URL: https://secure.nelsonlabs.com/
Submission: On August 25 via manual from MX — Scanned from DE

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 57 HTTP transactions. The main IP is 52.255.139.106, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is secure.nelsonlabs.com. The Cisco Umbrella rank of the primary domain is 657410.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 14th 2022. Valid for: a year.
This is the only time secure.nelsonlabs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 52.255.139.106 8075 (MICROSOFT...)
7 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4de0:ac1... 20446 (STACKPATH...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 142.250.74.194 15169 (GOOGLE)
4 52.186.144.161 8075 (MICROSOFT...)
2 2001:4860:480... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
57 14
Apex Domain
Subdomains
Transfer
21 nelsonlabs.com
secure.nelsonlabs.com — Cisco Umbrella Rank: 657410
606 KB
8 typekit.net
use.typekit.net — Cisco Umbrella Rank: 507
p.typekit.net — Cisco Umbrella Rank: 625
214 KB
7 gstatic.com
www.gstatic.com
535 KB
4 whoson.com
gatewayusa4.whoson.com
hostedusa4.whoson.com — Cisco Umbrella Rank: 420385
7 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 9
25 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 286
fonts.googleapis.com — Cisco Umbrella Rank: 54
32 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158
88 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
20 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 130
16 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 727
83 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 615
65 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6076
565 B
57 12
Domain Requested by
21 secure.nelsonlabs.com secure.nelsonlabs.com
ajax.googleapis.com
7 www.gstatic.com secure.nelsonlabs.com
www.google.com
www.gstatic.com
7 use.typekit.net secure.nelsonlabs.com
4 www.google.com secure.nelsonlabs.com
www.gstatic.com
3 hostedusa4.whoson.com gatewayusa4.whoson.com
secure.nelsonlabs.com
2 connect.facebook.net secure.nelsonlabs.com
connect.facebook.net
2 www.google-analytics.com secure.nelsonlabs.com
www.google-analytics.com
2 www.googleadservices.com 1 redirects secure.nelsonlabs.com
2 maxcdn.bootstrapcdn.com secure.nelsonlabs.com
maxcdn.bootstrapcdn.com
2 fonts.googleapis.com secure.nelsonlabs.com
2 code.jquery.com secure.nelsonlabs.com
1 p.typekit.net secure.nelsonlabs.com
1 www.google.de secure.nelsonlabs.com
1 gatewayusa4.whoson.com secure.nelsonlabs.com
1 ajax.googleapis.com secure.nelsonlabs.com
57 15
Subject Issuer Validity Valid
secure.nelsonlabs.com
Go Daddy Secure Certificate Authority - G2
2022-02-14 -
2023-03-18
a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1
2022-03-07 -
2023-04-07
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-01-29 -
2023-01-29
a year crt.sh
www.google.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.whoson.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-04-19 -
2023-04-19
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-06-04 -
2022-09-02
3 months crt.sh
*.google.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh

This page contains 3 frames:

Primary Page: https://secure.nelsonlabs.com/
Frame ID: 7410F03B35E98C60BCDFB97254E9483D
Requests: 50 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_HR4TAAAAACTX1Kn2b_8hJIa7H64_3Gy6OMoE&co=aHR0cHM6Ly9zZWN1cmUubmVsc29ubGFicy5jb206NDQz&hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF&size=normal&cb=nv9bvwmcp610
Frame ID: 5594F6095CF4AAE3D5460BABD296BA39
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6Ld_HR4TAAAAACTX1Kn2b_8hJIa7H64_3Gy6OMoE
Frame ID: 430664E1BD5F53CA60A42AA32AAC1048
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Nelson Labs Secure Portal | Home

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

57
Requests

98 %
HTTPS

79 %
IPv6

12
Domains

15
Subdomains

14
IPs

4
Countries

1691 kB
Transfer

3295 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://www.googleadservices.com/pagead/conversion/1071968342/wcm?cc=ZZ&dn=8008262088&cl=b7hxCNPHoH8Q1uCT_wM&ct_eid=2 HTTP 302
  • https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8008262088&cl=b7hxCNPHoH8Q1uCT_wM

57 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
secure.nelsonlabs.com/
22 KB
6 KB
Document
General
Full URL
https://secure.nelsonlabs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0ad0f2f3b6ecdcc988b54ced0fa062b2609ae26059ce62e9affc8a069d6f030f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
5936
Content-Type
text/html; charset=UTF-8
Date
Thu, 25 Aug 2022 18:20:45 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
modernizr.js
secure.nelsonlabs.com/portal/javascript/
12 KB
5 KB
Script
General
Full URL
https://secure.nelsonlabs.com/portal/javascript/modernizr.js
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f9dbec62dfc393ea9b6cb7e7f1563560c6c5848048cc2abd6627239b39dccfc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 18:20:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jan 2022 08:48:06 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2e17-5d55ea0dc7d80;5e466b267d66e-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
5137
bjh2mtg.js
use.typekit.net/
18 KB
7 KB
Script
General
Full URL
https://use.typekit.net/bjh2mtg.js
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9d969110f597c60a4609de1a81ecb8e48cf1b6b231adeb7e2716817f491ff893
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Thu, 25 Aug 2022 18:20:46 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6792
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.0/
82 KB
29 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 12:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
368436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29478
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Aug 2023 12:00:10 GMT
jquery-migrate-1.2.1.min.js
secure.nelsonlabs.com/portal/javascript/
7 KB
3 KB
Script
General
Full URL
https://secure.nelsonlabs.com/portal/javascript/jquery-migrate-1.2.1.min.js
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 18:20:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jan 2022 08:48:06 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1c20-5d55ea0dc7d80;5e466b267d66e-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3068
jquery-ui.min.js
code.jquery.com/ui/1.10.3/
223 KB
59 KB
Script
General
Full URL
https://code.jquery.com/ui/1.10.3/jquery-ui.min.js
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 18:20:46 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:54 GMT
server
nginx
etag
W/"611feaca-37aed"
vary
Accept-Encoding
x-hw
1661451646.dop217.am5.t,1661451646.cds277.am5.hn,1661451646.cds116.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
60381
css
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3a3e39fca849dd5ca088dcb3176b67eb7258689b1e4b63f7f410e8479a7bf64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 17:21:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 25 Aug 2022 18:20:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Aug 2022 18:20:46 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 18:20:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723
age
5483557
cdn-cachedat
03/12/2022 14:32:07
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
etag
W/"269550530cc127b6aa5a35925a7de6ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
d59b1bc690982b057c0e17bb58696d82
cf-ray
740657f4ab9cbc04-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
global.css
secure.nelsonlabs.com/portal/css/
53 KB
12 KB
Stylesheet
General
Full URL
https://secure.nelsonlabs.com/portal/css/global.css?_=1641977286
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ddfc28eb7009648f57f1cf6552bc692f918977846844de9ea056f9dc98c258bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 18:20:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jan 2022 08:48:06 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"d5ad-5d55ea0dc7d80;5e466b267d66e-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
11873
jquery-ui.min.css
code.jquery.com/ui/1.10.3/themes/smoothness/
26 KB
5 KB
Stylesheet
General
Full URL
https://code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.min.css
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
f4007a847abc4399c1a96d516763161315a841de3cfa7760df9523345efc56f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 18:20:46 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:40 GMT
server
nginx
etag
W/"620cd700-693b"
vary
Accept-Encoding
x-hw
1661451646.dop217.am5.t,1661451646.cds277.am5.hn,1661451646.cds317.am5.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
5237
api.js
www.google.com/recaptcha/
850 B
969 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5717c5960d997c3b6645bd82e5109caa27ee627a3596bb8e6f370a794757af25
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 18:20:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
556
x-xss-protection
1; mode=block
expires
Thu, 25 Aug 2022 18:20:46 GMT
conversion_async.js
www.googleadservices.com/pagead/
41 KB
16 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
421ff7b6d660296443895950bff55ddb81a9eeb3d8c76e8cd067d3757bf249cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 18:20:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15682
x-xss-protection
0
server
cafe
etag
14097944420163075165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 25 Aug 2022 18:20:46 GMT
jquery.validate.min.js
secure.nelsonlabs.com/javascript/
21 KB
7 KB
Script
General
Full URL
https://secure.nelsonlabs.com/javascript/jquery.validate.min.js
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
383e81584ef323f25e77868ee3d631388a4a6bcf9ec51e26be9ddcd5f0750d9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 18:20:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jan 2022 08:48:04 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"5289-5d55ea0bdf900;5e466b267d66e-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
6348
vms.js
secure.nelsonlabs.com/falcon/public/vms/javascript/
53 KB
11 KB
Script
General
Full URL
https://secure.nelsonlabs.com/falcon/public/vms/javascript/vms.js
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9a0660e90c4c55877c808a79a68ffac7d88c56f7ea0570ef169e29812f58534b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 18:20:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jan 2022 08:46:48 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"d47f-5d55e9c364e00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
11364
vms.css
secure.nelsonlabs.com/falcon/public/vms/css/
49 KB
8 KB
Stylesheet
General
Full URL
https://secure.nelsonlabs.com/falcon/public/vms/css/vms.css
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c5875e150d0a518a0aef45840de6675386ab0e155054730d320b1a8f52df1c7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 18:20:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jan 2022 08:46:46 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"c259-5d55e9c17c980-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
8117
vms-public.css
secure.nelsonlabs.com/falcon/public/vms/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://secure.nelsonlabs.com/falcon/public/vms/css/vms-public.css
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ebf7be36ad3b8aa3ee7de9a3f6074bde09db39e3380770d07ac533e086d5cb3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 18:20:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jan 2022 08:46:46 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"147c-5d55e9c17c980-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1284
vms-public.js
secure.nelsonlabs.com/falcon/public/vms/javascript/
7 KB
2 KB
Script
General
Full URL
https://secure.nelsonlabs.com/falcon/public/vms/javascript/vms-public.js
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0688805a03783d7c6d1930ea372fe8962128524e5c93fb0d7e3fea60abec6c86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 18:20:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jan 2022 08:46:48 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1d13-5d55e9c364e00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2014
logo.png
secure.nelsonlabs.com/images/
8 KB
8 KB
Image
General
Full URL
https://secure.nelsonlabs.com/images/logo.png
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
75814521fb5fcf81fb5c376846fb031994a024b4b61f02c6b0962ab137513ba7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 18:20:46 GMT
Last-Modified
Wed, 12 Jan 2022 08:48:04 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1e2f-5d55ea0bdf900;5e466b267d66e"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
7727
icn-notice-green.png
secure.nelsonlabs.com/portal/images/
2 KB
3 KB
Image
General
Full URL
https://secure.nelsonlabs.com/portal/images/icn-notice-green.png
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
adc1104341f07cbde9c229a91c07caeb980a455f8611fdb2a05a208949c5763b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 18:20:46 GMT
Last-Modified
Wed, 12 Jan 2022 08:48:06 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"9ba-5d55ea0dc7d80;5e466b267d66e"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2490
include.js
gatewayusa4.whoson.com/
4 KB
2 KB
Script
General
Full URL
https://gatewayusa4.whoson.com/include.js?domain=www.nelsonlabs.com
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.186.144.161 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
3e29dbd9098cec4bd1e8463462427d337641c72c7e2232346f31afb84d446000
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cache-control
max-age=3600
x-powered-by
ARR/3.0
date
Thu, 25 Aug 2022 18:20:45 GMT
content-length
1556
content-type
application/javascript; charset=utf-8
global.js
secure.nelsonlabs.com/portal/javascript/
45 KB
10 KB
Script
General
Full URL
https://secure.nelsonlabs.com/portal/javascript/global.js?_=1641977286
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9b0baf053e5d08a965943d68277cdad96a6204fe295c1f76839b9320874ea62b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 18:20:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jan 2022 08:48:06 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"b472-5d55ea0dc7d80;5e466b267d66e-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
9760
jquery-ui-1.10.3.min.css
secure.nelsonlabs.com/portal/css/
26 KB
6 KB
Stylesheet
General
Full URL
https://secure.nelsonlabs.com/portal/css/jquery-ui-1.10.3.min.css
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9dd00d7ce8314e98669bf7af289c2ff3671503ff5420de3aeee42eecbbc13fa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 18:20:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jan 2022 08:48:06 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"693f-5d55ea0dc7d80;5e466b267d66e-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
5297
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4489
date
Thu, 25 Aug 2022 17:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 25 Aug 2022 19:05:57 GMT
loader.js
www.gstatic.com/wcm/
3 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/wcm/loader.js
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 18:15:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
327
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
last-modified
Mon, 15 Mar 2021 16:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 25 Aug 2022 19:15:19 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/
390 KB
156 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
151bac179d2ce855508abc6505e6a2c5b3a02a923a30a17c70acc2c2b0169640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.nelsonlabs.com/
Origin
https://secure.nelsonlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 17:15:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158666
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 20:03:29 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Aug 2023 17:15:46 GMT
ajax-working.gif
secure.nelsonlabs.com/vms/images/
7 KB
7 KB
Image
General
Full URL
https://secure.nelsonlabs.com/vms/images/ajax-working.gif
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9c9d58264858e8bd818293f1ffe5397a98ce8276a14030b055642cb065a1c8fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 18:20:46 GMT
Last-Modified
Wed, 12 Jan 2022 08:46:48 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1aa4-5d55e9c364e00;5e466b267d66e"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
6820
gray_90.png
secure.nelsonlabs.com/vms/images/
933 B
1 KB
Image
General
Full URL
https://secure.nelsonlabs.com/vms/images/gray_90.png
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9744a0780705aa64cf21dde9c50b31d22adef67efd1f1fddfd2f25cc39a5488e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 18:20:46 GMT
Last-Modified
Wed, 12 Jan 2022 08:46:48 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3a5-5d55e9c364e00;5e466b267d66e"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
933
css
fonts.googleapis.com/
7 KB
861 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300|Open+Sans+Condensed:300
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/falcon/public/vms/css/vms.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c085dffda63cf3758a34bfd8087bb252b3c1402353593a54ad5bd115ae744f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 18:20:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 25 Aug 2022 18:20:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Aug 2022 18:20:46 GMT
all.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a6af756b04505bf2f27800a61b2589b6f318bf460c17fbfb0919e3aee2e511cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
E7W6H49Yoh1tZUjRHwxF+w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
GU+LDsSLrRw/F/1I04bgQDK3rWDHzlywiAIT3x0WN0Q/YVnohjAtOm8fE0rB0Nlmioc55x6GLnKbTHg0G6cv/w==
x-fb-trip-id
2050670934
x-fb-content-md5
e72f0886df2d4536dafe4e8a9e3043df
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 25 Aug 2022 18:20:46 GMT
vary
Accept-Encoding
x-content-cdn-origin-ts
1661451235234
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"6809b289b46163d6dbc2f6873974dc04"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 25 Aug 2022 18:33:55 GMT
main-banner.jpg
secure.nelsonlabs.com/portal/images/
74 KB
74 KB
Image
General
Full URL
https://secure.nelsonlabs.com/portal/images/main-banner.jpg
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/portal/css/global.css?_=1641977286
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
34b983fcf9321edaf5adc0f93c5332f1735ec90c8ad149ae451e6200d2f249c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/portal/css/global.css?_=1641977286
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 18:20:46 GMT
Last-Modified
Wed, 12 Jan 2022 08:48:06 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"127b1-5d55ea0dc7d80;5e466b267d66e"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
75697
TrasandinaLight.otf
secure.nelsonlabs.com/portal/fonts/
106 KB
106 KB
Font
General
Full URL
https://secure.nelsonlabs.com/portal/fonts/TrasandinaLight.otf
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/portal/css/global.css?_=1641977286
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b4fa596a613e16b470e77f3ec372b1a93fca89352176edd5c43826c65a28cfd3

Request headers

Referer
https://secure.nelsonlabs.com/portal/css/global.css?_=1641977286
Origin
https://secure.nelsonlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 18:20:46 GMT
Last-Modified
Wed, 12 Jan 2022 08:48:06 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1a7b8-5d55ea0dc7d80;5e466b267d66e"
Content-Type
application/font-opentype
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
108472
TrasandinaMedium.otf
secure.nelsonlabs.com/portal/fonts/
106 KB
106 KB
Font
General
Full URL
https://secure.nelsonlabs.com/portal/fonts/TrasandinaMedium.otf
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/portal/css/global.css?_=1641977286
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
52a8d84430efda8fd8799bed7374da93aeeea1128cc11c14a709c5a0295f6e0b

Request headers

Referer
https://secure.nelsonlabs.com/portal/css/global.css?_=1641977286
Origin
https://secure.nelsonlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 18:20:46 GMT
Last-Modified
Wed, 12 Jan 2022 08:48:06 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1a76c-5d55ea0dc7d80;5e466b267d66e"
Content-Type
application/font-opentype
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
108396
TrasandinaLight-Italic.otf
secure.nelsonlabs.com/portal/fonts/
113 KB
114 KB
Font
General
Full URL
https://secure.nelsonlabs.com/portal/fonts/TrasandinaLight-Italic.otf
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/portal/css/global.css?_=1641977286
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2c8e097e427b94e3b5f1a5a1ef8887aebf6a97ab799ae33b2808cca8e605f4e4

Request headers

Referer
https://secure.nelsonlabs.com/portal/css/global.css?_=1641977286
Origin
https://secure.nelsonlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 18:20:46 GMT
Last-Modified
Wed, 12 Jan 2022 08:48:06 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1c4d4-5d55ea0dc7d80;5e466b267d66e"
Content-Type
application/font-opentype
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
115924
TrasandinaMedium-Italic.otf
secure.nelsonlabs.com/portal/fonts/
114 KB
114 KB
Font
General
Full URL
https://secure.nelsonlabs.com/portal/fonts/TrasandinaMedium-Italic.otf
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/portal/css/global.css?_=1641977286
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9d9f4e928d6cc61640193c5ec654d6064d4d7304ee41c1b562fcd92143540817

Request headers

Referer
https://secure.nelsonlabs.com/portal/css/global.css?_=1641977286
Origin
https://secure.nelsonlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 18:20:46 GMT
Last-Modified
Wed, 12 Jan 2022 08:48:06 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1c898-5d55ea0dc7d80;5e466b267d66e"
Content-Type
application/font-opentype
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
116888
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://secure.nelsonlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 18:20:46 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752
age
504
cdn-proxyver
1.02
cdn-cachedat
08/17/2022 18:20:14
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
etag
"af7ae505a9eed503f8b8e6982036873e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
6aedca5537f19521bd4be8a8f578cc65
accept-ranges
bytes
cf-ray
740657f7d8669028-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1566432201&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.nelsonlabs.com%2F&ul=en-us&de=UTF-8&dt=Nelson%20Labs%20Secure%20Portal%20%7C%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1139041449&gjid=311588120&cid=2108796005.1661451647&tid=UA-85036779-1&_gid=1145590286.1661451647&_r=1&_slc=1&z=1515204256
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.nelsonlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 18:20:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.nelsonlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
call-tracking_7.js
www.gstatic.com/call-tracking/
54 KB
21 KB
Script
General
Full URL
https://www.gstatic.com/call-tracking/call-tracking_7.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 11:22:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
543499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21020
x-xss-protection
0
last-modified
Wed, 03 Feb 2021 22:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-telephony"
vary
Accept-Encoding
report-to
{"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 11:22:27 GMT
all.js
connect.facebook.net/en_US/
305 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js?hash=11cd20dd61860d5ca676afd9a2904fdd
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e5f4e2b20a6410e9a2f1b2e15f014ff2d3dfd9c7237e87eed790ed086f8d0237
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://secure.nelsonlabs.com/
Origin
https://secure.nelsonlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
X73f3lkHzHqo3HK5hYmqRw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
87852
x-fb-rlafr
0
x-fb-debug
6eR7VCMK9wzd4KoYwE9+TqLJNmm6N69XwkjFWcW6MWqRztxM4qRSL1hILBC4OYGO6sBfply46XOZJvhwnp7/gQ==
x-fb-content-md5
a5f04ced620b479abfb0d36173f97fab
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 25 Aug 2022 18:20:46 GMT
vary
Accept-Encoding
x-content-cdn-origin-ts
1661447813779
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"da8666683790afe0419f57b166b63272"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 25 Aug 2023 17:16:53 GMT
invite.js
hostedusa4.whoson.com/
6 KB
2 KB
Script
General
Full URL
https://hostedusa4.whoson.com/invite.js?domain=www.nelsonlabs.com
Requested by
Host: gatewayusa4.whoson.com
URL: https://gatewayusa4.whoson.com/include.js?domain=www.nelsonlabs.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.186.144.161 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
a2fa9fe9ac17e8e07be24bede70b2d9da2ae1a42ff8b15efc59a1615f9faad65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cache-control
max-age=3600
x-powered-by
ARR/3.0
date
Thu, 25 Aug 2022 18:20:45 GMT
content-length
2427
content-type
application/javascript; charset=utf-8
/
hostedusa4.whoson.com/
3 KB
3 KB
Image
General
Full URL
https://hostedusa4.whoson.com/?u=170-1661451646844&d=www.nelsonlabs.com&p=%27https%3A//secure.nelsonlabs.com/%27&r=%27%27&response=g&timestamp=1661451646845
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.186.144.161 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e712812f7aeac70ef158fc06895766189561cd6929a9a588d5ef4e563fb31157
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache
x-powered-by
ARR/3.0
date
Thu, 25 Aug 2022 18:20:45 GMT
content-length
2762
content-type
image/gif
l
use.typekit.net/af/7848e9/00000000000000003b9b0429/27/
35 KB
35 KB
Font
General
Full URL
https://use.typekit.net/af/7848e9/00000000000000003b9b0429/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b66092ef63e164c258f98d6e66812054d846000db02c987a8c7bbb6918daed0c

Request headers

Referer
https://secure.nelsonlabs.com/
Origin
https://secure.nelsonlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 18:20:46 GMT
server
nginx
etag
"4ea4ab53defc6fb1ccd82d90380bfbd7b405c082"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
35760
l
use.typekit.net/af/af0e04/00000000000000003b9b042c/27/
35 KB
35 KB
Font
General
Full URL
https://use.typekit.net/af/af0e04/00000000000000003b9b042c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0f11df155a0518d89e68eed3528642147f04eb732d118a1aa1360201538747b2

Request headers

Referer
https://secure.nelsonlabs.com/
Origin
https://secure.nelsonlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 18:20:46 GMT
server
nginx
etag
"b080665cc0454ff40ee8b31db2407b2de3c8acd7"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
35508
l
use.typekit.net/af/c22491/00000000000000003b9b042e/27/
31 KB
31 KB
Font
General
Full URL
https://use.typekit.net/af/c22491/00000000000000003b9b042e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
af593ec694668c35a9fe54476c9edeab6bc55584741b8eb5140498b111664e93

Request headers

Referer
https://secure.nelsonlabs.com/
Origin
https://secure.nelsonlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 18:20:46 GMT
server
nginx
etag
"e1646308a1b16b88a3f9996750fdc63c8c6e538f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31628
l
use.typekit.net/af/9917f3/00000000000000003b9b0430/27/
35 KB
36 KB
Font
General
Full URL
https://use.typekit.net/af/9917f3/00000000000000003b9b0430/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c7bf2cf8294b663073272b49d89d405286866e147ce15040ff2154b776ceb49c

Request headers

Referer
https://secure.nelsonlabs.com/
Origin
https://secure.nelsonlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 18:20:46 GMT
server
nginx
etag
"99016c24e82e0a976037023b08a25c0f905e4058"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
36096
l
use.typekit.net/af/12a4fd/00000000000000003b9b0431/27/
35 KB
35 KB
Font
General
Full URL
https://use.typekit.net/af/12a4fd/00000000000000003b9b0431/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2682a35b88df9a759d0b800ef85d60ac992caa6c580222dee068048402329970

Request headers

Referer
https://secure.nelsonlabs.com/
Origin
https://secure.nelsonlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 18:20:46 GMT
server
nginx
etag
"f807030854b750db473ad8d329ff612463ec054c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
35936
l
use.typekit.net/af/27e1ba/00000000000000003b9b0434/27/
35 KB
35 KB
Font
General
Full URL
https://use.typekit.net/af/27e1ba/00000000000000003b9b0434/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f4f8867049893b1da30c2352725afd40d6b7e3603da641d89c793857a0ba594e

Request headers

Referer
https://secure.nelsonlabs.com/
Origin
https://secure.nelsonlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 18:20:46 GMT
server
nginx
etag
"f1e5cb46f5cdcad7a0ebd8b76180f6ec4310d047"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
35580
4614
secure.nelsonlabs.com/vms/toolbar/page/
14 B
354 B
XHR
General
Full URL
https://secure.nelsonlabs.com/vms/toolbar/page/4614
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.255.139.106 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
495304dea93aa9e6e5a891a51ad2fd9eb32f70d9c8451bd30fbced4e4b13810b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.nelsonlabs.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 18:20:46 GMT
Server
Apache/2.4.41 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
14
Expires
Thu, 19 Nov 1981 08:52:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 5594
43 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_HR4TAAAAACTX1Kn2b_8hJIa7H64_3Gy6OMoE&co=aHR0cHM6Ly9zZWN1cmUubmVsc29ubGFicy5jb206NDQz&hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF&size=normal&cb=nv9bvwmcp610
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3d7fffc2151990982cdc40a540ff7f163a04b8240745aa2cfd163c524e1928ab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EsFR-uT-iZck8cHT40kUJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.nelsonlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22893
content-security-policy
script-src 'report-sample' 'nonce-EsFR-uT-iZck8cHT40kUJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 18:20:46 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
wcm
www.google.de/pagead/attribution/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1071968342/wcm?cc=ZZ&dn=8008262088&cl=b7hxCNPHoH8Q1uCT_wM&ct_eid=2
  • https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8008262088&cl=b7hxCNPHoH8Q1uCT_wM
80 B
565 B
XHR
General
Full URL
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8008262088&cl=b7hxCNPHoH8Q1uCT_wM
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 18:20:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
application/json; charset=UTF-8
access-control-allow-origin
null
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0

Redirect headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 18:20:46 GMT
x-content-type-options
nosniff
server
cafe
location
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8008262088&cl=b7hxCNPHoH8Q1uCT_wM
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://secure.nelsonlabs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
p.gif
p.typekit.net/
35 B
228 B
Image
General
Full URL
https://p.typekit.net/p.gif?s=1&k=bjh2mtg&ht=tk&h=secure.nelsonlabs.com&f=35457.35460.35462.35464.35465.35468&a=85883914&js=1.21.0&app=typekit&e=js&_=1661451646989
Requested by
Host: secure.nelsonlabs.com
URL: https://secure.nelsonlabs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4868 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62
8096267
date
Thu, 25 Aug 2022 18:20:47 GMT
last-modified
Sat, 09 Oct 2021 06:43:10 GMT
server
nginx
etag
"616139fe-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
styles__ltr.css
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame 5594
52 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_HR4TAAAAACTX1Kn2b_8hJIa7H64_3Gy6OMoE&co=aHR0cHM6Ly9zZWN1cmUubmVsc29ubGFicy5jb206NDQz&hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF&size=normal&cb=nv9bvwmcp610
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 14:47:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24251
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 20:03:29 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Aug 2023 14:47:01 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame 5594
390 KB
155 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_HR4TAAAAACTX1Kn2b_8hJIa7H64_3Gy6OMoE&co=aHR0cHM6Ly9zZWN1cmUubmVsc29ubGFicy5jb206NDQz&hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF&size=normal&cb=nv9bvwmcp610
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
151bac179d2ce855508abc6505e6a2c5b3a02a923a30a17c70acc2c2b0169640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 17:15:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158666
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 20:03:29 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Aug 2023 17:15:46 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 5594
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
67c7cf2537681e76ae6b64e0159beaaa71413f83e01c809b7274f17c0ad9bd21
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_HR4TAAAAACTX1Kn2b_8hJIa7H64_3Gy6OMoE&co=aHR0cHM6Ly9zZWN1cmUubmVsc29ubGFicy5jb206NDQz&hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF&size=normal&cb=nv9bvwmcp610
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 18:20:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 25 Aug 2022 18:20:47 GMT
bframe
www.google.com/recaptcha/api2/ Frame 4306
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6Ld_HR4TAAAAACTX1Kn2b_8hJIa7H64_3Gy6OMoE
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
19c45eb12ff8ecee47937c3c96c0310a3f71dac3b373b3a546e95cb333673137
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eT-vr-xtC5d9pIIlZUG_cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.nelsonlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1113
content-security-policy
script-src 'report-sample' 'nonce-eT-vr-xtC5d9pIIlZUG_cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 18:20:47 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame 4306
52 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6Ld_HR4TAAAAACTX1Kn2b_8hJIa7H64_3Gy6OMoE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 14:47:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24251
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 20:03:29 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Aug 2023 14:47:01 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame 4306
390 KB
155 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6Ld_HR4TAAAAACTX1Kn2b_8hJIa7H64_3Gy6OMoE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
151bac179d2ce855508abc6505e6a2c5b3a02a923a30a17c70acc2c2b0169640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 17:15:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158666
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 20:03:29 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Aug 2023 17:15:46 GMT
poll.gif
hostedusa4.whoson.com/
70 B
130 B
Image
General
Full URL
https://hostedusa4.whoson.com/poll.gif?d=www.nelsonlabs.com&stamp=1661451647992&u=170-1661451646844
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.186.144.161 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
80c4924b445ca2b9933cd833c56802bede6e13a3133c32c0277c85d4733531f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.nelsonlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache
x-powered-by
ARR/3.0
date
Thu, 25 Aug 2022 18:20:47 GMT
content-length
70
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| html5 object| Modernizr function| yepnope object| Typekit function| $ function| jQuery function| cssLoaded undefined| local_fontawesome object| local_jqueryui undefined| isIE8 number| timeout string| GoogleAnalyticsObject function| ga function| _googWcmImpl string| _googWcmAk function| _googWcmGet object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| vmsObject object| _vmsAjaxLoading object| _vmsAjaxLoadingBG number| vmsXhr undefined| vmsXhrTimeout object| vms function| vmsInitSlick function| vmsDataAttributesToPropertyObject function| vmsPublicJsonForms function| vmsMessage function| vmsError function| vmsNotify function| vmsRemoveNotify undefined| vmsRemoveNotifyTimeout function| vmsResetNotifyRemove function| vmsQueueNotifyRemove object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| FB function| GooglemKTybQhCsO function| google_trackConversion object| recaptcha object| __buffer object| sWOChatElement string| sWOSession string| sWOUrl string| sWOGateway string| sWOGatewaySSL string| sWODomain string| sWOChatstart string| sWODepartment string| sWOSkillNames string| sWOLanguage string| sWOBackgroundURL string| sWOResponse string| sWOInvite string| sWOPreselect string| sWOUser string| sWOPage string| sWOStatus boolean| sWOInline number| sWOCost number| sWORevenue string| sWOName string| sWOCompany string| sWOEmail string| sWOTelephone string| sWOProtocol object| sWOImage boolean| sWOHide function| sWOStartChat function| sWOImageLoaded function| sWOAddVariable function| sWOTrackPage function| customerPortal_validatePaginationButtons function| customerPortal_getValidNextPage function| customerPortal_loadDocumentResultsForPageIndex function| customerPortal_loadStudyResultsForPageIndex function| customerPortalOrdersPageEventListeners function| fixFooter function| responsiveTable function| reportLinkContentMenu function| intval function| AdjustCart function| AdjustCartGroupGLPSTAT function| RequoteCart function| ValidateCheckout function| SubmitCheckout function| countChar function| notificationBar function| notificationBarDismiss function| notificationBarDismissExpirySet function| notificationBarDismissExpiryGet object| closure_lm_133998 function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl string| iWOGateway boolean| iWOLoaded function| Invite object| woOldOnload undefined| woRunOnload object| invite function| woAfterLoad object| scr string| google_wcc_status

5 Cookies

Domain/Path Name / Value
secure.nelsonlabs.com/ Name: PHPSESSID
Value: g7al46up00se02l207sd9rcgp6
.nelsonlabs.com/ Name: _ga
Value: GA1.2.2108796005.1661451647
.nelsonlabs.com/ Name: _gid
Value: GA1.2.1145590286.1661451647
.nelsonlabs.com/ Name: _gat
Value: 1
secure.nelsonlabs.com/ Name: whoson
Value: 170-1661451646844

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
gatewayusa4.whoson.com
hostedusa4.whoson.com
maxcdn.bootstrapcdn.com
p.typekit.net
secure.nelsonlabs.com
use.typekit.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.gstatic.com
142.250.74.194
2001:4860:4802:34::178
2001:4de0:ac18::1:a:2b
2606:4700::6812:acf
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a02:26f0:11a::6867:4851
2a02:26f0:11a::6867:4868
2a03:2880:f007:8:face:b00c:0:1
52.186.144.161
52.255.139.106
0688805a03783d7c6d1930ea372fe8962128524e5c93fb0d7e3fea60abec6c86
0ad0f2f3b6ecdcc988b54ced0fa062b2609ae26059ce62e9affc8a069d6f030f
0f11df155a0518d89e68eed3528642147f04eb732d118a1aa1360201538747b2
151bac179d2ce855508abc6505e6a2c5b3a02a923a30a17c70acc2c2b0169640
19c45eb12ff8ecee47937c3c96c0310a3f71dac3b373b3a546e95cb333673137
2682a35b88df9a759d0b800ef85d60ac992caa6c580222dee068048402329970
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c8e097e427b94e3b5f1a5a1ef8887aebf6a97ab799ae33b2808cca8e605f4e4
34b983fcf9321edaf5adc0f93c5332f1735ec90c8ad149ae451e6200d2f249c2
383e81584ef323f25e77868ee3d631388a4a6bcf9ec51e26be9ddcd5f0750d9f
3d7fffc2151990982cdc40a540ff7f163a04b8240745aa2cfd163c524e1928ab
3e29dbd9098cec4bd1e8463462427d337641c72c7e2232346f31afb84d446000
421ff7b6d660296443895950bff55ddb81a9eeb3d8c76e8cd067d3757bf249cb
495304dea93aa9e6e5a891a51ad2fd9eb32f70d9c8451bd30fbced4e4b13810b
4c085dffda63cf3758a34bfd8087bb252b3c1402353593a54ad5bd115ae744f8
52a8d84430efda8fd8799bed7374da93aeeea1128cc11c14a709c5a0295f6e0b
5717c5960d997c3b6645bd82e5109caa27ee627a3596bb8e6f370a794757af25
67c7cf2537681e76ae6b64e0159beaaa71413f83e01c809b7274f17c0ad9bd21
75814521fb5fcf81fb5c376846fb031994a024b4b61f02c6b0962ab137513ba7
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
80c4924b445ca2b9933cd833c56802bede6e13a3133c32c0277c85d4733531f5
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
9744a0780705aa64cf21dde9c50b31d22adef67efd1f1fddfd2f25cc39a5488e
9a0660e90c4c55877c808a79a68ffac7d88c56f7ea0570ef169e29812f58534b
9b0baf053e5d08a965943d68277cdad96a6204fe295c1f76839b9320874ea62b
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9c9d58264858e8bd818293f1ffe5397a98ce8276a14030b055642cb065a1c8fd
9d969110f597c60a4609de1a81ecb8e48cf1b6b231adeb7e2716817f491ff893
9d9f4e928d6cc61640193c5ec654d6064d4d7304ee41c1b562fcd92143540817
9dd00d7ce8314e98669bf7af289c2ff3671503ff5420de3aeee42eecbbc13fa2
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2fa9fe9ac17e8e07be24bede70b2d9da2ae1a42ff8b15efc59a1615f9faad65
a6af756b04505bf2f27800a61b2589b6f318bf460c17fbfb0919e3aee2e511cc
adc1104341f07cbde9c229a91c07caeb980a455f8611fdb2a05a208949c5763b
af593ec694668c35a9fe54476c9edeab6bc55584741b8eb5140498b111664e93
b4fa596a613e16b470e77f3ec372b1a93fca89352176edd5c43826c65a28cfd3
b66092ef63e164c258f98d6e66812054d846000db02c987a8c7bbb6918daed0c
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c5875e150d0a518a0aef45840de6675386ab0e155054730d320b1a8f52df1c7f
c7bf2cf8294b663073272b49d89d405286866e147ce15040ff2154b776ceb49c
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
ddfc28eb7009648f57f1cf6552bc692f918977846844de9ea056f9dc98c258bc
e3a3e39fca849dd5ca088dcb3176b67eb7258689b1e4b63f7f410e8479a7bf64
e5f4e2b20a6410e9a2f1b2e15f014ff2d3dfd9c7237e87eed790ed086f8d0237
e712812f7aeac70ef158fc06895766189561cd6929a9a588d5ef4e563fb31157
ebf7be36ad3b8aa3ee7de9a3f6074bde09db39e3380770d07ac533e086d5cb3f
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f4007a847abc4399c1a96d516763161315a841de3cfa7760df9523345efc56f3
f4f8867049893b1da30c2352725afd40d6b7e3603da641d89c793857a0ba594e
f9dbec62dfc393ea9b6cb7e7f1563560c6c5848048cc2abd6627239b39dccfc8
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df