2023/01/FnpbDpLWIAAWhE2-1300x669.jpg
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1d73b3db89a7ba0b25c382eb337919af53b8696ad362901d4f9412cd6cab932

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 333647
cf-polished: origSize=138949, status=webp_bigger
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 132901
cf-bgj: imgq:100,h2pri
last-modified: Sat, 11 Feb 2023 07:10:12 GMT
server: cloudflare
etag: "860ac1ab7b5fd22a7c044ac9ab7be0c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcXv9fQIdmzpLa3ldNVZXpoAXiONkxlfqlsuSJaFs02EdwOaYttY%2FMLVnFQBs1luD14d7vikO0pUYFdL%2BOYbZSceoINXxFYV3XiKlmQFqUB5YK2JD5tduYGX9G%2FUYjXPMjnuo%2FnG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79c8432248e59bbf-FRA
expires: Sat, 18 Mar 2023 18:45:56 GMT

GET
H3 200 20220808_TA_NBO2022_TAR08689--1200x669.jpg
nationalbankopen.com/wp-content/uploads/2022/12/ 170 KB
171 KB 54ms
52ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nationalbankopen.com/wp-content/uploads/2022/12/20220808_TA_NBO2022_TAR08689--1200x669.jpg
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e61c681f09c8727469b11dc4bf57067429df88f5d8c58d9be673d8f83a9dbd9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 333646
cf-polished: origSize=188514, status=webp_bigger
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 174413
cf-bgj: imgq:100,h2pri
last-modified: Sun, 22 Jan 2023 07:10:19 GMT
server: cloudflare
etag: "19954aac283696ecafffca7bf9eaa5ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zoLGenY9d7NCmqhJx81ke3pKSinWmWXAyMsreDBrywZST7NAKsQCiws3wkebhwpY0iid25P%2Fpsj3DSH4ST9LhuiFrJl%2B5g%2FXEYlZyPhzOWkA6roWdgW6N7s2saOHQyNRdd%2BhaxY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79c8432248e89bbf-FRA
expires: Sat, 18 Mar 2023 18:45:57 GMT

GET
H3 200 MS103121-e1671473445656-1104x669.jpg
nationalbankopen.com/wp-content/uploads/2022/12/ 110 KB
111 KB 59ms
56ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nationalbankopen.com/wp-content/uploads/2022/12/MS103121-e1671473445656-1104x669.jpg
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc608326c9620e7df87da46c341cabbbc7eefc5069c2099085b484975bd7d32d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 333645
cf-polished: origSize=146046, status=webp_bigger
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 112847
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 07:10:10 GMT
server: cloudflare
etag: "923845f925c88f7738d88c4fcf66b8af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yX4Kd80l7QzFMiQGrA0cXIq4JNFxMLtZyfd2wprPssvdPZwHMmxIMKseqKX87dFrB0LwP7csvxPxA7aJprsCoz3KIhBCq0FI0NnKB5LB09deOEl8FJJaabokPcXz2QnJmh8B6lCD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79c8432248ec9bbf-FRA
expires: Sat, 18 Mar 2023 18:45:57 GMT

GET
H3 200 MS107763_1-1-e1669840968138-1300x669.jpg
nationalbankopen.com/wp-content/uploads/2022/12/ 217 KB
218 KB 60ms
58ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nationalbankopen.com/wp-content/uploads/2022/12/MS107763_1-1-e1669840968138-1300x669.jpg
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c42ba4787cb565671ee01e77b5825f78152474cfbc5b3c1b11ba1a5eb6cfab5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 333645
cf-polished: origSize=270886, status=webp_bigger
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 222390
cf-bgj: imgq:100,h2pri
last-modified: Wed, 28 Dec 2022 07:21:10 GMT
server: cloudflare
etag: "d9da000e1be3889057f5d4f6083dfff5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vWBFvTSNbE3LvWaT%2FhsFw7FkfTVDOrjAUXjGfOL%2B4P3yyKTq34qYT3Q8qAs%2FmilqRs%2B0P0qf2326uz8PJYhKOv3JFzB6X%2Bu0%2B3NtX5n12VRh04hGooL4UZ0znPCXjaixfrZTq19"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79c8432248ee9bbf-FRA
expires: Sat, 18 Mar 2023 18:45:58 GMT

GET
H3 200 MicrosoftTeams-image-30-1400x1280.jpg
nationalbankopen.com/wp-content/uploads/2022/01/ 192 KB
193 KB 63ms
61ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nationalbankopen.com/wp-content/uploads/2022/01/MicrosoftTeams-image-30-1400x1280.jpg
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c2d000e5a6032fb72ffaec924492f50c5c1f7efd08983ae977ab22f093001d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63925
cf-polished: origSize=229686, status=webp_bigger
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 196721
cf-bgj: imgq:100,h2pri
last-modified: Tue, 01 Feb 2022 07:10:31 GMT
server: cloudflare
etag: "8e09c8226f56ade713d9f999e4c24ed7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmkwbuWkHU3aIkvCdPYwHbSi8IpGJeaJI9B%2BXO%2B64pPbqnD4FGRoVKbR5unnDkXwiXRjhOm77DUDsHBVNVo0jvITz3cJYV0hnOuKFFzC9lYJVcsY4I8X0VlQtgqWgU%2FFPJXnzNSJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79c8432248f09bbf-FRA
expires: Tue, 21 Mar 2023 21:41:18 GMT

GET
H3 200 20180812-ppower2230-5-1400x1280.jpg
nationalbankopen.com/wp-content/uploads/2019/10/ 104 KB
104 KB 67ms
64ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nationalbankopen.com/wp-content/uploads/2019/10/20180812-ppower2230-5-1400x1280.jpg
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a593c994f5b0b61e0626779fb9448e29e23436c2e08653135839a8f752fe566

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63924
cf-polished: origSize=116877, status=webp_bigger
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 106086
cf-bgj: imgq:100,h2pri
last-modified: Mon, 14 Oct 2019 07:35:52 GMT
server: cloudflare
etag: "7236e94711c50cecb4ad02a3ebc2d714"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltCKk7%2FmcxcTTIOgH%2FTO%2FdSJLyN2sQ%2B3XzqrAaA5lVSiUyN4RoRr98B1dwT2DM%2FnI9AZB2ja%2FLyw9xEVFFzNX2JIULW%2BegDfeEboQfNb0hYv7FI9RoFoeyO6UiW3mR9H5%2FaDTOtQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79c8432248f29bbf-FRA
expires: Tue, 21 Mar 2023 21:41:19 GMT

GET
H3 200 toronto-2-1400x1154.jpg
nationalbankopen.com/wp-content/uploads/2020/06/ 394 KB
395 KB 68ms
66ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nationalbankopen.com/wp-content/uploads/2020/06/toronto-2-1400x1154.jpg
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9352fd9ae27e18eb3eb1d579fd2bd63954f5819a4e516c877402e148cd77f9e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63923
cf-polished: origSize=426858, status=webp_bigger
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 403366
cf-bgj: imgq:100,h2pri
last-modified: Mon, 29 Jun 2020 07:10:05 GMT
server: cloudflare
etag: "de174b9ba2b6b3a039bdcc6b6314af4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JUQELhfZJhsQl3x%2FBD%2BRcH2903IkYJ8Elr6EHLJM4el03hdaWPOZqWyEGY3KghdF3t7PUeTszDX7a7wjvoqv7lHG%2BHqyqscNehHpPpfBAvDi8Hf4Jy1hRPuI3rNYH5tavin94NP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79c8432248f39bbf-FRA
expires: Tue, 21 Mar 2023 21:41:20 GMT

GET
H2

200

asset_composer.js Show response
static.zdassets.com/ekr/
Redirect Chain

https://v2.zopim.com/?5qQGcRV1pFGLctuRo6PaxcmXeEoYyXKB
https://static.zdassets.com/ekr/asset_composer.js

23 KB
7 KB

68ms
18ms

Script
application/javascript

104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/asset_composer.js

Requested by

Host: nationalbankopen.com
URL: https://nationalbankopen.com/

Protocol

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
x-amz-version-id: 57KHzv0Z81imwMa0XxScJAmcLiHhq1Ku
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: XY5D2CTXC1077HSZ
age: 32
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 23f9iABdfzkYym5z2k3r8D7PhWTioP4qeIBVDGdzOV/hVpe9pZ/bWaHdpa8T5sgNarQ5/rONzngjzqmfLux7Jg==
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
server: cloudflare
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cbc2nuTFS6qsrux4ZdBog4msmc19YopTYYKOS0VKUb8Mgta9Sk3947J1I2H0DRYnuS4XEytu%2FhDWuB85N3V0ozpGwNoBDursObE3rMMy7%2BKDJ2OcRYnGs4OQ2KW9p1IyJ6INBTg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 79c843234f1390dc-FRA

Redirect headers

location: https://static.zdassets.com/ekr/asset_composer.js
date: Mon, 20 Feb 2023 15:26:43 GMT
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 79c843227d0d68e5-FRA
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 jaotama-window-opener.js Show response
nationalbankopen.com/wp-content/plugins/jaotama/ 771 B
871 B 72ms
71ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://nationalbankopen.com/wp-content/plugins/jaotama/jaotama-window-opener.js?ver=1671205804
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29e6ab5f1b1f9f4b555bad1fbb2da5f4c138898e2f1d494f9a2f357e1fc73e88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 15:50:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 416673
etag: W/"639c93ac-303"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YI1FKYHWWiMeaaT%2FeJD5fsQX3rAGQr8YDr9bdUVbdWK8Gu1oafCUB3t6adnfocnx6OkUjyqjZ5e19Q00lPbAA2Y0prmA3VJjHPYwI%2BMs%2FIK2lqeaICc8hoX2r%2FR6seInRDOxp5uY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c8432248f79bbf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 thickbox.js Show response
nationalbankopen.com/wp-includes/js/thickbox/ 13 KB
4 KB 69ms
68ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://nationalbankopen.com/wp-includes/js/thickbox/thickbox.js?ver=1671205794
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0e09e793fb79507dc97ed702a4c2c9c00ab4d1677bd45bcd112e203c96dd661

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 15:49:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 416673
etag: W/"639c93a2-33ba"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THHtEwt2EcM3Tp%2B%2F14w4yRt3RqO%2Ba6J6aTAUNxzlJowWtq2gMTX0NKxSyOqKe6vVob6m5SeiwrMf4f%2B79q8OLPI2ODOcd1bcQx%2BtnOiVs68%2FzO1FW%2BUVao%2F00yYCY3W9yln4XQQO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c8432249039bbf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 analytics-rc.js Show response
nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/js/ 2 KB
1 KB 69ms
68ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/js/analytics-rc.js?ver=1671205801
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 593a68ade2fe9f17eed6f55d03c2c0ee118d128cccefd81b1457537a97ecbea4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 15:50:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 680556
etag: W/"639c93a9-8dc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSZ2hNv9RNsHp82GVdufvHgL06p5EKlBKSJZwuAs7mA3ALBQEHbyrA39PdfjgCPuqzTltDu6LMyZ2RS56nAR07WVKcXthcL0Xe9TXhJkYiXXcDMu6u23JzlMptp%2BZqRYk01vbSRP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c8432249099bbf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 main.js Show response
nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/js/ 1 MB
316 KB 70ms
68ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/js/main.js?ver=1671205801
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fde50f037e26084e2c58a5dbf699ed2e08401264822e96e7e9e09886de780489

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 15:50:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 680556
etag: W/"639c93a9-13e24e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4O4MXAOvaODEKI0mu%2BFoOe2jScng7Sb%2FUnZ7KNz8r99X9uMZRffJk9GTEgllfqIqtdMtfl9CoH9ha4%2BHgZB2ExLrHtV%2F4pbOWKHFhOmIP1vRXgj2j%2FxhKTGuzchw86CKBKQOs1L%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c84322490c9bbf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/937126172/ 2 KB
1 KB 73ms
51ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/937126172/?random=1676906803695&cv=11&fst=1676906803695&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=Site%20Visits&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fnationalbankopen.com%2F&tiba=Home%20-%20National%20Bank%20Open&auid=500775428.1676906804&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MHMRC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d6c39ae510c9f4ce91311508f591c84c0009b3a6bb34a5790b65697a3a6f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 896
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-2543733.js Show response
static.hotjar.com/c/ 9 KB
4 KB 94ms
44ms Script
application/javascript 13.225.78.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2543733.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MHMRC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-63.fra2.r.cloudfront.net

Software

Resource Hash

cfeda91a1bbe2bfd7bcac746ed2e5af8e7dd1039b6b8d780f329a7f39b540801

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 20 Feb 2023 15:26:43 GMT
via: 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/15182fef22bb44d71b67bf6ff901a2d4
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: nThVoRzM8MnrqbDjf6h0Y5ewlA1dDlni-vz3KOqVRgK2V16wWHePkg==

GET
H2

200

0396f0fb-9e31-4227-8f86-fad5e1d9d22f_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/0396f0fb-9e31-4227-8f86-fad5e1d9d22f.js
https://cdn.mouseflow.com/projects/0396f0fb-9e31-4227-8f86-fad5e1d9d22f_eu.js

60 KB
17 KB

23ms
22ms

Script
application/javascript

151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/0396f0fb-9e31-4227-8f86-fad5e1d9d22f_eu.js
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H2
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 8dc6293742b103cd51292133a4e5a73361429a6320a7e7b53b03522b299ea41d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
content-encoding: gzip
last-modified: Wed, 15 Feb 2023 23:19:02 GMT
server
etag: "42219e49341d91:0"
x-hw: 1676906803.cds234.lo4.hn,1676906803.cds318.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 17499

Redirect headers

date: Mon, 20 Feb 2023 15:26:43 GMT
x-hw: 1676906803.cds234.lo4.hn,1676906803.cds282.lo4.c
location: https://cdn.mouseflow.com/projects/0396f0fb-9e31-4227-8f86-fad5e1d9d22f_eu.js
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-hw-loc: https://cdn.mouseflow.com/projects/0396f0fb-9e31-4227-8f86-fad5e1d9d22f.js
content-length: 0

GET
H2

200

activityi;dc_pre=CIe089K0pP0CFcmUmwodIcMGhw;src=12743290;type=nboobn;cat=tenni0;ord=1;num=1251698602957;gtm=45He32f0;auiddc=500775428.1676906804;~oref=https%3A%2F%2Fnationalbankopen.com%2F Show response
12743290.fls.doubleclick.net/ Frame A4F0
Redirect Chain

https://12743290.fls.doubleclick.net/activityi;src=12743290;type=nboobn;cat=tenni0;ord=1;num=1251698602957;gtm=45He32f0;auiddc=500775428.1676906804;~oref=https%3A%2F%2Fnationalbankopen.com%2F?
https://12743290.fls.doubleclick.net/activityi;dc_pre=CIe089K0pP0CFcmUmwodIcMGhw;src=12743290;type=nboobn;cat=tenni0;ord=1;num=1251698602957;gtm=45He32f0;auiddc=500775428.1676906804;~oref=https%3A%...

996 B
864 B

50ms
50ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12743290.fls.doubleclick.net/activityi;dc_pre=CIe089K0pP0CFcmUmwodIcMGhw;src=12743290;type=nboobn;cat=tenni0;ord=1;num=1251698602957;gtm=45He32f0;auiddc=500775428.1676906804;~oref=https%3A%2F%2Fnationalbankopen.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MHMRC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

fba55f1480eecd752896d73b303e80570d55d30f13ae95270f08e1a0a6b1db59

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nationalbankopen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 526
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:43 GMT
expires: Mon, 20 Feb 2023 15:26:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12743290.fls.doubleclick.net/activityi;dc_pre=CIe089K0pP0CFcmUmwodIcMGhw;src=12743290;type=nboobn;cat=tenni0;ord=1;num=1251698602957;gtm=45He32f0;auiddc=500775428.1676906804;~oref=https%3A%2F%2Fnationalbankopen.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 404 rt.min.js
tag.retargeter.com/rt/3139/ 0
0 576ms
207ms Script
text/html 35.185.45.56
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.retargeter.com/rt/3139/rt.min.js?t=19408
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.185.45.56 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 56.45.185.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 41ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: nationalbankopen.com
URL: https://nationalbankopen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Feb 2023 15:26:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: rBn7EOthGJJdVRUvX2rlN79NXIFr5aWxrd1ZdwEyJ8Xq3qlNa7pO8TKXckKMmBKaXLtLktD532CzZnQOSHCBgA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=25077528&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25077528%26t%3D1

0
1 KB

14ms
14ms

Script
application/javascript

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25077528%26t%3D1

Requested by

Host: nationalbankopen.com
URL: https://nationalbankopen.com/

Protocol

HTTP/1.1

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Feb 2023 15:26:43 GMT
AN-X-Request-Uuid: 21fb56b1-bfde-4b3b-a395-c0a16b6df332
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.194.163; 217.138.194.163; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Mon, 20 Feb 2023 15:26:43 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.194.163; 217.138.194.163; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f662edce-7e37-4cd0-9a83-e02f19e53560
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25077528%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 embedder Show response
chat.satis.fi/popup/ 163 KB
53 KB 151ms
118ms Script
application/javascript 34.111.146.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.satis.fi/popup/embedder?popupId=6186
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MHMRC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.146.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.146.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 16eaaee71aba530be0a224ca50e8856e6b497925fd4405148889d4dfc5ba0a39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
content-encoding: gzip
via: 1.1 google
server: Microsoft-IIS/10.0
etag: AD01ED7A1FE9F9C34DE5B00A5CB0020C
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54388

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 36ms
11ms Script
application/x-javascript 13.225.85.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MHMRC
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.85.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-85-149.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 15:58:06 GMT
Content-Encoding: gzip
Via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
Age: 84518
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: fazxY9pn9RZ7v-fZirnwKUsrmlXuUVCymZnJnmtCgxjHvlUZ5NDm3Q==

GET 1444178374629230873
acuityplatform.com/Adserver/pxlj/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
79 KB 49ms
49ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1HBTKC8GNZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MHMRC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb19f5976cb508c369d2f844bf7cb0a49dd5aeef00af10efe961715eb462ad04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80639
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 20 Feb 2023 15:26:43 GMT

GET
H2 200 / Show response
tcadserver.rain-digital.ca/rc-en/ 2 KB
1 KB 866ms
807ms XHR
text/html 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://tcadserver.rain-digital.ca/rc-en/?v=2&ads=roaming_html%2Chome_takeover_top%2Chome_news_card_1%2Chome_news_card_2%2Chome_takeover_bottom
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/wp-includes/js/jquery/jquery.min.js?ver=1671205794
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: e6213bc75147efbaab2f10468065f2c2e9ea0bffb26c9972d18fff7974c0705d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://nationalbankopen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
x-cache-group: normal
content-encoding: br
cf-cache-status: DYNAMIC
x-cacheable: SHORT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: WP Engine
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApsEVbJbdBOg9GvtidQsWNPggT2blCV1VIjpTBA8sZHJH0al1mE2MAVuEMTDdLR2gEkiWztxHblo6WVhMIv%2F1%2BcH7FoYA%2B5Gvzqs%2B%2BeOKQJMXsyaumblnPByWL0ZNuRYbicSwJv0hTf7vS0R"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate
cf-ray: 79c8432429ebbb9b-FRA
link: <https://tcadserver.rain-digital.ca/wp-json/>; rel="https://api.w.org/", <https://tcadserver.rain-digital.ca/wp-json/wp/v2/pages/83>; rel="alternate"; type="application/json", <https://tcadserver.rain-digital.ca/?p=83>; rel=shortlink

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 60ms
24ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: nationalbankopen.com
URL: https://nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/js/main.js?ver=1671205801

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

21437cf9c0d87c2e3c6ade864137f5536fd865a64333075ce431174e342dee74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 20 Feb 2023 15:26:43 GMT

GET
H2 200 dc_pre=CIe089K0pP0CFcmUmwodIcMGhw;src=12743290;type=nboobn;cat=tenni0;ord=1;num=1251698602957;gtm=45He32f0;auiddc=*;~oref=https%3A%2F%2Fnationalbankopen.com%2F
adservice.google.com/ddm/fls/z/ Frame A4F0 42 B
401 B 65ms
43ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIe089K0pP0CFcmUmwodIcMGhw;src=12743290;type=nboobn;cat=tenni0;ord=1;num=1251698602957;gtm=45He32f0;auiddc=*;~oref=https%3A%2F%2Fnationalbankopen.com%2F

Requested by

Host: 12743290.fls.doubleclick.net
URL: https://12743290.fls.doubleclick.net/activityi;dc_pre=CIe089K0pP0CFcmUmwodIcMGhw;src=12743290;type=nboobn;cat=tenni0;ord=1;num=1251698602957;gtm=45He32f0;auiddc=500775428.1676906804;~oref=https%3A%2F%2Fnationalbankopen.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12743290.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.js Show response
w.soundcloud.com/player/ 5 KB
4 KB 148ms
20ms Script
application/javascript 18.66.15.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://w.soundcloud.com/player/api.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MHMRC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-12.vie50.r.cloudfront.net

Software

am/2 /

Resource Hash

fe7be71169532a67a19a2178113658e2cf55413a21635fcd0a89060c839a5be6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:22:56 GMT
via: sssr, 1.1 7813cdcdfb1cffa9f5c7d09f66440476.cloudfront.net (CloudFront)
content-encoding: gzip
strict-transport-security: max-age=63072000
x-amz-cf-pop: VIE50-P1
age: 228
x-cache: Hit from cloudfront
p3p: policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT"
last-modified: Wed, 15 Feb 2023 09:18:11 GMT
server: am/2
etag: W/"15a4-186545dfc38"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=300
accept-ranges: bytes
x-amz-cf-id: 4a4NUwoZqZ6aylH5HH4DZjTIF3cHjYWGHwJHW-DbfugNYBjsSp8ykw==

GET
H3

200

activityi;dc_pre=CJeR_dK0pP0CFQbMmgoddAULWw;src=4923687;type=gar_r0;cat=gar_o0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7891649075843.365 Show response
4923687.fls.doubleclick.net/ Frame 407C
Redirect Chain

https://4923687.fls.doubleclick.net/activityi;src=4923687;type=gar_r0;cat=gar_o0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7891649075843.365?
https://4923687.fls.doubleclick.net/activityi;dc_pre=CJeR_dK0pP0CFQbMmgoddAULWw;src=4923687;type=gar_r0;cat=gar_o0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7891649075843.365?

387 B
236 B

847ms
847ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4923687.fls.doubleclick.net/activityi;dc_pre=CJeR_dK0pP0CFQbMmgoddAULWw;src=4923687;type=gar_r0;cat=gar_o0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7891649075843.365?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MHMRC

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

2139be9a481a8fe05fa3d267455d2106a968cf8d056cb331e2415269f7762fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nationalbankopen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:44 GMT
expires: Mon, 20 Feb 2023 15:26:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://4923687.fls.doubleclick.net/activityi;dc_pre=CJeR_dK0pP0CFQbMmgoddAULWw;src=4923687;type=gar_r0;cat=gar_o0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7891649075843.365?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CNiz_dK0pP0CFUm5mgodkIQCLw;src=5357220;type=bnc-d0;cat=bnc-d008;u1=[Campaign%20Name];u5=couperogers;u7=2nd-party;u8=couperogers;u9=[Section];dc_lat=;dc_rdid=;tag_for_child_directed... Show response
5357220.fls.doubleclick.net/ Frame 1C32
Redirect Chain

https://5357220.fls.doubleclick.net/activityi;src=5357220;type=bnc-d0;cat=bnc-d008;u1=[Campaign%20Name];u5=couperogers;u7=2nd-party;u8=couperogers;u9=[Section];dc_lat=;dc_rdid=;tag_for_child_direct...
https://5357220.fls.doubleclick.net/activityi;dc_pre=CNiz_dK0pP0CFUm5mgodkIQCLw;src=5357220;type=bnc-d0;cat=bnc-d008;u1=[Campaign%20Name];u5=couperogers;u7=2nd-party;u8=couperogers;u9=[Section];dc_...

1 KB
595 B

51ms
51ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5357220.fls.doubleclick.net/activityi;dc_pre=CNiz_dK0pP0CFUm5mgodkIQCLw;src=5357220;type=bnc-d0;cat=bnc-d008;u1=[Campaign%20Name];u5=couperogers;u7=2nd-party;u8=couperogers;u9=[Section];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5914317543352.299?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MHMRC

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

f2af4132aa03dad52b1931332adb80b108aa1bbfd98ab868711f6265018108cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nationalbankopen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 572
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:44 GMT
expires: Mon, 20 Feb 2023 15:26:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5357220.fls.doubleclick.net/activityi;dc_pre=CNiz_dK0pP0CFUm5mgodkIQCLw;src=5357220;type=bnc-d0;cat=bnc-d008;u1=[Campaign%20Name];u5=couperogers;u7=2nd-party;u8=couperogers;u9=[Section];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5914317543352.299?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CNm1_dK0pP0CFUrOmgodUrAP1Q;src=5357220;type=cprogers;cat=bnc-b00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID] Show response
5357220.fls.doubleclick.net/ Frame 4492
Redirect Chain

https://5357220.fls.doubleclick.net/activityi;src=5357220;type=cprogers;cat=bnc-b00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID]?
https://5357220.fls.doubleclick.net/activityi;dc_pre=CNm1_dK0pP0CFUrOmgodUrAP1Q;src=5357220;type=cprogers;cat=bnc-b00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID]?

1 KB
564 B

46ms
46ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5357220.fls.doubleclick.net/activityi;dc_pre=CNm1_dK0pP0CFUrOmgodUrAP1Q;src=5357220;type=cprogers;cat=bnc-b00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID]?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MHMRC

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

d6002ddf1abb1f5c8d7535ffbbf5e5bef31c8299a8d06f1278c5511c016b5d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nationalbankopen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 541
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:44 GMT
expires: Mon, 20 Feb 2023 15:26:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5357220.fls.doubleclick.net/activityi;dc_pre=CNm1_dK0pP0CFUrOmgodUrAP1Q;src=5357220;type=cprogers;cat=bnc-b00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID]?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CPaQ_NK0pP0CFcjKmgodJ_YJbQ;src=6037123;type=sportrtg;cat=roger00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3754518318220.812 Show response
6037123.fls.doubleclick.net/ Frame 375C
Redirect Chain

https://6037123.fls.doubleclick.net/activityi;src=6037123;type=sportrtg;cat=roger00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3754518318220.812?
https://6037123.fls.doubleclick.net/activityi;dc_pre=CPaQ_NK0pP0CFcjKmgodJ_YJbQ;src=6037123;type=sportrtg;cat=roger00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3754518318220...

401 B
244 B

49ms
49ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6037123.fls.doubleclick.net/activityi;dc_pre=CPaQ_NK0pP0CFcjKmgodJ_YJbQ;src=6037123;type=sportrtg;cat=roger00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3754518318220.812?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MHMRC

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

41a9735e301338e9df8c4ecaeb916cc798b49ac38ba9740b784cd02f42eaaf97

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nationalbankopen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 221
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:44 GMT
expires: Mon, 20 Feb 2023 15:26:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6037123.fls.doubleclick.net/activityi;dc_pre=CPaQ_NK0pP0CFcjKmgodJ_YJbQ;src=6037123;type=sportrtg;cat=roger00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3754518318220.812?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK VisitorAPI.js Show response
www.bnc.ca/content/dam/bnc/fr/outils/adobeanalytics/ 26 KB
11 KB 492ms
218ms Script
application/javascript 104.64.112.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bnc.ca/content/dam/bnc/fr/outils/adobeanalytics/VisitorAPI.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MHMRC

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.112.94 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-112-94.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9c7808f8e99aabb6e8f7295faf5e96fcb7386052fa4a7ffe7d7400479d811859

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .bnc.ca .nbc.ca;
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000;
Content-Security-Policy: frame-ancestors 'self' *.bnc.ca *.nbc.ca;
X-Content-Type-Options: nosniff
Date: Mon, 20 Feb 2023 15:26:44 GMT
Last-Modified: Mon, 20 Feb 2023 14:44:16 GMT
Server: Apache
Content-Encoding: gzip
ETag: "69aa-5f522b2842d47-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10596

GET
H3 200 loadingAnimation.gif
nationalbankopen.com/wp-includes/js/thickbox/ 5 KB
5 KB 23ms
23ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nationalbankopen.com/wp-includes/js/thickbox/loadingAnimation.gif
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32a9e55359d72ced7b4a934c2cf438f4120c5b8956ed57a04b305d1ac69bb5d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62581
cf-polished: origFmt=gif, origSize=15238
content-disposition: inline; filename="loadingAnimation.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5070
cf-bgj: imgq:100,h2pri
last-modified: Fri, 16 Dec 2022 15:49:54 GMT
server: cloudflare
etag: "639c93a2-3b86"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WllZ6t%2FLuk6keygvvSEwODjY%2B4uH5fg51xMA5H%2Fy1HgFAcxDW45Bgc%2FwP113wTMGGy%2BVORLkF3M4H1AXUxkQzCsNIX5%2FgPIHqZpZRZQ3XMeDXNldtf8BPkrZRtpNXFga8c8nwSpB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c843249daf9bbf-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: nationalbankopen.com
URL: https://nationalbankopen.com/wp-content/themes/rogerscup/assets/dist/js/analytics-rc.js?ver=1671205801

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 20 Feb 2023 14:54:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1919
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 20 Feb 2023 16:54:44 GMT

GET
H2 200 5qQGcRV1pFGLctuRo6PaxcmXeEoYyXKB Show response
ekr.zdassets.com/compose/zopim_chat/ 193 B
1013 B 222ms
198ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/zopim_chat/5qQGcRV1pFGLctuRo6PaxcmXeEoYyXKB

Requested by

Host: v2.zopim.com
URL: https://v2.zopim.com/?5qQGcRV1pFGLctuRo6PaxcmXeEoYyXKB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca0f5729436e36f25fb2444c341ea13eedd1b4256419f3a25bec63904dfe2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 79be062c5ffc3a62-SEA, 79be062c5ffc3a62-SEA
x-runtime: 0.004917
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"4ca0f5729436e36f25fb2444c341ea13"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38Fyogpy8zN01z9ykmYsfoUz9NQXhmsfO%2BTTWqF11AXy47HqTtRUy%2FNpclHHWbHdW5cfAVfSfNpRZun4pUI2ozfnIqmR%2FoPp0DNA%2FQwTCnLuJpet8Oo%2BnR0vx%2FN8jkl52O4%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
cf-ray: 79c84324cf9437d4-FRA

GET
H2 200 /
www.google.com/pagead/1p-user-list/937126172/ 42 B
455 B 107ms
45ms Image
image/gif 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/937126172/?random=1676906803695&cv=11&fst=1676905200000&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=Site%20Visits&frm=0&url=https%3A%2F%2Fnationalbankopen.com%2F&tiba=Home%20-%20National%20Bank%20Open&fmt=3&is_vtc=1&random=3935726720&rmt_tld=0&ipr=y

Requested by

Host: nationalbankopen.com
URL: https://nationalbankopen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/937126172/ 42 B
455 B 41ms
18ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/937126172/?random=1676906803695&cv=11&fst=1676905200000&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=Site%20Visits&frm=0&url=https%3A%2F%2Fnationalbankopen.com%2F&tiba=Home%20-%20National%20Bank%20Open&fmt=3&is_vtc=1&random=3935726720&rmt_tld=1&ipr=y

Requested by

Host: nationalbankopen.com
URL: https://nationalbankopen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.ee22917b5436a59a8012.js Show response
script.hotjar.com/ 263 KB
68 KB 31ms
8ms Script
application/javascript 13.224.189.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.ee22917b5436a59a8012.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2543733.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-26.fra2.r.cloudfront.net

Software

Resource Hash

0b7f26e99108e20145123456e95a533ae78b059180e2e4f0925daa79469832dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 11:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 13717
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68546
last-modified: Mon, 20 Feb 2023 11:37:34 GMT
etag: "9c5791fe8f3c0f81fe23c648d8bc415c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 0uizqEar-CxmvB4f1AUi9__7AaNkqBEg9HRNW7nXP_qKAxy2Jp2mYA==

GET
H2 200 515094145301711 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/515094145301711?v=2.9.96&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ebcb9cbe99245adf9d197d1cc6b47356d3d1db5e5edd24125a130b7ef5e20f0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Feb 2023 15:26:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110431
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: f80CFKfON5Qhs852nVhMIi1DMVKWRmfo+5uVNEPnEaJMr2CDIZLNUEEMrWkaot8W8w8T0iITRdqg4nPfcpIAUQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 40ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1HBTKC8GNZ&gtm=45je32f0&_p=167142979&_gaz=1&cid=1418668334.1676906804&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676906803&sct=1&seg=0&dl=https%3A%2F%2Fnationalbankopen.com%2F&dt=Home%20-%20National%20Bank%20Open&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_path=%2F
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1HBTKC8GNZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nationalbankopen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 59ms
16ms Ping
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1HBTKC8GNZ&cid=1418668334.1676906804&gtm=45je32f0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1HBTKC8GNZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nationalbankopen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 38ms
38ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1HBTKC8GNZ&cid=1418668334.1676906804&gtm=45je32f0&aip=1&z=900993233

Requested by

Host: nationalbankopen.com
URL: https://nationalbankopen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame A4F0 106 KB
27 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12743290.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Feb 2023 15:26:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: rBn7EOthGJJdVRUvX2rlN79NXIFr5aWxrd1ZdwEyJ8Xq3qlNa7pO8TKXckKMmBKaXLtLktD532CzZnQOSHCBgA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 GetCSS
chat.satis.fi/popup/ 55 KB
4 KB 119ms
119ms Stylesheet
text/css 34.111.146.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.satis.fi/popup/GetCSS
Requested by: Host: chat.satis.fi
URL: https://chat.satis.fi/popup/embedder?popupId=6186
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.146.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.146.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5020c5c74d261f081fddf088978d19b0269ee43b218c883c733167d291411e16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
content-encoding: gzip
via: 1.1 google
server: Microsoft-IIS/10.0
etag: AD01ED7A1FE9F9C34DE5B00A5CB0020C
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383

GET
H3 200 GetAWSConfig Show response
chat.satis.fi/Default/ 197 B
213 B 141ms
119ms Fetch
application/json 34.111.146.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.satis.fi/Default/GetAWSConfig
Requested by: Host: chat.satis.fi
URL: https://chat.satis.fi/popup/embedder?popupId=6186
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.146.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.146.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 25eca592f3785484d9098120c463294ce6e805e7c5a8ccf81a8b8b35f2de91e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:43 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nationalbankopen.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/11e3a4ec/www-widgetapi.vflset/ 183 KB
61 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/11e3a4ec/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bda4626079d40384245b08cf2cbe79ba640b342ae024acefa024896a51a5d92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:21:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3939
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62469
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 01:14:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Feb 2024 14:21:05 GMT

GET
H2 200 box-e031119f9e9e307a08fa610f85dbfb52.html Show response
vars.hotjar.com/ Frame 342D 2 KB
1 KB 55ms
7ms Document
text/html 13.224.189.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2543733.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-10.fra2.r.cloudfront.net

Software

Resource Hash

f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://nationalbankopen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1476998
cache-control: max-age=31536000
content-encoding: br
content-length: 1034
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 13:10:06 GMT
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-amz-cf-id: h_fKAYjhaVI9H_R4NGxSXTU_DyrTMlMAbeO7REY78PqYI0sopx-D6Q==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H3 200 539940418075449 Show response
connect.facebook.net/signals/config/ Frame A4F0 377 KB
108 KB 152ms
145ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/539940418075449?v=2.9.96&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0b5ec5d80efdc2ccfde533c9f4952b159fa14b50320a4b9ebf6d0e9963d431dc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12743290.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Feb 2023 15:26:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 0vjyndDsP/n/Lv5Ts8Y5UqUlAzoUo5aphrDfo8ff0sNo/faSNQVeJ9dH4JgwD6jh6I5nzrakEssrQjHh/321EA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=167142979&t=pageview&_s=1&dl=https%3A%2F%2Fnationalbankopen.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20National%20Bank%20Open&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=ICDACEABDAAAACAAI~&jid=1226893369&gjid=2128146448&cid=1418668334.1676906804&tid=UA-64790517-1&_gid=870722678.1676906804&_r=1&_slc=1&cd2=0&z=705426841

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nationalbankopen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nationalbankopen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPaQ_NK0pP0CFcjKmgodJ_YJbQ;src=6037123;type=sportrtg;cat=roger00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3754518318220.812
adservice.google.com/ddm/fls/z/ Frame 375C 42 B
107 B 57ms
56ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPaQ_NK0pP0CFcjKmgodJ_YJbQ;src=6037123;type=sportrtg;cat=roger00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3754518318220.812

Requested by

Host: 6037123.fls.doubleclick.net
URL: https://6037123.fls.doubleclick.net/activityi;dc_pre=CPaQ_NK0pP0CFcjKmgodJ_YJbQ;src=6037123;type=sportrtg;cat=roger00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3754518318220.812?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6037123.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 38ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=515094145301711&ev=PageView&dl=https%3A%2F%2Fnationalbankopen.com%2F&rl=&if=false&ts=1676906804077&sw=1600&sh=1200&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676906804076.1872324825&it=1676906803947&coo=false&rqm=GET

Requested by

Host: nationalbankopen.com
URL: https://nationalbankopen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 20 Feb 2023 15:26:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 17ms
17ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-64790517-1&cid=1418668334.1676906804&jid=1226893369&gjid=2128146448&_gid=870722678.1676906804&_u=ICDACEAADAAAACAAI~&z=993935897

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nationalbankopen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 20 Feb 2023 15:26:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nationalbankopen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CNm1_dK0pP0CFUrOmgodUrAP1Q;src=5357220;type=cprogers;cat=bnc-b00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID]
adservice.google.com/ddm/fls/z/ Frame 4492 42 B
63 B 44ms
44ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNm1_dK0pP0CFUrOmgodUrAP1Q;src=5357220;type=cprogers;cat=bnc-b00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID]

Requested by

Host: 5357220.fls.doubleclick.net
URL: https://5357220.fls.doubleclick.net/activityi;dc_pre=CNm1_dK0pP0CFUrOmgodUrAP1Q;src=5357220;type=cprogers;cat=bnc-b00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID]?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5357220.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CNiz_dK0pP0CFUm5mgodkIQCLw;src=5357220;type=bnc-d0;cat=bnc-d008;u1=[Campaign%20Name];u5=couperogers;u7=2nd-party;u8=couperogers;u9=[Section];dc_lat=;dc_rdid=;tag_for_child_directed_treatment...
adservice.google.com/ddm/fls/z/ Frame 1C32 42 B
63 B 45ms
44ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNiz_dK0pP0CFUm5mgodkIQCLw;src=5357220;type=bnc-d0;cat=bnc-d008;u1=[Campaign%20Name];u5=couperogers;u7=2nd-party;u8=couperogers;u9=[Section];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5914317543352.299

Requested by

Host: 5357220.fls.doubleclick.net
URL: https://5357220.fls.doubleclick.net/activityi;dc_pre=CNiz_dK0pP0CFUm5mgodkIQCLw;src=5357220;type=bnc-d0;cat=bnc-d008;u1=[Campaign%20Name];u5=couperogers;u7=2nd-party;u8=couperogers;u9=[Section];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5914317543352.299?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5357220.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 4492 106 KB
27 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5357220.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Feb 2023 15:26:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: rBn7EOthGJJdVRUvX2rlN79NXIFr5aWxrd1ZdwEyJ8Xq3qlNa7pO8TKXckKMmBKaXLtLktD532CzZnQOSHCBgA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 1C32 106 KB
27 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5357220.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Feb 2023 15:26:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: rBn7EOthGJJdVRUvX2rlN79NXIFr5aWxrd1ZdwEyJ8Xq3qlNa7pO8TKXckKMmBKaXLtLktD532CzZnQOSHCBgA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 55ms
54ms Image
image/gif 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-64790517-1&cid=1418668334.1676906804&jid=1226893369&_u=ICDACEAADAAAACAAI~&z=833027048

Requested by

Host: nationalbankopen.com
URL: https://nationalbankopen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-64790517-1&cid=1418668334.1676906804&jid=1226893369&_u=ICDACEAADAAAACAAI~&z=833027048

Requested by

Host: nationalbankopen.com
URL: https://nationalbankopen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2543733/ 148 B
323 B 109ms
35ms XHR
application/json 63.34.186.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2543733/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.ee22917b5436a59a8012.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.186.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-186-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e06e9fa0c40a8cc645b697a45747eb06cb230ca0a48862a26847435d314ab228

Request headers

Referer: https://nationalbankopen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 703868683024148 Show response
connect.facebook.net/signals/config/ Frame 4492 150 KB
41 KB 57ms
57ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/703868683024148?v=2.9.96&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f83f2e62c4f9cdbc4e5d715aef90367e6be23c17733ffe7b2be88f1dfac14893

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5357220.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Feb 2023 15:26:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: EOm+6q2OpDTEdTW/aGeHVl/6LFP0We738WoFTBfvvBZUSITkb1OsW5ih/S4+S6R+OAq4gaIwuzJ8AtjFzbcb/g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 703868683024148 Show response
connect.facebook.net/signals/config/ Frame 1C32 150 KB
41 KB 57ms
57ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/703868683024148?v=2.9.96&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f83f2e62c4f9cdbc4e5d715aef90367e6be23c17733ffe7b2be88f1dfac14893

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5357220.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Feb 2023 15:26:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: rvQrwTb2dcoSojF669yNaqea9MF9O8loFZYNl20V6hkRbvcQaGQx4eCYM/siG/GtwWEk9dVSKfgTwdzLKU92Zg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 PopupConfig-6186.js Show response
prod-satisfilabs-resources-gcs.satis.fi/ClientAssets/PopupConfigs/ 1 KB
2 KB 151ms
129ms Script
application/x-javascript 35.244.160.208
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-satisfilabs-resources-gcs.satis.fi/ClientAssets/PopupConfigs/PopupConfig-6186.js?v=9c46b5ff-00fa-433b-9740-cda3e50ddfc0
Requested by: Host: chat.satis.fi
URL: https://chat.satis.fi/popup/embedder?popupId=6186
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.160.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 208.160.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8964053f400dca34977ee06a530df5a93a5613b67b6dcc6adda3faf65a6eeb12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
age: 0
x-guploader-uploadid: ADPycdtuMbjZS4zP8BGLZqQFb-sp1S8J7iKzKB8p-ew-z_Vvb0Gvs3nO8cm1hSdYV3ueXDmmtKTtRHtdwikOtn81m2TqRS46w6WS
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1272
last-modified: Tue, 03 May 2022 16:29:52 GMT
server: UploadServer
etag: "b9cc4638f95204c05e7f176e3cf2ac74"
x-goog-generation: 1651595392339268
x-goog-hash: crc32c=7s16kA==, md5=ucxGOPlSBMBefxduPPKsdA==
access-control-allow-origin: *
content-type: application/x-javascript
cache-control: public,max-age=0
x-goog-stored-content-length: 1272
accept-ranges: bytes

GET
H2

200

widget_v2.334.js Show response
v2.zopim.com/bin/v/
Redirect Chain

https://v2.zopim.com/w?5qQGcRV1pFGLctuRo6PaxcmXeEoYyXKB
https://v2.zopim.com/bin/v/widget_v2.334.js

1 MB
244 KB

13ms
13ms

Script
application/javascript

104.16.107.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.zopim.com/bin/v/widget_v2.334.js
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H2
Server: 104.16.107.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84fd53c6a8ac1f66c4166ec099766a4cff3eb93f3ab1a4d51e60cbdcc1a86ff4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 27 Jul 2022 03:35:19 GMT
server: cloudflare
age: 997945
etag: W/"62e0b277-10301f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=315360000
cf-ray: 79c843263b0468e5-FRA
expires: Thu, 17 Feb 2033 15:26:44 GMT

Redirect headers

date: Mon, 20 Feb 2023 15:26:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
etag: "62e9bace-0"
content-type: application/octet-stream
location: https://v2.zopim.com/bin/v/widget_v2.334.js
cache-control: max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray: 79c843260ab968e5-FRA
content-length: 0
expires: Mon, 20 Feb 2023 19:26:44 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame A4F0 0
31 B 7ms
6ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=539940418075449&ev=PageView&dl=https%3A%2F%2F12743290.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIe089K0pP0CFcmUmwodIcMGhw%3Bsrc%3D12743290%3Btype%3Dnboobn%3Bcat%3Dtenni0%3Bord%3D1%3Bnum%3D1251698602957%3Bgtm%3D45He32f0%3Bauiddc%3D500775428.1676906804%3B~oref%3Dhttps%253A%252F%252Fnationalbankopen.com%252F%3F&rl=https%3A%2F%2Fnationalbankopen.com%2F&if=true&ts=1676906804188&sw=1600&sh=1200&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&it=1676906804009&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12743290.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 20 Feb 2023 15:26:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ Frame 4492 72 KB
21 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.96

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5357220.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Feb 2023 15:26:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: oOotfpfhghu0sURXYEpGVMyHFZXKnLUxvBnu5fgv1vAG77kaFvGXJLKhDTEaEpJtVLCqte/zNUkc4y9zG6Nhcg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ Frame 1C32 72 KB
21 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.96

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5357220.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Feb 2023 15:26:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: oOotfpfhghu0sURXYEpGVMyHFZXKnLUxvBnu5fgv1vAG77kaFvGXJLKhDTEaEpJtVLCqte/zNUkc4y9zG6Nhcg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 4492 0
18 B 7ms
6ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=703868683024148&ev=Audience-couperogerscampagne&dl=https%3A%2F%2F5357220.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCNm1_dK0pP0CFUrOmgodUrAP1Q%3Bsrc%3D5357220%3Btype%3Dcprogers%3Bcat%3Dbnc-b00%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D%5BSessionID%5D%3F&rl=https%3A%2F%2Fnationalbankopen.com%2F&if=true&ts=1676906804233&sw=1600&sh=1200&v=2.9.96&r=stable&ec=0&o=28&it=1676906804147&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5357220.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 20 Feb 2023 15:26:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ Frame 1C32 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=703868683024148&ev=PageView&dl=https%3A%2F%2F5357220.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCNiz_dK0pP0CFUm5mgodkIQCLw%3Bsrc%3D5357220%3Btype%3Dbnc-d0%3Bcat%3Dbnc-d008%3Bu1%3D%5BCampaign%2520Name%5D%3Bu5%3Dcouperogers%3Bu7%3D2nd-party%3Bu8%3Dcouperogers%3Bu9%3D%5BSection%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D5914317543352.299%3F&rl=https%3A%2F%2Fnationalbankopen.com%2F&if=true&ts=1676906804249&sw=1600&sh=1200&v=2.9.96&r=stable&ec=0&o=28&cs_est=true&it=1676906804148&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5357220.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 20 Feb 2023 15:26:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 popuptheme-3211.css Show response
prod-satisfilabs-resources-gcs.satis.fi/ClientAssets/ThemeFiles/ 2 KB
2 KB 145ms
129ms Fetch
text/css 35.244.160.208
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-satisfilabs-resources-gcs.satis.fi/ClientAssets/ThemeFiles/popuptheme-3211.css?v=7ef26e7a-f276-4a7b-84b9-a2b9e58db1da
Requested by: Host: chat.satis.fi
URL: https://chat.satis.fi/popup/embedder?popupId=6186
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.160.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 208.160.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ced598533b1cbcb0c15bcb72834a49e6e9a8769a23db6ede7f4ff0c43818ff0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
age: 0
x-guploader-uploadid: ADPycdvi8AqmF8jJZU6YfbH6izUQO7-WUdSPNCXrjQam8XGJ45bKpQtueMHKbl2zJ6UN_4qIjv5CUSTq6Y-tWLCckXWMoP8bwq1W
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1889
last-modified: Tue, 03 May 2022 16:29:50 GMT
server: UploadServer
etag: "53564bfa46bbfde805b28250d8d376b0"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1651595390370307
x-goog-hash: crc32c=P74dow==, md5=U1ZL+ka7/egFsoJQ2NN2sA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=0
x-goog-stored-content-length: 1889
accept-ranges: bytes
content-type: text/css

GET
H/1.1 200
OK AppMeasurement.js Show response
www.bnc.ca/content/dam/bnc/fr/outils/adobeanalytics/ 57 KB
18 KB 292ms
292ms Script
application/javascript 104.64.112.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bnc.ca/content/dam/bnc/fr/outils/adobeanalytics/AppMeasurement.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MHMRC

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.112.94 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-112-94.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d12a0d30f346e809bdceea8650532c61412880392c78634330350133ca69b58b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .bnc.ca .nbc.ca;
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000;
Content-Security-Policy: frame-ancestors 'self' *.bnc.ca *.nbc.ca;
X-Content-Type-Options: nosniff
Date: Mon, 20 Feb 2023 15:26:44 GMT
Last-Modified: Mon, 20 Feb 2023 14:44:16 GMT
Server: Apache
Content-Encoding: gzip
ETag: "e361-5f522b28630e7-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18225

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1HBTKC8GNZ&gtm=45je32f0&_p=167142979&cid=1418668334.1676906804&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAE&_s=2&sid=1676906803&sct=1&seg=0&dl=https%3A%2F%2Fnationalbankopen.com%2F&dt=Home%20-%20National%20Bank%20Open&en=form_start&ep.page_path=%2F&ep.form_id=&ep.form_name=&ep.form_destination=https%3A%2F%2Fwww.facebook.com%2Ftr%2F&epn.form_length=23&_et=614
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1HBTKC8GNZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nationalbankopen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1HBTKC8GNZ&gtm=45je32f0&_p=167142979&cid=1418668334.1676906804&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAE&_s=3&sid=1676906803&sct=1&seg=0&dl=https%3A%2F%2Fnationalbankopen.com%2F&dt=Home%20-%20National%20Bank%20Open&en=form_submit&_c=1&ep.page_path=%2F&ep.form_id=&ep.form_name=&ep.form_destination=https%3A%2F%2Fwww.facebook.com%2Ftr%2F&epn.form_length=23&_et=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1HBTKC8GNZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nationalbankopen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame BBB3 0
15 B 7ms
6ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: nationalbankopen.com
URL: https://nationalbankopen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://nationalbankopen.com
Referer: https://nationalbankopen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://nationalbankopen.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:44 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
13ms Ping
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nationalbankopen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://nationalbankopen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Ping
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nationalbankopen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://nationalbankopen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
13ms Ping
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nationalbankopen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://nationalbankopen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rolex.html Show response
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/ Frame 01D1 4 KB
1014 B 136ms
11ms Document
text/html 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/wp-includes/js/jquery/jquery.min.js?ver=1671205794
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 723ae9887c2eeb0ef2db475a2186ea95b7f34f66011a3650156f4d9ceb00f017

Request headers

Referer: https://nationalbankopen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
content-encoding: br
content-md5: fvLUH97Ma3qbqJ/JUx3WXw==
content-type: text/html; charset=utf-8
date: Mon, 20 Feb 2023 15:26:44 GMT
etag: "0x8D76916F5614472"
last-modified: Thu, 14 Nov 2019 15:26:02 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-azure-ref: 0NJHzYwAAAAC1tevRJwffSatkNSsD4LH8RlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
x-azure-ref-originshield: 00JbuYwAAAABoZMj/6B1sTKA1BB74C2uQRlJBMjMxMDUwNDE3MDI1ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
x-cache: TCP_HIT
x-ms-request-id: 0a6e5c83-601e-0051-5234-4293b6000000
x-ms-version: 2018-03-28

GET
H2 200 rolex.html Show response
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/ Frame 824B 4 KB
1 KB 134ms
11ms Document
text/html 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/wp-includes/js/jquery/jquery.min.js?ver=1671205794
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 723ae9887c2eeb0ef2db475a2186ea95b7f34f66011a3650156f4d9ceb00f017

Request headers

Referer: https://nationalbankopen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
content-encoding: br
content-md5: fvLUH97Ma3qbqJ/JUx3WXw==
content-type: text/html; charset=utf-8
date: Mon, 20 Feb 2023 15:26:44 GMT
etag: "0x8D76916F5614472"
last-modified: Thu, 14 Nov 2019 15:26:02 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-azure-ref: 0NJHzYwAAAADdB8wAXUrOQKw8IbmfYmo7RlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
x-azure-ref-originshield: 00JbuYwAAAABoZMj/6B1sTKA1BB74C2uQRlJBMjMxMDUwNDE3MDI1ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
x-cache: TCP_HIT
x-ms-request-id: 0a6e5c83-601e-0051-5234-4293b6000000
x-ms-version: 2018-03-28

GET
H3 200 564x564_en.png
tcadserver.rain-digital.ca/wp-content/uploads/2022/08/ 87 KB
87 KB 548ms
538ms Image
image/png 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tcadserver.rain-digital.ca/wp-content/uploads/2022/08/564x564_en.png
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65e11faf1a19a53006b7a2351290fc395974768f2dd3ee4b81282372a949c24a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:45 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Aug 2022 16:03:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62ea9c3f-15af4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5K49ULA9x3WeBY1t5u27CNWjfpmXNr1uBuJDWz6kihLSVFFMsf9VNWXvrkkhT54S8HLihjCFX597KHFvLS9beqFN2gxh5UDC6OWBLKOK6s9pKaGShiKIt27CGuHts2qeLcinH74LZT33%2BbX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c843295ef7bb9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 88820

GET
H3 200 ENGLISH_564x564.gif
tcadserver.rain-digital.ca/wp-content/uploads/2022/03/ 119 KB
120 KB 557ms
547ms Image
image/gif 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tcadserver.rain-digital.ca/wp-content/uploads/2022/03/ENGLISH_564x564.gif
Requested by: Host: nationalbankopen.com
URL: https://nationalbankopen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0406a85c3413b7f6f5a2afa24381b30be765d76a732d6006bab7458dff48bd9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:45 GMT
cf-cache-status: MISS
last-modified: Thu, 31 Mar 2022 19:45:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "624604e2-1dcac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERiS8NBqpac6Ir1hyFBWndn%2BeCayy1LR2EP40m7ekojzxLi0DTXBONGdq4guJ2rPWou%2FQABlgqUi3N%2FXz6xcSrynOV99J8SGVD2D9qaTLvmrqyofFFflj2eHYd2Pl90a%2FRkhs2eOIfjGjist"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c843295ef4bb9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 122028

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 578ms
143ms XHR
application/json 52.50.220.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=1.10.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1E24776A524450D90A490D44%40AdobeOrg&d_nsid=0&ts=1676906804746

Requested by

Host: www.bnc.ca
URL: https://www.bnc.ca/content/dam/bnc/fr/outils/adobeanalytics/VisitorAPI.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.220.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-220-58.eu-west-1.compute.amazonaws.com

Software

Resource Hash

60d55518cfc595af8a4cbfb2a4d09abb705ba4a212ce60f7cd2005ff0c93a231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://nationalbankopen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v046-0f71a5189.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: TeK3sx4mTS0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://nationalbankopen.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1633
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 rolex.css
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/ Frame 824B 43 KB
4 KB 11ms
10ms Stylesheet
text/css 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/rolex.css
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 59ef7f32b5ba12e522d05e92ebb722177174c4e1c235d0756a34d841f0b7d72f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
content-encoding: br
x-azure-ref-originshield: 00ZbuYwAAAAAoyddNUF+KTLceHdH3YoY6RlJBMjMxMDUwNDE4MDE5ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: fTL+QUIa+AN8lWf0kK8Ufw==
x-cache: TCP_HIT
last-modified: Thu, 14 Nov 2019 15:26:03 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F643DEB7"
x-azure-ref: 0NJHzYwAAAADaZp94L4NlTrnLhO6zQoIgRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 51b6dd31-301e-004c-0920-429e0a000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 modernizr.custom.min.js Show response
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/ Frame 824B 2 KB
1 KB 12ms
10ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/modernizr.custom.min.js
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4e8fecfc2889e8ae6af4411b56ed319ec682f093bfa9e4656a576235e8035dbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
content-encoding: br
x-azure-ref-originshield: 07GbyYwAAAAB6HK62iFWwQJbrRFfsZqzrRlJBMjMxMDUwNDE3MDI5ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: TUq2JNHfzxCTj+HGhgeAug==
x-cache: TCP_HIT
last-modified: Thu, 14 Nov 2019 15:26:03 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F5E0C4FC"
x-azure-ref: 0NJHzYwAAAAAHf153O3zATKdtOSkBP2ctRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 59187611-501e-0017-2434-42a731000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame 824B 85 KB
27 KB 35ms
17ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2741919
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Au9XdbB1DAk5e7siqTwKc%2FBkzEc2%2BOefmw%2Blgea5Uw0MwfMlN7G1WtqyIXM5cRWtZIKXzGQ0l3tID1%2BFybvj4i7s21wQSfOUAJum1DIUICHBHQy977%2BESb8U769AIK%2BlC7lGEx046WuvFFCQtV%2F4I19b"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79c8432a49462c01-FRA
expires: Sat, 10 Feb 2024 15:26:44 GMT

GET
H2 200 jquery.countdown.js Show response
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/ Frame 824B 27 KB
7 KB 13ms
11ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/jquery.countdown.js
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6c744c6e63874fd33f1cef1019888795951471595e2cc9dc868e27b74e2e5cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
content-encoding: br
x-azure-ref-originshield: 0PynvYwAAAABqzPOsOm9xRreTqSQXUj88RlJBMjMxMDUwNDE4MDE3ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: kC/dmvVX0plHgubb+hyUOA==
x-cache: TCP_HIT
last-modified: Thu, 14 Nov 2019 15:26:04 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F66CF20B"
x-azure-ref: 0NJHzYwAAAAAkLBitZTdkS70+tyG73M1/RlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 809f61a0-101e-0016-7934-42f8ed000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 rolex-core-1.4.0.js Show response
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/ Frame 824B 83 KB
14 KB 21ms
20ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/rolex-core-1.4.0.js
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 750dcf63fe002c865e0f704306e9954ace9212f8a71f2fe8a4bd22d41d10f06a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
content-encoding: br
x-azure-ref-originshield: 00pbuYwAAAACLp4bKXztuToMFq9+cQ/PdRlJBMjMxMDUwNDE3MDIzADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: EFPx/wa8O8fLa9GLfvzDrw==
x-cache: TCP_HIT
last-modified: Thu, 14 Nov 2019 15:26:02 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F57FCE8A"
x-azure-ref: 0NJHzYwAAAABa4fkbnhoWT7PU3dD9Xc0jRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: de367f1f-101e-005b-2734-423701000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 timezones.js Show response
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/ Frame 824B 16 KB
4 KB 14ms
13ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/timezones.js
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a3711a3146a469e215b96790d4194a1e38433a07eb1b6fd5fb5ee811986aa808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
content-encoding: br
x-azure-ref-originshield: 005buYwAAAAB+Xx4j1JUCR58X0o0UddJHRlJBMjMxMDUwNDE3MDQ3ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: 1QwRuOgYM7bf5q3aWaVOcw==
x-cache: TCP_HIT
last-modified: Thu, 14 Nov 2019 15:26:03 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F6257BB8"
x-azure-ref: 0NJHzYwAAAAD58xDievtGTLzxwCXypNjaRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8772c058-b01e-0042-4134-42b7ba000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 listofdates.js Show response
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/ Frame 824B 826 B
1 KB 13ms
12ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/listofdates.js?1380795379
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9bd68d2a06a8537da4c23765cc872c57bc91ece9069c45920fe7069670db53f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
x-azure-ref-originshield: 005buYwAAAADQzjGwDvCdTJqOIHeKsTyURlJBMjMxMDUwNDE4MDQ1ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: wfbBztcnLdsTtZe2ON9RgQ==
x-cache: TCP_HIT
content-length: 826
last-modified: Thu, 14 Nov 2019 15:26:02 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F5756C5F"
x-azure-ref: 0NJHzYwAAAAAhF0XwmmvZT5nNVsnVC2UORlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: de36800f-101e-005b-0934-423701000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 watch.js Show response
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/ Frame 824B 3 KB
1 KB 13ms
13ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/watch.js?1380795379
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a0d46e45ced60b3d4ea9007f428b6192801c7fbb1016101c7f471e5db469fb26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
content-encoding: br
x-azure-ref-originshield: 07GbyYwAAAAA5TbqWSQ2nTql4oPAPeaTyRlJBMjMxMDUwNDE3MDI5ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: rFzJrS/s74OwwKD9fk/7Eg==
x-cache: TCP_HIT
last-modified: Thu, 14 Nov 2019 15:26:02 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F5B7B1A8"
x-azure-ref: 0NJHzYwAAAABAu41Fqwl+RIkYzpDoGehgRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a5700a23-201e-000d-0734-42c6ee000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 rolex.css
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/ Frame 01D1 43 KB
4 KB 17ms
15ms Stylesheet
text/css 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/rolex.css
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 59ef7f32b5ba12e522d05e92ebb722177174c4e1c235d0756a34d841f0b7d72f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
content-encoding: br
x-azure-ref-originshield: 00ZbuYwAAAAAoyddNUF+KTLceHdH3YoY6RlJBMjMxMDUwNDE4MDE5ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: fTL+QUIa+AN8lWf0kK8Ufw==
x-cache: TCP_HIT
last-modified: Thu, 14 Nov 2019 15:26:03 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F643DEB7"
x-azure-ref: 0NJHzYwAAAAAYELd9SW3hQLM5MAhDZc9VRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 51b6dd31-301e-004c-0920-429e0a000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 modernizr.custom.min.js Show response
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/ Frame 01D1 2 KB
1 KB 17ms
15ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/modernizr.custom.min.js
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4e8fecfc2889e8ae6af4411b56ed319ec682f093bfa9e4656a576235e8035dbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
content-encoding: br
x-azure-ref-originshield: 07GbyYwAAAAB6HK62iFWwQJbrRFfsZqzrRlJBMjMxMDUwNDE3MDI5ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: TUq2JNHfzxCTj+HGhgeAug==
x-cache: TCP_HIT
last-modified: Thu, 14 Nov 2019 15:26:03 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F5E0C4FC"
x-azure-ref: 0NJHzYwAAAABtV58VhmeHR4ZzE+X2fmMuRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 59187611-501e-0017-2434-42a731000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame 01D1 85 KB
27 KB 24ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2741919
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDTLfLzzb6igRJd24%2Fx54MYJ1zhw1SUKcs8SDVRoeWDjytAWnBQxL7Lf8nZd7NZJeV2RbMUuCpSvz8sDjB%2F9ST0PXfAaHqpPs4wEyW7Wshpu4Upeey9pMJH%2BqLwJugOPWMHFr32XrPul4YAsbP8bzKAs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79c8432a494b2c01-FRA
expires: Sat, 10 Feb 2024 15:26:44 GMT

GET
H2 200 jquery.countdown.js Show response
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/ Frame 01D1 27 KB
7 KB 15ms
14ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/jquery.countdown.js
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6c744c6e63874fd33f1cef1019888795951471595e2cc9dc868e27b74e2e5cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
content-encoding: br
x-azure-ref-originshield: 0PynvYwAAAABqzPOsOm9xRreTqSQXUj88RlJBMjMxMDUwNDE4MDE3ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: kC/dmvVX0plHgubb+hyUOA==
x-cache: TCP_HIT
last-modified: Thu, 14 Nov 2019 15:26:04 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F66CF20B"
x-azure-ref: 0NJHzYwAAAACRbJjDxjoZS6hArRUow1eMRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 809f61a0-101e-0016-7934-42f8ed000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 rolex-core-1.4.0.js Show response
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/ Frame 01D1 83 KB
13 KB 16ms
15ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/rolex-core-1.4.0.js
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 750dcf63fe002c865e0f704306e9954ace9212f8a71f2fe8a4bd22d41d10f06a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
content-encoding: br
x-azure-ref-originshield: 00pbuYwAAAACLp4bKXztuToMFq9+cQ/PdRlJBMjMxMDUwNDE3MDIzADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: EFPx/wa8O8fLa9GLfvzDrw==
x-cache: TCP_HIT
last-modified: Thu, 14 Nov 2019 15:26:02 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F57FCE8A"
x-azure-ref: 0NJHzYwAAAAADIlZgCV1YRY4tZL6bMBXlRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: de367f1f-101e-005b-2734-423701000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 timezones.js Show response
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/ Frame 01D1 16 KB
4 KB 18ms
17ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/timezones.js
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a3711a3146a469e215b96790d4194a1e38433a07eb1b6fd5fb5ee811986aa808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
content-encoding: br
x-azure-ref-originshield: 005buYwAAAAB+Xx4j1JUCR58X0o0UddJHRlJBMjMxMDUwNDE3MDQ3ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: 1QwRuOgYM7bf5q3aWaVOcw==
x-cache: TCP_HIT
last-modified: Thu, 14 Nov 2019 15:26:03 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F6257BB8"
x-azure-ref: 0NJHzYwAAAABVO7KcQ8D0Tqly5I63iCHuRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8772c058-b01e-0042-4134-42b7ba000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 listofdates.js Show response
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/ Frame 01D1 826 B
1 KB 18ms
17ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/listofdates.js?1380795379
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9bd68d2a06a8537da4c23765cc872c57bc91ece9069c45920fe7069670db53f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
x-azure-ref-originshield: 005buYwAAAADQzjGwDvCdTJqOIHeKsTyURlJBMjMxMDUwNDE4MDQ1ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: wfbBztcnLdsTtZe2ON9RgQ==
x-cache: TCP_HIT
content-length: 826
last-modified: Thu, 14 Nov 2019 15:26:02 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F5756C5F"
x-azure-ref: 0NJHzYwAAAAAyUQ2FGsmwSJIKc8Gl+CQuRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: de36800f-101e-005b-0934-423701000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 watch.js Show response
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/ Frame 01D1 3 KB
1 KB 18ms
17ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/watch.js?1380795379
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a0d46e45ced60b3d4ea9007f428b6192801c7fbb1016101c7f471e5db469fb26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
content-encoding: br
x-azure-ref-originshield: 07GbyYwAAAAA5TbqWSQ2nTql4oPAPeaTyRlJBMjMxMDUwNDE3MDI5ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: rFzJrS/s74OwwKD9fk/7Eg==
x-cache: TCP_HIT
last-modified: Thu, 14 Nov 2019 15:26:02 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F5B7B1A8"
x-azure-ref: 0NJHzYwAAAADfUB2Ub0hRSZCYxQxnSWIQRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a5700a23-201e-000d-0734-42c6ee000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H3 200 dc_pre=CJeR_dK0pP0CFQbMmgoddAULWw;src=4923687;type=gar_r0;cat=gar_o0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7891649075843.365
adservice.google.com/ddm/fls/z/ Frame 407C 42 B
63 B 43ms
43ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJeR_dK0pP0CFQbMmgoddAULWw;src=4923687;type=gar_r0;cat=gar_o0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7891649075843.365

Requested by

Host: 4923687.fls.doubleclick.net
URL: https://4923687.fls.doubleclick.net/activityi;dc_pre=CJeR_dK0pP0CFQbMmgoddAULWw;src=4923687;type=gar_r0;cat=gar_o0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7891649075843.365?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4923687.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo_rolex.svg
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/logo/white/ Frame 01D1 4 KB
2 KB 11ms
10ms Image
image/svg+xml 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/logo/white/logo_rolex.svg
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/rolex.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 40888af7ecd3e869bf6550194e0691252107831b99a7d2075711e40bbbb64201

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/rolex.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
content-encoding: br
x-azure-ref-originshield: 005buYwAAAAAqLUzm0gqKSK0S2ZZFc4lxRlJBMjMxMDUwNDE4MDQ3ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: Wi5l4lrVmvyMSZwcBYjRfQ==
x-cache: TCP_HIT
last-modified: Thu, 14 Nov 2019 15:26:03 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F62750CE"
x-azure-ref: 0NJHzYwAAAADXMzz73OozRIOh4G15Ux0hRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 892056b1-a01e-0013-6c20-422a36000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 80.png
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/clock/white/ Frame 01D1 12 KB
12 KB 19ms
18ms Image
image/png 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/clock/white/80.png
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/rolex.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b57c4a31008a31be5edfb1c9d41d0bb9d0106e093b06ba6b43906bf8dc5afe3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/rolex.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
x-azure-ref-originshield: 0hqnuYwAAAADiVY3BoGQBRaWuVF5MplzoRlJBMjMxMDUwNDE3MDUxADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: /xPQIRnRdXFdi1pqaMGmbQ==
x-cache: TCP_HIT
content-length: 12290
last-modified: Thu, 14 Nov 2019 15:26:02 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F574A8ED"
x-azure-ref: 0NJHzYwAAAAAISO6CyywsSZvPMeLDvBmjRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f24f9d07-f01e-001e-6020-42e2e2000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 rolexfont-regular-webfont.woff
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/ Frame 01D1 45 KB
45 KB 11ms
10ms Font
font/woff 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/rolexfont-regular-webfont.woff
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/rolex.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 09d6a82814d0aa348ec6051fd5e861b3853fb29aa1f9ac9a9e24693595ff98d0

Request headers

Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/rolex.css
Origin: https://static.rolex.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
x-azure-ref-originshield: 0VxTwYwAAAADbhLaHDHahTaDtAzJqmgVpRlJBMjMxMDUwNDE4MDI5ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: WspB2xIDZWhx7NiPjU3DJg==
x-cache: TCP_HIT
content-length: 45680
last-modified: Thu, 14 Nov 2019 15:26:03 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F5CC4EDC"
x-azure-ref: 0NJHzYwAAAAAbiE3nD/T/RImvib46V+2ERlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: font/woff
access-control-allow-origin: *
x-ms-request-id: e467a778-501e-005a-2134-4268dd000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 logo_rolex.svg
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/logo/white/ Frame 824B 4 KB
2 KB 11ms
11ms Image
image/svg+xml 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/logo/white/logo_rolex.svg
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/rolex.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 40888af7ecd3e869bf6550194e0691252107831b99a7d2075711e40bbbb64201

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/rolex.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
content-encoding: br
x-azure-ref-originshield: 005buYwAAAAAqLUzm0gqKSK0S2ZZFc4lxRlJBMjMxMDUwNDE4MDQ3ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: Wi5l4lrVmvyMSZwcBYjRfQ==
x-cache: TCP_HIT
last-modified: Thu, 14 Nov 2019 15:26:03 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F62750CE"
x-azure-ref: 0NJHzYwAAAABCfzDhAyRGS5wxwYO9IV1uRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 892056b1-a01e-0013-6c20-422a36000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 80.png
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/clock/white/ Frame 824B 12 KB
12 KB 17ms
16ms Image
image/png 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/clock/white/80.png
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/rolex.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b57c4a31008a31be5edfb1c9d41d0bb9d0106e093b06ba6b43906bf8dc5afe3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/rolex.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
x-azure-ref-originshield: 0hqnuYwAAAADiVY3BoGQBRaWuVF5MplzoRlJBMjMxMDUwNDE3MDUxADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: /xPQIRnRdXFdi1pqaMGmbQ==
x-cache: TCP_HIT
content-length: 12290
last-modified: Thu, 14 Nov 2019 15:26:02 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F574A8ED"
x-azure-ref: 0NJHzYwAAAADxUE1sos1GTL1rmSxnic7vRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f24f9d07-f01e-001e-6020-42e2e2000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 rolexfont-regular-webfont.woff
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/ Frame 824B 45 KB
45 KB 15ms
15ms Font
font/woff 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/rolexfont-regular-webfont.woff
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/rolex.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 09d6a82814d0aa348ec6051fd5e861b3853fb29aa1f9ac9a9e24693595ff98d0

Request headers

Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/rolex.css
Origin: https://static.rolex.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
x-azure-ref-originshield: 0VxTwYwAAAADbhLaHDHahTaDtAzJqmgVpRlJBMjMxMDUwNDE4MDI5ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: WspB2xIDZWhx7NiPjU3DJg==
x-cache: TCP_HIT
content-length: 45680
last-modified: Thu, 14 Nov 2019 15:26:03 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F5CC4EDC"
x-azure-ref: 0NJHzYwAAAAAc5gCjPOZLQK/MU8M1U58RRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: font/woff
access-control-allow-origin: *
x-ms-request-id: e467a778-501e-005a-2134-4268dd000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 hours.svg
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/hands/white/ Frame 01D1 507 B
842 B 10ms
10ms Image
image/svg+xml 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/hands/white/hours.svg
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3ca5f1edbf341cf6dc07751e3155baf576680671a52e59823ec87879dc66ae22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
x-azure-ref-originshield: 02ZbuYwAAAAAw5yt6nbB+SYt3IpednDCDRlJBMjMxMDUwNDE3MDQ5ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: ai7ucr1Ly6iphiLYU/k5PQ==
x-cache: TCP_HIT
content-length: 507
last-modified: Thu, 14 Nov 2019 15:26:04 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F67B9ABA"
x-azure-ref: 0NJHzYwAAAAAYalqmC1peQYTaN+lrYEsYRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 4fc3d087-a01e-005e-5420-42e5da000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 minutes.svg
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/hands/white/ Frame 01D1 544 B
856 B 11ms
10ms Image
image/svg+xml 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/hands/white/minutes.svg
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4eb6027e96160824a1aa717fe0d134a9511c42c4186157ef07cfc5f9a820ef29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
x-azure-ref-originshield: 0+6buYwAAAAA2/Jp8nAB9R4FkatNPJnndRlJBMjMxMDUwNDE3MDI3ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: h+TkA1ugou/U9eGeyjTNpg==
x-cache: TCP_HIT
content-length: 544
last-modified: Thu, 14 Nov 2019 15:26:03 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F5CD879A"
x-azure-ref: 0NJHzYwAAAADViklnvU3NSre/fpaGBYCCRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: aa33e90c-701e-0062-1f20-42cc1d000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 seconds.svg
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/hands/white/ Frame 01D1 451 B
971 B 11ms
11ms Image
image/svg+xml 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/hands/white/seconds.svg
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 343d550f3cb59df0b5435e1cedc541a56b12c2f6c00f3fe80b2036b681e47c32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
x-azure-ref-originshield: 0+6buYwAAAAC1oUZ/PL3dSZOjSvC5orngRlJBMjMxMDUwNDE4MDA5ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: n6FEw36hTSWyNeipOdbw4g==
x-cache: TCP_HIT
content-length: 451
last-modified: Thu, 14 Nov 2019 15:26:03 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F5C9DD6E"
x-azure-ref: 0NJHzYwAAAAA/6JWzwVgiSICwWnylJT7nRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e687898b-c01e-003a-3020-421442000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 center.png
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/hands/white/ Frame 01D1 2 KB
2 KB 12ms
11ms Image
image/png 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/hands/white/center.png
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 02489b187242ef49650332942f0c28c19d2700d397cac8cbe734d8b1da235f93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
x-azure-ref-originshield: 0+6buYwAAAABcIGcpGR95Rb1vvoSp4kN4RlJBMjMxMDUwNDE4MDMxADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: 44jyl0iQHNcu/XQuceKw+w==
x-cache: TCP_HIT
content-length: 1983
last-modified: Thu, 14 Nov 2019 15:26:03 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F5F07F4C"
x-azure-ref: 0NJHzYwAAAAB7i0h1K41KTKAc+JaDW1FXRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f4dde98e-201e-0022-6620-42cb25000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 hours.svg
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/hands/white/ Frame 824B 507 B
660 B 10ms
9ms Image
image/svg+xml 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/hands/white/hours.svg
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/rolex-core-1.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3ca5f1edbf341cf6dc07751e3155baf576680671a52e59823ec87879dc66ae22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
x-azure-ref-originshield: 02ZbuYwAAAAAw5yt6nbB+SYt3IpednDCDRlJBMjMxMDUwNDE3MDQ5ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: ai7ucr1Ly6iphiLYU/k5PQ==
x-cache: TCP_HIT
content-length: 507
last-modified: Thu, 14 Nov 2019 15:26:04 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F67B9ABA"
x-azure-ref: 0NJHzYwAAAACUWghp81tNQK9MeomKpEFrRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 4fc3d087-a01e-005e-5420-42e5da000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 minutes.svg
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/hands/white/ Frame 824B 544 B
697 B 11ms
10ms Image
image/svg+xml 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/hands/white/minutes.svg
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/rolex-core-1.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4eb6027e96160824a1aa717fe0d134a9511c42c4186157ef07cfc5f9a820ef29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
x-azure-ref-originshield: 0+6buYwAAAAA2/Jp8nAB9R4FkatNPJnndRlJBMjMxMDUwNDE3MDI3ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: h+TkA1ugou/U9eGeyjTNpg==
x-cache: TCP_HIT
content-length: 544
last-modified: Thu, 14 Nov 2019 15:26:03 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F5CD879A"
x-azure-ref: 0NJHzYwAAAACeQYncgTaXQ60zVTHto7wLRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: aa33e90c-701e-0062-1f20-42cc1d000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 seconds.svg
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/hands/white/ Frame 824B 451 B
627 B 10ms
9ms Image
image/svg+xml 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/hands/white/seconds.svg
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/rolex-core-1.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 343d550f3cb59df0b5435e1cedc541a56b12c2f6c00f3fe80b2036b681e47c32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
x-azure-ref-originshield: 0+6buYwAAAAC1oUZ/PL3dSZOjSvC5orngRlJBMjMxMDUwNDE4MDA5ADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: n6FEw36hTSWyNeipOdbw4g==
x-cache: TCP_HIT
content-length: 451
last-modified: Thu, 14 Nov 2019 15:26:03 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F5C9DD6E"
x-azure-ref: 0NJHzYwAAAABg0Jyhk4CIT56236l851HwRlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e687898b-c01e-003a-3020-421442000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 center.png
static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/hands/white/ Frame 824B 2 KB
2 KB 10ms
10ms Image
image/png 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/css/images/hands/white/center.png
Requested by: Host: static.rolex.com
URL: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/js/rolex-core-1.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 02489b187242ef49650332942f0c28c19d2700d397cac8cbe734d8b1da235f93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.rolex.com/clocks/2019/rogercup_desk_en_toronto_HTML_282x100/rolex.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:44 GMT
x-azure-ref-originshield: 0+6buYwAAAABcIGcpGR95Rb1vvoSp4kN4RlJBMjMxMDUwNDE4MDMxADJkZDVkZDAyLTU3YjktNDZhNS1hMmEwLTc1ZTJkY2FhYzI5MA==
content-md5: 44jyl0iQHNcu/XQuceKw+w==
x-cache: TCP_HIT
content-length: 1983
last-modified: Thu, 14 Nov 2019 15:26:03 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D76916F5F07F4C"
x-azure-ref: 0NJHzYwAAAADd5S0E6rikRKztaBEffwY5RlJBMzFFREdFMDQwNgAyZGQ1ZGQwMi01N2I5LTQ2YTUtYTJhMC03NWUyZGNhYWMyOTA=
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f4dde98e-201e-0022-6620-42cb25000000
access-control-expose-headers: Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: public, max-age=2592000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H/1.1 200
OK dest5.html Show response
nationalbankofcanada.demdex.net/ Frame 1B01 7 KB
3 KB 966ms
130ms Document
text/html 34.254.165.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nationalbankofcanada.demdex.net/dest5.html?d_nsid=undefined

Requested by

Host: www.bnc.ca
URL: https://www.bnc.ca/content/dam/bnc/fr/outils/adobeanalytics/VisitorAPI.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.165.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-165-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://nationalbankopen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v046-0b284ccfd.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: OnAokJg8QKM=
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:46 GMT
last-modified: Wed, 8 Feb 2023 11:31:26 GMT
vary: accept-encoding

GET id
nationalbankofcanada.d2.sc.omtrdc.net/ 0
0

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y-ORNQAAAEnXwAOV
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=08620288859865270480083353299093669004
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-ORNQAAAEnXwAOV

42 B
942 B

168ms
167ms

Image
image/gif

52.50.220.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-ORNQAAAEnXwAOV

Requested by

Host: nationalbankopen.com
URL: https://nationalbankopen.com/

Protocol

HTTP/1.1

Server

52.50.220.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-220-58.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankopen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-06d22350d.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: BOGFIBtyQtw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-ORNQAAAEnXwAOV
Date: Mon, 20 Feb 2023 15:26:45 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3 200 /
www.facebook.com/tr/ Frame A4F0 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=539940418075449&ev=Microdata&dl=https%3A%2F%2F12743290.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIe089K0pP0CFcmUmwodIcMGhw%3Bsrc%3D12743290%3Btype%3Dnboobn%3Bcat%3Dtenni0%3Bord%3D1%3Bnum%3D1251698602957%3Bgtm%3D45He32f0%3Bauiddc%3D500775428.1676906804%3B~oref%3Dhttps%253A%252F%252Fnationalbankopen.com%252F%3F&rl=https%3A%2F%2Fnationalbankopen.com%2F&if=true&ts=1676906805691&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.96&r=stable&ec=1&o=30&it=1676906804009&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: nationalbankopen.com
URL: https://nationalbankopen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12743290.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 20 Feb 2023 15:26:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESENsGPut0ycrx5wAuZIuIfw0&google_cver=1
dpm.demdex.net/ Frame 1B01
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDg2MjAyODg4NTk4NjUyNzA0ODAwODMzNTMyOTkwOTM2NjkwMDQ=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENsGPut0ycrx5wAuZIuIfw0&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

123ms
123ms

Image
image/gif

52.50.220.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENsGPut0ycrx5wAuZIuIfw0&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.50.220.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-220-58.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-095a32b2e.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: lNyB11RjSYM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENsGPut0ycrx5wAuZIuIfw0&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 0CA3 0
182 B 107ms
31ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=r0vkorq&ref=https%3A%2F%2Fnationalbankopen.com%2F&upid=kfa26lu&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nationalbankopen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Mon, 20 Feb 2023 15:26:46 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 8A64 0
181 B 107ms
32ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=s694vku&ref=https%3A%2F%2Fnationalbankopen.com%2F&upid=chkn1c2&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nationalbankopen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Mon, 20 Feb 2023 15:26:46 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 hbpix
idpix.media6degrees.com/orbserv/ Frame 1B01 43 B
205 B 345ms
115ms Image
image/gif 2606:4700::6812:16ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=08620288859865270480083353299093669004
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:16ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:46 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 08 Sep 2017 18:54:28 GMT
server: cloudflare
etag: "59b2e764-2b"
content-type: image/gif
accept-ranges: bytes
cf-ray: 79c84334fd5c3636-FRA
content-length: 43

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 1B01
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1PUk5RQUFBRW5Yd0FPVg&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEAIrlfXP9PgyeHptbGH1wBk&google_cver=1
https://pixel.everesttech.net/1x1

128 B
796 B

34ms
34ms

Image
image/png

52.31.229.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.31.229.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-229-114.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 15:26:46 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 20 Feb 2023 15:26:46 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 1B01
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1PUk5RQUFBRW5Yd0FPVg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEA...
https://pixel.everesttech.net/1x1

128 B
691 B

30ms
30ms

Image
image/png

52.31.229.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.31.229.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-229-114.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 15:26:46 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 20 Feb 2023 15:26:46 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 1B01
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1PUk5RQUFBRW5Yd0FPVg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
https://pixel.everesttech.net/1x1

128 B
691 B

31ms
31ms

Image
image/png

52.31.229.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.31.229.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-229-114.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 15:26:46 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b516-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 20 Feb 2023 15:26:46 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 1B01
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1PUk5RQUFBRW5Yd0FPVg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
https://pixel.everesttech.net/1x1

128 B
691 B

31ms
30ms

Image
image/png

52.31.229.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.31.229.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-229-114.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 15:26:46 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 20 Feb 2023 15:26:46 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 1B01
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1PUk5RQUFBRW5Yd0FPVg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
https://pixel.everesttech.net/1x1

128 B
691 B

38ms
33ms

Image
image/png

52.31.229.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.31.229.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-229-114.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 15:26:46 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 20 Feb 2023 15:26:46 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=26B791899D5D657A1BB183379C8F64CD
dpm.demdex.net/ Frame 1B01
Redirect Chain

https://c.bing.com/c.gif?uid=08620288859865270480083353299093669004&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=26B791899D5D657A1BB183379C8F64CD

42 B
942 B

249ms
162ms

Image
image/gif

52.50.220.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=26B791899D5D657A1BB183379C8F64CD

Protocol

HTTP/1.1

Server

52.50.220.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-220-58.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-0bf7d8264.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: opxh7ddmQdM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8525F2D3672746DB945695C791571DF0 Ref B: FRAEDGE2019 Ref C: 2023-02-20T15:26:46Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=26B791899D5D657A1BB183379C8F64CD
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 1B01
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1PUk5RQUFBRW5Yd0FPVg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
https://pixel.everesttech.net/1x1

128 B
691 B

31ms
31ms

Image
image/png

52.31.229.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.31.229.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-229-114.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 15:26:46 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 20 Feb 2023 15:26:46 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 1B01
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=08620288859865270480083353299093669004&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
960 B

127ms
119ms

Image
image/gif

52.50.220.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Protocol

HTTP/1.1

Server

52.50.220.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-220-58.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-0040bba41.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: MjNZG+edSxQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 303,104
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Mon, 20 Feb 2023 15:26:46 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

ibs:dpid=575&dpuuid=-8680690130162466183
dpm.demdex.net/ Frame 1B01
Redirect Chain

https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=08620288859865270480083353299093669004
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-8680690130162466183

42 B
942 B

292ms
109ms

Image
image/gif

52.50.220.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=575&dpuuid=-8680690130162466183

Protocol

HTTP/1.1

Server

52.50.220.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-220-58.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v046-006ebecd7.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: riusdyu1QKc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:46 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-5.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
location: https://dpm.demdex.net/ibs:dpid=575&dpuuid=-8680690130162466183
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H/1.1

200
OK

ibs:dpid=73426&dpuuid=08620288859865270480083353299093669004
dpm.demdex.net/ Frame 1B01
Redirect Chain

https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=08620288859865270480083353299093669004&rn=1676906805240&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D086202888598652...
https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=08620288859865270480083353299093669004&rn=1676906805240&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D08620288859865...
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=08620288859865270480083353299093669004

42 B
942 B

192ms
128ms

Image
image/gif

52.50.220.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=73426&dpuuid=08620288859865270480083353299093669004

Protocol

HTTP/1.1

Server

52.50.220.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-220-58.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-0725af682.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: e6XrF6HLSBA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=73426&dpuuid=08620288859865270480083353299093669004
date: Mon, 20 Feb 2023 15:26:46 GMT
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
content-length: 0
x-amz-cf-id: ysW46Poj-6TocGu_ov9RAWmO2qUnekfmrGMHE5V4JLBxli1Yrgipow==
x-cache: Miss from cloudfront

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 1B01
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=08620288859865270480083353299093669004
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=08620288859865270480083353299093669004

0
338 B

121ms
31ms

Image
text/plain

108.128.244.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=08620288859865270480083353299093669004
Protocol: H2
Server: 108.128.244.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-244-129.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-served-by: beacon-n016-dub-prod.krxd.net
date: Mon, 20 Feb 2023 15:26:47 GMT
cache-control: private, no-cache, no-store
x-request-time: D=90 t=1676906807
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=08620288859865270480083353299093669004
date: Mon, 20 Feb 2023 15:26:47 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a006-ash-prod.krxd.net

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=
dpm.demdex.net/ Frame 1B01
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=08620288859865270480083353299093669004?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

42 B
960 B

239ms
162ms

Image
image/gif

52.50.220.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

Protocol

HTTP/1.1

Server

52.50.220.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-220-58.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v046-0f6cf9230.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: XZ7SjHKMT8w=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 104,300
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:46 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
cache-control: no-cache
x-server: 10.45.27.240
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B01
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1PUk5RQUFBRW5Yd0FPVg==

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1PUk5RQUFBRW5Yd0FPVg==

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220020-HHN
pragma: no-cache
date: Mon, 20 Feb 2023 15:26:46 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1676906807.736059,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1PUk5RQUFBRW5Yd0FPVg==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1B01
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y-ORNQAAAEnXwAOV&expires=90

0
239 B

44ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y-ORNQAAAEnXwAOV&expires=90
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-hhn-etou8220020-HHN
pragma: no-cache
date: Mon, 20 Feb 2023 15:26:46 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1676906807.736620,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y-ORNQAAAEnXwAOV&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1B01
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-ORNQAAAEnXwAOV
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-ORNQAAAEnXwAOV&C=1

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-ORNQAAAEnXwAOV&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Feb 2023 15:26:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 20 Feb 2023 15:26:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=88&external_user_id=Y-ORNQAAAEnXwAOV&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1B01
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=Y-ORNQAAAEnXwAOV

43 B
1 KB

44ms
16ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=Y-ORNQAAAEnXwAOV

Protocol

HTTP/1.1

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Feb 2023 15:26:46 GMT
AN-X-Request-Uuid: ad67c9de-396e-4e41-9927-7551a7ce7e89
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.194.163; 217.138.194.163; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220020-HHN
pragma: no-cache
date: Mon, 20 Feb 2023 15:26:46 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1676906807.736644,VS0,VE0
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=Y-ORNQAAAEnXwAOV
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1B01
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y-ORNQAAAEnXwAOV

43 B
273 B

66ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y-ORNQAAAEnXwAOV
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:46 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220020-HHN
pragma: no-cache
date: Mon, 20 Feb 2023 15:26:46 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1676906807.736879,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y-ORNQAAAEnXwAOV
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1B01
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-ORNQAAAEnXwAOV

1 B
453 B

61ms
15ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-ORNQAAAEnXwAOV
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 20 Feb 2023 15:26:46 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-hhn-etou8220020-HHN
pragma: no-cache
date: Mon, 20 Feb 2023 15:26:46 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1676906807.760580,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-ORNQAAAEnXwAOV
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 1B01
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y-ORNQAAAEnXwAOV&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y-ORNQAAAEnXwAOV&img=1&__user_check__=1&sync_id=fcefae81-b132-11ed-b8d0-1093d7b30406

43 B
549 B

16ms
15ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y-ORNQAAAEnXwAOV&img=1&__user_check__=1&sync_id=fcefae81-b132-11ed-b8d0-1093d7b30406
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 15:26:46 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 104
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 20 Feb 2023 15:26:46 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=6409&uid=Y-ORNQAAAEnXwAOV&img=1&__user_check__=1&sync_id=fcefae81-b132-11ed-b8d0-1093d7b30406
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 7
Connection: keep-alive
Content-Length: 0

GET
H3

200

b.php
www.facebook.com/fr/ Frame 1B01
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y-ORNQAAAEnXwAOV&t=2592000&o=0

43 B
70 B

40ms
40ms

Image
image/gif

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y-ORNQAAAEnXwAOV&t=2592000&o=0

Protocol

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:26:46 PST
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: NY9Ds1K7XmDZlDFqubapP/aDWBNindb1srex+GHKE04QXpBe+94KoAnQ0HGbT3TudmDKqwj1PdEzt7drG0en4g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
origin-agent-cluster: ?0
cache-control: public, max-age=0
priority: u=3,i
expires: Mon, 20 Feb 2023 07:26:46 PST

Redirect headers

x-served-by: cache-hhn-etou8220020-HHN
pragma: no-cache
date: Mon, 20 Feb 2023 15:26:46 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1676906807.760595,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y-ORNQAAAEnXwAOV&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

ibs:dpid=275754&dpuuid=AAIf607H5yIAACGZRCtVPA
dpm.demdex.net/ Frame 1B01
Redirect Chain

https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=&_bee_ppp=1
https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAIf607H5yIAACGZRCtVPA?gdpr=0

42 B
942 B

121ms
120ms

Image
image/gif

52.50.220.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAIf607H5yIAACGZRCtVPA?gdpr=0

Protocol

HTTP/1.1

Server

52.50.220.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-220-58.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v046-07254eae8.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: DY48N5CxSCk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAIf607H5yIAACGZRCtVPA?gdpr=0
Date: Mon, 20 Feb 2023 15:26:46 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: acuityplatform.com
URL: https://acuityplatform.com/Adserver/pxlj/1444178374629230873?

Domain: nationalbankofcanada.d2.sc.omtrdc.net
URL: https://nationalbankofcanada.d2.sc.omtrdc.net/id?d_visid_ver=1.10.0&d_fieldgroup=A&mcorgid=1E24776A524450D90A490D44%40AdobeOrg&mid=01492048176661172920634091841704922472&ts=1676906805330

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nationalbankopen.com/	1970-01-20 11:58:02	Name: _gcl_au Value: 1.1.500775428.1676906804
.adnxs.com/	1970-01-20 11:58:02	Name: uuid2 Value: 6450669433450101608
nationalbankopen.com/	1969-12-31 23:59:59	Name: rogers_popup Value: {%22counter%22:1%2C%22visited_urls%22:[%22https://nationalbankopen.com/%22]}
.doubleclick.net/	1970-01-20 19:10:02	Name: IDE Value: AHWqTUkWJQaJyqZT8xD9dciLJdHBTqQTM0rLko5iCCi1caQTC_HITTOpcev9v8rBaw0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: kf1sQoALjQg
.youtube.com/	1970-01-20 14:07:38	Name: VISITOR_INFO1_LIVE Value: YaPOIzkT4Ds
.youtube.com/	1970-01-20 14:07:38	Name: DEVICE_INFO Value: ChxOekl3TWpJMU9UZzNPRGt3TURVek5ETTNOZz09ELOizp8GGLOizp8G
.nationalbankopen.com/	1970-01-20 19:24:26	Name: _ga Value: GA1.2.1418668334.1676906804
.nationalbankopen.com/	1970-01-20 09:49:53	Name: _gid Value: GA1.2.870722678.1676906804
.nationalbankopen.com/	1970-01-20 09:48:26	Name: _gat Value: 1
.nationalbankopen.com/	1970-01-20 11:58:02	Name: _fbp Value: fb.1.1676906804076.1872324825
.nationalbankopen.com/	1970-01-20 18:34:02	Name: _hjSessionUser_2543733 Value: eyJpZCI6Ijg1NjZkNTYzLWU0NTEtNTNkOS1hMDgzLTNhMWE4Nzk3ODExMyIsImNyZWF0ZWQiOjE2NzY5MDY4MDQwNTksImV4aXN0aW5nIjpmYWxzZX0=
.nationalbankopen.com/	1970-01-20 09:48:28	Name: _hjFirstSeen Value: 1
.nationalbankopen.com/	1970-01-20 09:48:26	Name: _hjIncludedInSessionSample_2543733 Value: 1
.nationalbankopen.com/	1970-01-20 09:48:28	Name: _hjSession_2543733 Value: eyJpZCI6IjJhYzUxYzFjLThhYzMtNGZlNi1iOTg4LTU4Y2I3NjMzMTg4NyIsImNyZWF0ZWQiOjE2NzY5MDY4MDQxMzksImluU2FtcGxlIjp0cnVlfQ==
nationalbankopen.com/	1970-01-20 09:48:26	Name: _hjIncludedInPageviewSample Value: 1
.nationalbankopen.com/	1970-01-20 09:48:28	Name: _hjAbsoluteSessionInProgress Value: 0
widget-mediator.zopim.com/	1970-01-20 09:58:31	Name: AWSALBCORS Value: J36rrIWVmUXxk0rOWyHQkM1gbM96ej/TUSP19h/s6IWRuJt88TfW1hv0Pd9J46HXDqJB3DNldfnDseYvi3eqOJcJFg0UvmBasybu7kZJCPXgr4Dod5QfZWF6uH7A
.nationalbankopen.com/	1970-01-20 19:24:26	Name: _ga_1HBTKC8GNZ Value: GS1.1.1676906803.1.0.1676906804.59.0.0
.demdex.net/	1970-01-20 14:07:38	Name: demdex Value: 08620288859865270480083353299093669004
nationalbankopen.com/	1969-12-31 23:59:59	Name: AMCVS_1E24776A524450D90A490D44%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 18:34:02	Name: everest_g_v2 Value: g_surferid~Y-ORNQAAAEnXwAOV
.dpm.demdex.net/	1970-01-20 14:07:38	Name: dpm Value: 08620288859865270480083353299093669004
nationalbankopen.com/	1970-01-20 19:24:26	Name: AMCV_1E24776A524450D90A490D44%40AdobeOrg Value: -1330315163%7CMCMID%7C01492048176661172920634091841704922472%7CMCAAMLH-1677511605%7C6%7CMCAAMB-1677511605%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1676914005s%7CNONE%7CMCSYNCSOP%7C411-19416
.eyeota.net/	1970-01-20 09:48:27	Name: SERVERID Value: 18799~DM
.bing.com/	1970-01-20 19:10:02	Name: MUID Value: 26B791899D5D657A1BB183379C8F64CD
.c.bing.com/	1970-01-20 09:58:31	Name: MR Value: 0
.everesttech.net/	1970-01-20 10:33:05	Name: ev_sync_ax Value: 20230220
.everesttech.net/	1969-12-31 23:59:59	Name: everest_session_v2 Value: Y-ORNgAABYvUuSP8
.demdex.net/	1970-01-20 14:07:38	Name: dextp Value: 771-1-1676906806308\|992-1-1676906806321\|1083-1-1676906806336\|1085-1-1676906806351\|1086-1-1676906806367\|1087-1-1676906806382\|1088-1-1676906806397\|1957-1-1676906806412\|19913-1-1676906806431\|30064-1-1676906806446\|575-1-1676906806461\|73426-1-1676906806476\|66757-1-1676906806491\|121998-1-1676906806506\|144230-1-1676906806522\|144231-1-1676906806538\|144232-1-1676906806552\|144233-1-1676906806568\|144234-1-1676906806583\|144235-1-1676906806598\|144236-1-1676906806618\|144237-1-1676906806630\|275754-1-1676906806644
.adnxs.com/	1970-01-20 11:58:02	Name: anj Value: dTM7k!M4.FErk#WF']wIg2In>fMR5p!]tb`8i_jAez_UZ18%3FC5q'c8^#A:kA_t`</p<tH5_bfF=Uc2D$25A)(rF5k*pv7Pm7tCgBQ8x%vhLj)fy-$4e-Mz
.pubmatic.com/	1970-01-20 11:58:02	Name: KRTBCOOKIE_218 Value: 4056-Y-ORNQAAAEnXwAOV&KRTB&22978-Y-ORNQAAAEnXwAOV&KRTB&23194-Y-ORNQAAAEnXwAOV&KRTB&23209-Y-ORNQAAAEnXwAOV
.pubmatic.com/	1970-01-20 10:31:38	Name: PugT Value: 1676906806
.spotxchange.com/	1970-01-20 10:28:46	Name: audience Value: fcefae2b-b132-11ed-b8d0-1093d7b30406
.casalemedia.com/	1970-01-20 18:34:02	Name: CMID Value: Y-ORNq7TZj52800jbQ-THgAA
.casalemedia.com/	1970-01-20 11:58:02	Name: CMPS Value: 1124
.casalemedia.com/	1970-01-20 11:58:02	Name: CMPRO Value: 1124
.bidr.io/	1970-01-20 19:16:56	Name: bito Value: AAIf607H5yIAACGZRCtVPA
.bidr.io/	1970-01-20 19:16:56	Name: bitoIsSecure Value: ok
.krxd.net/	1970-01-20 14:07:38	Name: _kuid_ Value: PZB2-wTV

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://acuityplatform.com/Adserver/pxlj/1444178374629230873? Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://tag.retargeter.com/rt/3139/rt.min.js?t=19408 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12743290.fls.doubleclick.net
4923687.fls.doubleclick.net
5357220.fls.doubleclick.net
6037123.fls.doubleclick.net
acuityplatform.com
ads.scorecardresearch.com
adservice.google.com
beacon.krxd.net
c.bing.com
cdn.mouseflow.com
cdnjs.cloudflare.com
chat.satis.fi
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
dsum-sec.casalemedia.com
ekr.zdassets.com
fei.pro-market.net
googleads.g.doubleclick.net
ib.adnxs.com
idpix.media6degrees.com
image2.pubmatic.com
in.hotjar.com
insight.adsrvr.org
js.adsrvr.org
match.prod.bidr.io
nationalbankofcanada.d2.sc.omtrdc.net
nationalbankofcanada.demdex.net
nationalbankopen.com
pixel.everesttech.net
pixel.rubiconproject.com
prod-satisfilabs-resources-gcs.satis.fi
ps.eyeota.net
region1.analytics.google.com
script.hotjar.com
secure.adnxs.com
static.hotjar.com
static.rolex.com
static.zdassets.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
tag.retargeter.com
tcadserver.rain-digital.ca
us-u.openx.net
usermatch.krxd.net
v2.zopim.com
vars.hotjar.com
w.soundcloud.com
www.bnc.ca
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
acuityplatform.com
nationalbankofcanada.d2.sc.omtrdc.net
104.16.107.139
104.18.70.113
104.64.112.94
108.128.244.129
13.224.189.10
13.224.189.26
13.225.78.101
13.225.78.63
13.225.85.149
141.193.213.10
141.193.213.11
142.250.185.166
142.250.185.226
151.101.66.49
151.139.128.10
18.203.152.154
18.205.204.69
18.66.15.12
185.64.189.110
185.80.39.216
185.89.210.141
185.89.210.153
185.94.180.125
2001:4860:4802:34::36
2600:1901:0:8eee::
2606:4700::6811:180e
2606:4700::6812:16ea
2620:1ec:4e:1::44
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:400d:808::2004
2a00:1450:400d:80e::2008
2a00:1450:4025:401::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.121.27.153
34.111.146.217
34.254.165.240
35.185.45.56
35.244.159.8
35.244.160.208
35.71.131.137
52.208.98.204
52.31.229.114
52.48.136.44
52.50.220.58
63.34.186.145
69.173.144.165
02489b187242ef49650332942f0c28c19d2700d397cac8cbe734d8b1da235f93
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0406a85c3413b7f6f5a2afa24381b30be765d76a732d6006bab7458dff48bd9e
09d6a82814d0aa348ec6051fd5e861b3853fb29aa1f9ac9a9e24693595ff98d0
0b5ec5d80efdc2ccfde533c9f4952b159fa14b50320a4b9ebf6d0e9963d431dc
0b7f26e99108e20145123456e95a533ae78b059180e2e4f0925daa79469832dc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cad534a8ad95abaa529495f352e357cb02459ecfbf49123d1bcc9bdfa2ebab8
0d92baf6fb5e9702284b08171e5cb71811fcbd81f0f68d1b58a991b7906141e3
12c2d000e5a6032fb72ffaec924492f50c5c1f7efd08983ae977ab22f093001d
15f3435a23e229b215ca119c4a2d876cd99bd71bc0fb3b0429e0f1f7f90aba29
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16eaaee71aba530be0a224ca50e8856e6b497925fd4405148889d4dfc5ba0a39
2139be9a481a8fe05fa3d267455d2106a968cf8d056cb331e2415269f7762fc3
21437cf9c0d87c2e3c6ade864137f5536fd865a64333075ce431174e342dee74
25eca592f3785484d9098120c463294ce6e805e7c5a8ccf81a8b8b35f2de91e1
29e6ab5f1b1f9f4b555bad1fbb2da5f4c138898e2f1d494f9a2f357e1fc73e88
2d2ace1d858beb521a39960cc81249567788a6e2815f603042f7ea3c835a3313
32a9e55359d72ced7b4a934c2cf438f4120c5b8956ed57a04b305d1ac69bb5d0
343d550f3cb59df0b5435e1cedc541a56b12c2f6c00f3fe80b2036b681e47c32
3b8378ef6b1f94981d826859346cea71f0eb67c7bbd409a83f55916c65444b5b
3ca5f1edbf341cf6dc07751e3155baf576680671a52e59823ec87879dc66ae22
40888af7ecd3e869bf6550194e0691252107831b99a7d2075711e40bbbb64201
41a9735e301338e9df8c4ecaeb916cc798b49ac38ba9740b784cd02f42eaaf97
4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca0f5729436e36f25fb2444c341ea13eedd1b4256419f3a25bec63904dfe2e0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8fecfc2889e8ae6af4411b56ed319ec682f093bfa9e4656a576235e8035dbe
4eb6027e96160824a1aa717fe0d134a9511c42c4186157ef07cfc5f9a820ef29
4ebcb9cbe99245adf9d197d1cc6b47356d3d1db5e5edd24125a130b7ef5e20f0
5020c5c74d261f081fddf088978d19b0269ee43b218c883c733167d291411e16
51e949da090f46611b0e131fe1480066690cf404386ee8993184d432f7b4e8fb
52ea7a22b775d2b8989634eedad7bd2941c054b5b9098cfe55852aff43382deb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
593a68ade2fe9f17eed6f55d03c2c0ee118d128cccefd81b1457537a97ecbea4
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59ef7f32b5ba12e522d05e92ebb722177174c4e1c235d0756a34d841f0b7d72f
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
60d55518cfc595af8a4cbfb2a4d09abb705ba4a212ce60f7cd2005ff0c93a231
610c934df3c85c1caa5336a9a2198ad6b6a11407cb16e6b02faf5135be7521a6
65e11faf1a19a53006b7a2351290fc395974768f2dd3ee4b81282372a949c24a
6add7cecb53f7d1c2c26f4c5f3e7b87abdacf5bf6af43b3905d3ea62759b1a77
6c744c6e63874fd33f1cef1019888795951471595e2cc9dc868e27b74e2e5cf0
723ae9887c2eeb0ef2db475a2186ea95b7f34f66011a3650156f4d9ceb00f017
750dcf63fe002c865e0f704306e9954ace9212f8a71f2fe8a4bd22d41d10f06a
76ff8fb73041c0c36887086bef8de4a0feefef4698ac68315697e4a979a93e94
77b20de5289b8b4e568465be38c98c336d52e4b87a3c9a744a37e8ef677c6159
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d6c39ae510c9f4ce91311508f591c84c0009b3a6bb34a5790b65697a3a6f98
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84fd53c6a8ac1f66c4166ec099766a4cff3eb93f3ab1a4d51e60cbdcc1a86ff4
8964053f400dca34977ee06a530df5a93a5613b67b6dcc6adda3faf65a6eeb12
8a593c994f5b0b61e0626779fb9448e29e23436c2e08653135839a8f752fe566
8dc6293742b103cd51292133a4e5a73361429a6320a7e7b53b03522b299ea41d
9352fd9ae27e18eb3eb1d579fd2bd63954f5819a4e516c877402e148cd77f9e7
98ba2b13fc00b5a97b7edff08111fa2ced3daeac939545630d0fd257f9ee6c22
9bd68d2a06a8537da4c23765cc872c57bc91ece9069c45920fe7069670db53f0
9c5b37a9d539ea9198f1670d2e943533c41b1e98fd03f7a8c8877277c4be5cd1
9c7808f8e99aabb6e8f7295faf5e96fcb7386052fa4a7ffe7d7400479d811859
a0d46e45ced60b3d4ea9007f428b6192801c7fbb1016101c7f471e5db469fb26
a3711a3146a469e215b96790d4194a1e38433a07eb1b6fd5fb5ee811986aa808
a8c5f0592db51e5bce4c757dfb94cb1ca930d8f5c1f2f35f59d3e18c3c26174a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3
b57c4a31008a31be5edfb1c9d41d0bb9d0106e093b06ba6b43906bf8dc5afe3c
bda4626079d40384245b08cf2cbe79ba640b342ae024acefa024896a51a5d92f
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c0e09e793fb79507dc97ed702a4c2c9c00ab4d1677bd45bcd112e203c96dd661
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c42ba4787cb565671ee01e77b5825f78152474cfbc5b3c1b11ba1a5eb6cfab5e
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
cb19f5976cb508c369d2f844bf7cb0a49dd5aeef00af10efe961715eb462ad04
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ced598533b1cbcb0c15bcb72834a49e6e9a8769a23db6ede7f4ff0c43818ff0d
cfeda91a1bbe2bfd7bcac746ed2e5af8e7dd1039b6b8d780f329a7f39b540801
d09c2958b18bba0794da34c5ad7639cd34c226651672407e8930bd0ffae87a05
d12a0d30f346e809bdceea8650532c61412880392c78634330350133ca69b58b
d1d73b3db89a7ba0b25c382eb337919af53b8696ad362901d4f9412cd6cab932
d6002ddf1abb1f5c8d7535ffbbf5e5bef31c8299a8d06f1278c5511c016b5d08
dc608326c9620e7df87da46c341cabbbc7eefc5069c2099085b484975bd7d32d
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
df57959f4855ea8956f132d27130564a68c11270a90ad00615ea8ddcd0ea5905
e06e9fa0c40a8cc645b697a45747eb06cb230ca0a48862a26847435d314ab228
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61c681f09c8727469b11dc4bf57067429df88f5d8c58d9be673d8f83a9dbd9e
e6213bc75147efbaab2f10468065f2c2e9ea0bffb26c9972d18fff7974c0705d
e7a516867ee056ee9f4530c1ade0c0c94ab64b98f2737045f6884c43bd070e68
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eecb17e464400ccf4ef386885fd53f6e6105c2ca0e1084affce8dc6793c4f2f6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2af4132aa03dad52b1931332adb80b108aa1bbfd98ab868711f6265018108cb
f83f2e62c4f9cdbc4e5d715aef90367e6be23c17733ffe7b2be88f1dfac14893
f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e
fba55f1480eecd752896d73b303e80570d55d30f13ae95270f08e1a0a6b1db59
fde50f037e26084e2c58a5dbf699ed2e08401264822e96e7e9e09886de780489
fe7be71169532a67a19a2178113658e2cf55413a21635fcd0a89060c839a5be6
fe971a2f7da3d2357053fda7375bc86812556801f43a2440b9a8507d0556d960

nationalbankopen.com Open in urlscan Pro 141.193.213.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

166 Requests

82 %HTTPS

31 %IPv6

39 Domains

58 Subdomains

44 IPs

8 Countries

5534 kBTransfer

10626 kBSize

40 Cookies

16 Outgoing links

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nationalbankopen.com Open in urlscan Pro
141.193.213.10 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

82 %
HTTPS

31 %
IPv6

39
Domains

58
Subdomains

44
IPs

8
Countries

5534 kB
Transfer

10626 kB
Size

40
Cookies

166 HTTP transactions
0 data transactions