urlscan.io logo urlscan.io
SecurityTrails logo

napariverinsurance.eredcraft.com Open in urlscan Pro
104.238.116.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://go.hudsoninsgroup.com/e3t/Btc/RF+113/cs6X904/VXjnmD8xYVppW92BcQS110k9zW67tPB74C5MgxN1qZLrB3lLBmV1-WJV7CgXLvW5GkC5f5wNr...
Effective URL: https://napariverinsurance.eredcraft.com/holiday21/nr.html
Submission: On December 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 31 HTTP transactions. The main IP is 104.238.116.132, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is napariverinsurance.eredcraft.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 16th 2021. Valid for: a year.
This is the only time napariverinsurance.eredcraft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:2c40::c7... 209242 (CLOUDFLAR...)
1 10 104.238.116.132 26496 (AS-26496-...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:214... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42:200... 54113 (FASTLY)
1 52.218.169.17 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
31 10
2    2606:2c40::c73c:671d (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
go.hudsoninsgroup.com
10    104.238.116.132 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-104-238-116-132.ip.secureserver.net
napariverinsurance.eredcraft.com
4    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2600:9000:214f:9400:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.jwplatform.com
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a04:4e42:200::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
1    52.218.169.17 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
redcraftvideos.s3.us-west-2.amazonaws.com
3    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
10 napariverinsurance.eredcraft.com 1 redirects go.hudsoninsgroup.com
napariverinsurance.eredcraft.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
napariverinsurance.eredcraft.com
4 maxcdn.bootstrapcdn.com napariverinsurance.eredcraft.com
3 www.gstatic.com content.jwplatform.com
www.gstatic.com
3 ssl.p.jwpcdn.com content.jwplatform.com
2 www.googletagmanager.com napariverinsurance.eredcraft.com
2 content.jwplatform.com napariverinsurance.eredcraft.com
2 ajax.googleapis.com napariverinsurance.eredcraft.com
2 go.hudsoninsgroup.com 1 redirects
1 redcraftvideos.s3.us-west-2.amazonaws.com napariverinsurance.eredcraft.com
31 10

This site contains no links.

Subject Issuer Validity Valid
go.hudsoninsgroup.com
Cloudflare Inc ECC CA-3		 2021-07-30 -
2022-07-29		 a year crt.sh
*.eredcraft.com
Go Daddy Secure Certificate Authority - G2		 2021-05-16 -
2022-06-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
jwplayer.com
Amazon		 2021-01-29 -
2022-02-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-20 -
2022-05-22		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2021-03-26 -
2022-03-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://napariverinsurance.eredcraft.com/holiday21/nr.html
Frame ID: A8F4F3D799C867A3DC6D22D2C2680410
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Napa River

Page URL History Show full URLs

  1. https://go.hudsoninsgroup.com/e3t/Btc/RF+113/cs6X904/VXjnmD8xYVppW92BcQS110k9zW67tPB74C5MgxN1qZLrB3lLBmV1-... Page URL
  2. https://go.hudsoninsgroup.com/events/public/v1/encoded/track/tc/RF+113/cs6X904/VXjnmD8xYVppW92BcQS110k9zW6... HTTP 307
    https://napariverinsurance.eredcraft.com/holiday21?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHgJ... HTTP 301
    https://napariverinsurance.eredcraft.com/holiday21/?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHg... Page URL
  3. https://napariverinsurance.eredcraft.com/holiday21/nr.html Page URL

Page Statistics

31
Requests

100 %
HTTPS

80 %
IPv6

10
Domains

10
Subdomains

10
IPs

2
Countries

780 kB
Transfer

3533 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://go.hudsoninsgroup.com/e3t/Btc/RF+113/cs6X904/VXjnmD8xYVppW92BcQS110k9zW67tPB74C5MgxN1qZLrB3lLBmV1-WJV7CgXLvW5GkC5f5wNrLmW9j2bGH27yZb5VpPgGv4RQVNVN3T8zsQK_G8GW3RKHsJ3HCbL9VRYxZW2K4CpKW1CxjRr6FBr29Vb-fVs1HbQkKV-1FvD3H3nckW8J98sn5T0X5XW5Y-R2D1wMWJ_W7FbZ-c61FfcNW5KxTfd13CpZfW8K52Mh94Rmc9W8ZmHgJ1t6ZG2V5-Kcp2Dznq-W1ctCsp2jV_gsN8ZJ6nQ6y8SCW40Qhhk4yVvc_N2tRPnNKYt31W5xRJs96V-LxHW7TYBgn91y-XB2-S1 Page URL
  2. https://go.hudsoninsgroup.com/events/public/v1/encoded/track/tc/RF+113/cs6X904/VXjnmD8xYVppW92BcQS110k9zW67tPB74C5MgxN1qZLrB3lLBmV1-WJV7CgXLvW5GkC5f5wNrLmW9j2bGH27yZb5VpPgGv4RQVNVN3T8zsQK_G8GW3RKHsJ3HCbL9VRYxZW2K4CpKW1CxjRr6FBr29Vb-fVs1HbQkKV-1FvD3H3nckW8J98sn5T0X5XW5Y-R2D1wMWJ_W7FbZ-c61FfcNW5KxTfd13CpZfW8K52Mh94Rmc9W8ZmHgJ1t6ZG2V5-Kcp2Dznq-W1ctCsp2jV_gsN8ZJ6nQ6y8SCW40Qhhk4yVvc_N2tRPnNKYt31W5xRJs96V-LxHW7TYBgn91y-XB2-S1?_ud=3ae7f133-23f9-43ce-9365-98267b5a9974&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
    https://napariverinsurance.eredcraft.com/holiday21?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHgJfU7eYuwPRye4lMDzQJBmiWLQznWGIwhbSEMAb6ULh4Acms3jhEewhQCNAXRw3rvdnmQoQUNMTSCfJTzhpETcGIgrqaDRFsU&utm_content=195399577&utm_source=hs_email HTTP 301
    https://napariverinsurance.eredcraft.com/holiday21/?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHgJfU7eYuwPRye4lMDzQJBmiWLQznWGIwhbSEMAb6ULh4Acms3jhEewhQCNAXRw3rvdnmQoQUNMTSCfJTzhpETcGIgrqaDRFsU&utm_content=195399577&utm_source=hs_email Page URL
  3. https://napariverinsurance.eredcraft.com/holiday21/nr.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://go.hudsoninsgroup.com/events/public/v1/encoded/track/tc/RF+113/cs6X904/VXjnmD8xYVppW92BcQS110k9zW67tPB74C5MgxN1qZLrB3lLBmV1-WJV7CgXLvW5GkC5f5wNrLmW9j2bGH27yZb5VpPgGv4RQVNVN3T8zsQK_G8GW3RKHsJ3HCbL9VRYxZW2K4CpKW1CxjRr6FBr29Vb-fVs1HbQkKV-1FvD3H3nckW8J98sn5T0X5XW5Y-R2D1wMWJ_W7FbZ-c61FfcNW5KxTfd13CpZfW8K52Mh94Rmc9W8ZmHgJ1t6ZG2V5-Kcp2Dznq-W1ctCsp2jV_gsN8ZJ6nQ6y8SCW40Qhhk4yVvc_N2tRPnNKYt31W5xRJs96V-LxHW7TYBgn91y-XB2-S1?_ud=3ae7f133-23f9-43ce-9365-98267b5a9974&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
  • https://napariverinsurance.eredcraft.com/holiday21?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHgJfU7eYuwPRye4lMDzQJBmiWLQznWGIwhbSEMAb6ULh4Acms3jhEewhQCNAXRw3rvdnmQoQUNMTSCfJTzhpETcGIgrqaDRFsU&utm_content=195399577&utm_source=hs_email HTTP 301
  • https://napariverinsurance.eredcraft.com/holiday21/?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHgJfU7eYuwPRye4lMDzQJBmiWLQznWGIwhbSEMAb6ULh4Acms3jhEewhQCNAXRw3rvdnmQoQUNMTSCfJTzhpETcGIgrqaDRFsU&utm_content=195399577&utm_source=hs_email

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VXjnmD8xYVppW92BcQS110k9zW67tPB74C5MgxN1qZLrB3lLBmV1-WJV7CgXLvW5GkC5f5wNrLmW9j2bGH27yZb5VpPgGv4RQVNVN3T8zsQK_G8GW3RKHsJ3HCbL9VRYxZW2K4CpKW1CxjRr6FBr29Vb-fVs1HbQkKV-1FvD3H3nckW8J98sn5T0X5XW5Y-R2D1wM...
go.hudsoninsgroup.com/e3t/Btc/RF+113/cs6X904/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.hudsoninsgroup.com/e3t/Btc/RF+113/cs6X904/VXjnmD8xYVppW92BcQS110k9zW67tPB74C5MgxN1qZLrB3lLBmV1-WJV7CgXLvW5GkC5f5wNrLmW9j2bGH27yZb5VpPgGv4RQVNVN3T8zsQK_G8GW3RKHsJ3HCbL9VRYxZW2K4CpKW1CxjRr6FBr29Vb-fVs1HbQkKV-1FvD3H3nckW8J98sn5T0X5XW5Y-R2D1wMWJ_W7FbZ-c61FfcNW5KxTfd13CpZfW8K52Mh94Rmc9W8ZmHgJ1t6ZG2V5-Kcp2Dznq-W1ctCsp2jV_gsN8ZJ6nQ6y8SCW40Qhhk4yVvc_N2tRPnNKYt31W5xRJs96V-LxHW7TYBgn91y-XB2-S1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc8e47321556be131409009f3efcdb555aa6e8cbf5f6cc80a277a141740eaf42

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 15 Dec 2021 17:28:04 GMT
content-type
text/html;charset=utf-8
cf-ray
6be162e3dd1b599b-MXP
last-modified
Wed, 15 Dec 2021 17:28:04 GMT
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-hubspot-correlation-id
57defeb8-210d-4b42-a0d7-7f1b1bd708fa
x-robots-tag
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZEDla9UATPiA%2F5fbqvOVkImuRBx68qE6r6g%2BnjJRnNK86gQoWVuFibvdEclCwmUv8tFpX%2FVxNQigGHOSpZgWudC8ZIqF29K7E693XBKLZ%2FsINqQkF%2FUgnGCnaNJ6HnjLA4yu8MpaKKqXkSVfjo%2BUATgzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
/
napariverinsurance.eredcraft.com/holiday21/
Redirect Chain
  • https://go.hudsoninsgroup.com/events/public/v1/encoded/track/tc/RF+113/cs6X904/VXjnmD8xYVppW92BcQS110k9zW67tPB74C5MgxN1qZLrB3lLBmV1-WJV7CgXLvW5GkC5f5wNrLmW9j2bGH27yZb5VpPgGv4RQVNVN3T8zsQK_G8GW3RKHs...
  • https://napariverinsurance.eredcraft.com/holiday21?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHgJfU7eYuwPRye4lMDzQJBmiWLQznWGIwhbSEMAb6ULh4Acms3jhEewhQCNAXRw3rvdnmQoQUNMTSCfJTzh...
  • https://napariverinsurance.eredcraft.com/holiday21/?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHgJfU7eYuwPRye4lMDzQJBmiWLQznWGIwhbSEMAb6ULh4Acms3jhEewhQCNAXRw3rvdnmQoQUNMTSCfJTz...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://napariverinsurance.eredcraft.com/holiday21/?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHgJfU7eYuwPRye4lMDzQJBmiWLQznWGIwhbSEMAb6ULh4Acms3jhEewhQCNAXRw3rvdnmQoQUNMTSCfJTzhpETcGIgrqaDRFsU&utm_content=195399577&utm_source=hs_email
Requested by
Host: go.hudsoninsgroup.com
URL: https://go.hudsoninsgroup.com/e3t/Btc/RF+113/cs6X904/VXjnmD8xYVppW92BcQS110k9zW67tPB74C5MgxN1qZLrB3lLBmV1-WJV7CgXLvW5GkC5f5wNrLmW9j2bGH27yZb5VpPgGv4RQVNVN3T8zsQK_G8GW3RKHsJ3HCbL9VRYxZW2K4CpKW1CxjRr6FBr29Vb-fVs1HbQkKV-1FvD3H3nckW8J98sn5T0X5XW5Y-R2D1wMWJ_W7FbZ-c61FfcNW5KxTfd13CpZfW8K52Mh94Rmc9W8ZmHgJ1t6ZG2V5-Kcp2Dznq-W1ctCsp2jV_gsN8ZJ6nQ6y8SCW40Qhhk4yVvc_N2tRPnNKYt31W5xRJs96V-LxHW7TYBgn91y-XB2-S1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.238.116.132 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-104-238-116-132.ip.secureserver.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
41432fe641db8dbe2ddba4e848ef2d755ee28af3c4b07593ccb2591838270245

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://go.hudsoninsgroup.com/e3t/Btc/RF+113/cs6X904/VXjnmD8xYVppW92BcQS110k9zW67tPB74C5MgxN1qZLrB3lLBmV1-WJV7CgXLvW5GkC5f5wNrLmW9j2bGH27yZb5VpPgGv4RQVNVN3T8zsQK_G8GW3RKHsJ3HCbL9VRYxZW2K4CpKW1CxjRr6FBr29Vb-fVs1HbQkKV-1FvD3H3nckW8J98sn5T0X5XW5Y-R2D1wMWJ_W7FbZ-c61FfcNW5KxTfd13CpZfW8K52Mh94Rmc9W8ZmHgJ1t6ZG2V5-Kcp2Dznq-W1ctCsp2jV_gsN8ZJ6nQ6y8SCW40Qhhk4yVvc_N2tRPnNKYt31W5xRJs96V-LxHW7TYBgn91y-XB2-S1

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Thu, 05 Dec 2019 16:13:00 GMT
Accept-Ranges
bytes
ETag
"0ceedd86abd51:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
Date
Wed, 15 Dec 2021 17:28:04 GMT
Content-Length
1150

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://napariverinsurance.eredcraft.com/holiday21/?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHgJfU7eYuwPRye4lMDzQJBmiWLQznWGIwhbSEMAb6ULh4Acms3jhEewhQCNAXRw3rvdnmQoQUNMTSCfJTzhpETcGIgrqaDRFsU&utm_content=195399577&utm_source=hs_email
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
Date
Wed, 15 Dec 2021 17:28:04 GMT
Content-Length
394
jwstyle.css
napariverinsurance.eredcraft.com/holiday21/ 		408 B
602 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://napariverinsurance.eredcraft.com/holiday21/jwstyle.css
Requested by
Host: napariverinsurance.eredcraft.com
URL: https://napariverinsurance.eredcraft.com/holiday21/?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHgJfU7eYuwPRye4lMDzQJBmiWLQznWGIwhbSEMAb6ULh4Acms3jhEewhQCNAXRw3rvdnmQoQUNMTSCfJTzhpETcGIgrqaDRFsU&utm_content=195399577&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.238.116.132 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-104-238-116-132.ip.secureserver.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
7c455ffbd8fffa31f3af0f9d0ea82439b3ab8dfa464485746ad87e4c15d343f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/holiday21/?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHgJfU7eYuwPRye4lMDzQJBmiWLQznWGIwhbSEMAb6ULh4Acms3jhEewhQCNAXRw3rvdnmQoQUNMTSCfJTzhpETcGIgrqaDRFsU&utm_content=195399577&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Wed, 15 Dec 2021 17:28:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jul 2019 17:17:00 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0ece1c313bd51:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
281
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: napariverinsurance.eredcraft.com
URL: https://napariverinsurance.eredcraft.com/holiday21/?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHgJfU7eYuwPRye4lMDzQJBmiWLQznWGIwhbSEMAb6ULh4Acms3jhEewhQCNAXRw3rvdnmQoQUNMTSCfJTzhpETcGIgrqaDRFsU&utm_content=195399577&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 17:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617, 617
age
10279896
cdn-cachedat
2021-06-08 21:21:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
1b5bc4b6cfb38ae4760033b230decc40
cf-ray
6be162ee2a633758-MXP
cdn-requestcountrycode
EG
cdn-status
200
cdn-requestpullsuccess
True
nexterra.css
napariverinsurance.eredcraft.com/holiday21/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://napariverinsurance.eredcraft.com/holiday21/nexterra.css
Requested by
Host: napariverinsurance.eredcraft.com
URL: https://napariverinsurance.eredcraft.com/holiday21/?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHgJfU7eYuwPRye4lMDzQJBmiWLQznWGIwhbSEMAb6ULh4Acms3jhEewhQCNAXRw3rvdnmQoQUNMTSCfJTzhpETcGIgrqaDRFsU&utm_content=195399577&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.238.116.132 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-104-238-116-132.ip.secureserver.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/holiday21/?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHgJfU7eYuwPRye4lMDzQJBmiWLQznWGIwhbSEMAb6ULh4Acms3jhEewhQCNAXRw3rvdnmQoQUNMTSCfJTzhpETcGIgrqaDRFsU&utm_content=195399577&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Wed, 15 Dec 2021 17:28:04 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Content-Length
1117
Content-Type
text/html
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: napariverinsurance.eredcraft.com
URL: https://napariverinsurance.eredcraft.com/holiday21/?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHgJfU7eYuwPRye4lMDzQJBmiWLQznWGIwhbSEMAb6ULh4Acms3jhEewhQCNAXRw3rvdnmQoQUNMTSCfJTzhpETcGIgrqaDRFsU&utm_content=195399577&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 20:12:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Dec 2022 20:12:03 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: napariverinsurance.eredcraft.com
URL: https://napariverinsurance.eredcraft.com/holiday21/?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHgJfU7eYuwPRye4lMDzQJBmiWLQznWGIwhbSEMAb6ULh4Acms3jhEewhQCNAXRw3rvdnmQoQUNMTSCfJTzhpETcGIgrqaDRFsU&utm_content=195399577&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 17:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752, 617, 617, 617, 617, 617, 617, 617, 617, 617
age
10274066
cdn-cachedat
2021-08-02 15:29:35
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a809d8824c97646676d59c5f9e3e6bf6
cf-ray
6be162ee2a673758-MXP
cdn-requestcountrycode
EG
cdn-status
200
cdn-requestpullsuccess
True
du3JvCeF.js
content.jwplatform.com/libraries/ 		113 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/libraries/du3JvCeF.js
Requested by
Host: napariverinsurance.eredcraft.com
URL: https://napariverinsurance.eredcraft.com/holiday21/?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHgJfU7eYuwPRye4lMDzQJBmiWLQznWGIwhbSEMAb6ULh4Acms3jhEewhQCNAXRw3rvdnmQoQUNMTSCfJTzhpETcGIgrqaDRFsU&utm_content=195399577&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
0ed2cad988714c0b9f60b73d9c562b0670677323d583b095bcddabf97b740a87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 17:28:06 GMT
content-encoding
gzip
server
openresty
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=150, max-stale=180
content-length
37724
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
x-amz-cf-id
MVxkC7I6-UzNS0DSYkLnFlWNZCIaMil19F6WcNrBJtByb1X-gqTr_A==
expires
Wed, 15 Dec 2021 17:30:36 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128771165-20
Requested by
Host: napariverinsurance.eredcraft.com
URL: https://napariverinsurance.eredcraft.com/holiday21/?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHgJfU7eYuwPRye4lMDzQJBmiWLQznWGIwhbSEMAb6ULh4Acms3jhEewhQCNAXRw3rvdnmQoQUNMTSCfJTzhpETcGIgrqaDRFsU&utm_content=195399577&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
58bd908f14b05e58c1f1778505621b83fbbb9924f05efbefcfd8e99a086f6ad4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 17:28:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36177
x-xss-protection
0
last-modified
Wed, 15 Dec 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 15 Dec 2021 17:28:06 GMT
Primary Request nr.html
napariverinsurance.eredcraft.com/holiday21/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://napariverinsurance.eredcraft.com/holiday21/nr.html
Requested by
Host: napariverinsurance.eredcraft.com
URL: https://napariverinsurance.eredcraft.com/holiday21/?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHgJfU7eYuwPRye4lMDzQJBmiWLQznWGIwhbSEMAb6ULh4Acms3jhEewhQCNAXRw3rvdnmQoQUNMTSCfJTzhpETcGIgrqaDRFsU&utm_content=195399577&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.238.116.132 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-104-238-116-132.ip.secureserver.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
06933d71af9315523e5308d39672dc4bb30c110c888c9c72656538689a30418a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/holiday21/?utm_medium=email&_hsmi=195563333&_hsenc=p2ANqtz-8zhu7ZRos-OTTnuHgJfU7eYuwPRye4lMDzQJBmiWLQznWGIwhbSEMAb6ULh4Acms3jhEewhQCNAXRw3rvdnmQoQUNMTSCfJTzhpETcGIgrqaDRFsU&utm_content=195399577&utm_source=hs_email

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 21:16:24 GMT
Accept-Ranges
bytes
ETag
"0c49a352fdbd71:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
Date
Wed, 15 Dec 2021 17:28:05 GMT
Content-Length
1426
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128771165-20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6792
date
Wed, 15 Dec 2021 15:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 15 Dec 2021 17:34:54 GMT
collect
www.google-analytics.com/j/ 		1 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1144725837&t=pageview&_s=1&dl=https%3A%2F%2Fnapariverinsurance.eredcraft.com%2Fholiday21%2F%3Futm_medium%3Demail%26_hsmi%3D195563333%26_hsenc%3Dp2ANqtz-8zhu7ZRos-OTTnuHgJfU7eYuwPRye4lMDzQJBmiWLQznWGIwhbSEMAb6ULh4Acms3jhEewhQCNAXRw3rvdnmQoQUNMTSCfJTzhpETcGIgrqaDRFsU%26utm_content%3D195399577%26utm_source%3Dhs_email&ul=en-us&de=windows-1252&dt=Napa%20River&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=408272233&gjid=169984685&cid=82576557.1639589286&tid=UA-128771165-20&_gid=1717245284.1639589286&_r=1&gtm=2ouc10&z=1586084462
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://napariverinsurance.eredcraft.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 17:28:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://napariverinsurance.eredcraft.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: napariverinsurance.eredcraft.com
URL: https://napariverinsurance.eredcraft.com/holiday21/nr.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 17:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617, 617
age
10279896
cdn-cachedat
2021-06-08 21:21:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
1b5bc4b6cfb38ae4760033b230decc40
cf-ray
6be162f1ff165a31-MXP
cdn-requestcountrycode
EG
cdn-status
200
cdn-requestpullsuccess
True
video.css
napariverinsurance.eredcraft.com/holiday21/ 		235 B
535 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://napariverinsurance.eredcraft.com/holiday21/video.css
Requested by
Host: napariverinsurance.eredcraft.com
URL: https://napariverinsurance.eredcraft.com/holiday21/nr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.238.116.132 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-104-238-116-132.ip.secureserver.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
eb059c0b28fff5c6c2ddca4c07d07339d2c7ed4e7b4ed4d08c3b5b68939f7bdf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/holiday21/nr.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Wed, 15 Dec 2021 17:28:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jul 2019 16:09:00 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0b62119f146d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
213
headermedia.css
napariverinsurance.eredcraft.com/holiday21/ 		2 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://napariverinsurance.eredcraft.com/holiday21/headermedia.css
Requested by
Host: napariverinsurance.eredcraft.com
URL: https://napariverinsurance.eredcraft.com/holiday21/nr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.238.116.132 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-104-238-116-132.ip.secureserver.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
2f05a1159769c259434671b81fca6cbb3810fcb825d3da11db520ddbdcab539e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/holiday21/nr.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Wed, 15 Dec 2021 17:28:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Oct 2021 06:38:00 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0546b67dc5d71:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
578
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: napariverinsurance.eredcraft.com
URL: https://napariverinsurance.eredcraft.com/holiday21/nr.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 20:12:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Dec 2022 20:12:03 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: napariverinsurance.eredcraft.com
URL: https://napariverinsurance.eredcraft.com/holiday21/nr.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 17:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752, 617, 617, 617, 617, 617, 617, 617, 617, 617
age
10274066
cdn-cachedat
2021-08-02 15:29:35
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a809d8824c97646676d59c5f9e3e6bf6
cf-ray
6be162f1ef0f5a31-MXP
cdn-requestcountrycode
EG
cdn-status
200
cdn-requestpullsuccess
True
du3JvCeF.js
content.jwplatform.com/libraries/ 		113 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/libraries/du3JvCeF.js
Requested by
Host: napariverinsurance.eredcraft.com
URL: https://napariverinsurance.eredcraft.com/holiday21/nr.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
0ed2cad988714c0b9f60b73d9c562b0670677323d583b095bcddabf97b740a87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 17:28:06 GMT
content-encoding
gzip
server
openresty
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=150, max-stale=180
content-length
37724
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
x-amz-cf-id
2APH-9UWfWpVvrb0NZq2j7s-asnY11EuMzU35k9Jo8szD12uFRpcZw==
expires
Wed, 15 Dec 2021 17:30:36 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128771165-20
Requested by
Host: napariverinsurance.eredcraft.com
URL: https://napariverinsurance.eredcraft.com/holiday21/nr.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
58bd908f14b05e58c1f1778505621b83fbbb9924f05efbefcfd8e99a086f6ad4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 17:28:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36177
x-xss-protection
0
last-modified
Wed, 15 Dec 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 15 Dec 2021 17:28:06 GMT
napa-top.jpg
napariverinsurance.eredcraft.com/img21/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://napariverinsurance.eredcraft.com/img21/napa-top.jpg
Requested by
Host: napariverinsurance.eredcraft.com
URL: https://napariverinsurance.eredcraft.com/holiday21/nr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.238.116.132 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-104-238-116-132.ip.secureserver.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
1322dbde776a72d5785310d1b4c97ca0daadce5e7cfb9146057f693f13703fbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/holiday21/nr.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Wed, 15 Dec 2021 17:28:05 GMT
Last-Modified
Tue, 16 Nov 2021 21:06:10 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0cda1c72ddbd71:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
76915
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.23.2/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.23.2/jwpsrv.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/du3JvCeF.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82e587ecca54057eabad78bed2d89c2fb8f4118c3504e6f096215cb72868913e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 17:28:06 GMT
content-encoding
gzip
age
390
x-cache
HIT
content-length
17499
via
1.1 varnish
x-served-by
cache-fra19130-FRA
last-modified
Tue, 09 Nov 2021 01:47:52 GMT
server
AmazonS3
x-timer
S1639589287.892228,VS0,VE0
etag
"fd28c0166cd7029ddfb10e5953b3f7f2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
628
jwplayer.core.controls.html5.js
ssl.p.jwpcdn.com/player/v/8.23.2/ 		344 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.23.2/jwplayer.core.controls.html5.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/du3JvCeF.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fcf34177584bcfb496832a9df2c2126b445b3948cac4cb839ace3933e44c2894

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 17:28:06 GMT
content-encoding
gzip
age
2937754
x-cache
HIT
content-length
93282
via
1.1 varnish
x-served-by
cache-fra19130-FRA
last-modified
Tue, 09 Nov 2021 01:47:43 GMT
server
AmazonS3
x-timer
S1639589287.892335,VS0,VE0
etag
"8520956ea1aa50a4e20df1527cd470d0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
440906
napa-bg.jpg
napariverinsurance.eredcraft.com/holiday21/ 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://napariverinsurance.eredcraft.com/holiday21/napa-bg.jpg
Requested by
Host: napariverinsurance.eredcraft.com
URL: https://napariverinsurance.eredcraft.com/holiday21/nr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.238.116.132 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-104-238-116-132.ip.secureserver.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
708bebc4e8390598c6d38fc506dddfe820d6c0fe48ece742e86411daa4591c48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/holiday21/nr.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Wed, 15 Dec 2021 17:28:05 GMT
Last-Modified
Tue, 16 Nov 2021 21:06:10 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0cda1c72ddbd71:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
131291
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128771165-20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6792
date
Wed, 15 Dec 2021 15:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 15 Dec 2021 17:34:54 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=37240215&t=pageview&_s=1&dl=https%3A%2F%2Fnapariverinsurance.eredcraft.com%2Fholiday21%2Fnr.html&ul=en-us&de=windows-1252&dt=Napa%20River&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAUAB~&jid=&gjid=&cid=82576557.1639589286&tid=UA-128771165-20&_gid=1717245284.1639589286&gtm=2ouc10&z=110074543
Requested by
Host: napariverinsurance.eredcraft.com
URL: https://napariverinsurance.eredcraft.com/holiday21/nr.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 19:16:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
79878
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.23.2/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.23.2/provider.cast.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/du3JvCeF.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2eb8e6a5308ea945bac0ce4e917ab6531ea935350b3e1b6adf9aa58c72ce6b52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 17:28:06 GMT
content-encoding
gzip
age
2937984
x-cache
HIT
content-length
9080
via
1.1 varnish
x-served-by
cache-fra19130-FRA
last-modified
Tue, 09 Nov 2021 01:47:46 GMT
server
AmazonS3
x-timer
S1639589287.965784,VS0,VE0
etag
"ea49abf5acbb350b70f9668b39778f64"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
309882
nr-poster.jpg
napariverinsurance.eredcraft.com/holiday21/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://napariverinsurance.eredcraft.com/holiday21/nr-poster.jpg
Requested by
Host: napariverinsurance.eredcraft.com
URL: https://napariverinsurance.eredcraft.com/holiday21/nr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.238.116.132 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-104-238-116-132.ip.secureserver.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
3fe09c86489a0601d31f69e31dadba5711adb6f433762d169c8e8163fe0147a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/holiday21/nr.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Wed, 15 Dec 2021 17:28:05 GMT
Last-Modified
Tue, 16 Nov 2021 21:12:48 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0c8dbb42edbd71:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
115750
napariver21a.mp4
redcraftvideos.s3.us-west-2.amazonaws.com/21-napa/ 		2 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://redcraftvideos.s3.us-west-2.amazonaws.com/21-napa/napariver21a.mp4
Requested by
Host: napariverinsurance.eredcraft.com
URL: https://napariverinsurance.eredcraft.com/holiday21/nr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.169.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://napariverinsurance.eredcraft.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 15 Dec 2021 17:28:08 GMT
Last-Modified
Tue, 16 Nov 2021 21:14:20 GMT
Server
AmazonS3
x-amz-request-id
0T516NYB83MYK5Q6
ETag
"fe2b11ba3b1019ffb2611cd1631eadfb"
Content-Type
video/mp4
Content-Range
bytes 0-12513501/12513502
Accept-Ranges
bytes
Content-Length
12513502
x-amz-id-2
YaObxAhoaFWoOyUQNpoN4Y9ioiJ4ypkyF+jYIM+N2JyjDIxwCgTE8CW8aErkmrIkAQAskTimUrI=
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/du3JvCeF.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 17:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 15 Dec 2021 17:28:07 GMT
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 17:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12390
x-xss-protection
0
last-modified
Mon, 06 Jul 2020 23:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="chrome-dongle"
expires
Wed, 15 Dec 2021 17:28:07 GMT
cast_sender.js
www.gstatic.com/eureka/clank/96/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/96/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napariverinsurance.eredcraft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 16:02:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15236
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 15:10:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Thu, 16 Dec 2021 16:02:02 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery object| jwDefaults object| webpackJsonpjwplayer function| jwplayer function| gtag object| dataLayer object| player object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| cast

4 Cookies

Domain/Path Name / Value
.go.hudsoninsgroup.com/ Name: __cfruid
Value: 938e872f44b71a7c31a5b72f7e70fbb6b1142826-1639589284
.eredcraft.com/ Name: _ga
Value: GA1.2.82576557.1639589286
.eredcraft.com/ Name: _gid
Value: GA1.2.1717245284.1639589286
.eredcraft.com/ Name: _gat_gtag_UA_128771165_20
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://napariverinsurance.eredcraft.com/holiday21/nexterra.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
content.jwplatform.com
go.hudsoninsgroup.com
maxcdn.bootstrapcdn.com
napariverinsurance.eredcraft.com
redcraftvideos.s3.us-west-2.amazonaws.com
ssl.p.jwpcdn.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
104.238.116.132
2600:9000:214f:9400:1:a3fa:7cc0:93a1
2606:2c40::c73c:671d
2606:4700::6812:acf
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:830::200a
2a04:4e42:200::626
52.218.169.17
06933d71af9315523e5308d39672dc4bb30c110c888c9c72656538689a30418a
0ed2cad988714c0b9f60b73d9c562b0670677323d583b095bcddabf97b740a87
1322dbde776a72d5785310d1b4c97ca0daadce5e7cfb9146057f693f13703fbe
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
2eb8e6a5308ea945bac0ce4e917ab6531ea935350b3e1b6adf9aa58c72ce6b52
2f05a1159769c259434671b81fca6cbb3810fcb825d3da11db520ddbdcab539e
3fe09c86489a0601d31f69e31dadba5711adb6f433762d169c8e8163fe0147a6
41432fe641db8dbe2ddba4e848ef2d755ee28af3c4b07593ccb2591838270245
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
58bd908f14b05e58c1f1778505621b83fbbb9924f05efbefcfd8e99a086f6ad4
708bebc4e8390598c6d38fc506dddfe820d6c0fe48ece742e86411daa4591c48
7c455ffbd8fffa31f3af0f9d0ea82439b3ab8dfa464485746ad87e4c15d343f3
82e587ecca54057eabad78bed2d89c2fb8f4118c3504e6f096215cb72868913e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
cc8e47321556be131409009f3efcdb555aa6e8cbf5f6cc80a277a141740eaf42
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
eb059c0b28fff5c6c2ddca4c07d07339d2c7ed4e7b4ed4d08c3b5b68939f7bdf
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fcf34177584bcfb496832a9df2c2126b445b3948cac4cb839ace3933e44c2894