buy.neaq.org Open in urlscan Pro
40.119.1.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tickets.neaq.org/
Effective URL:
https://buy.neaq.org/
Submission: On October 07 via automatic, source certstream-suspicious (October 7th 2024, 2:28:27 pm UTC) — Scanned from DE

Summary HTTP 88 Redirects Links 82 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 21 domains to perform 88 HTTP transactions. The main IP is 40.119.1.254, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is buy.neaq.org.
TLS certificate: Issued by E6 on September 16th 2024. Valid for: 3 months.

This is the only time buy.neaq.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 9	40.119.1.254 40.119.1.254	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2 2	172.67.149.130 172.67.149.130	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:bdf::64 2620:1ec:bdf::64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
15	2606:4700:20:... 2606:4700:20::681a:846	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	20.209.226.68 20.209.226.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
6	2620:12a:8001... 2620:12a:8001::253	54113 (FASTLY) (FASTLY)
2	172.67.74.194 172.67.74.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.185.168 142.250.185.168	15169 (GOOGLE) (GOOGLE)
1	23.201.250.60 23.201.250.60	16625 (AKAMAI-AS) (AKAMAI-AS)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
2	3.140.234.245 3.140.234.245	16509 (AMAZON-02) (AMAZON-02)
1	154.59.122.94 154.59.122.94	174 (COGENT-174) (COGENT-174)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
2 3	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 1	172.217.23.100 172.217.23.100	15169 (GOOGLE) (GOOGLE)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
5	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
6	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
88	30

9 40.119.1.254 (San Antonio, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tickets.neaq.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.neaq.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.149.130 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

getabetterbrowser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:bdf::64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.getabetterbrowser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:20::681a:846 (United States)

ASN13335 (CLOUDFLARENET, US)

prod.speakcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.speakcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.speakcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.209.226.68 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

neaq.z13.web.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States) 1 redirects

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:12a:8001::253 (United States)

ASN54113 (FASTLY, US)

www.neaq.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.74.194 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.skypack.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.250.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-250-60.deploy.static.akamaitechnologies.com

origin.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.140.234.245 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-140-234-245.us-east-2.compute.amazonaws.com

collector-34457.us.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.94 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)

e.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

3418164.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.70 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.100 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.26 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

tier3.speakcreative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.74.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

tier3.speakcreative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	speakcdn.com prod.speakcdn.com — Cisco Umbrella Rank: 144560 static.speakcdn.com — Cisco Umbrella Rank: 228783 assets.speakcdn.com — Cisco Umbrella Rank: 150531	145 KB
15	neaq.org 2 redirects tickets.neaq.org buy.neaq.org www.neaq.org — Cisco Umbrella Rank: 805483	151 KB
13	google-analytics.com 1 redirects www.google-analytics.com — Cisco Umbrella Rank: 34 region1.google-analytics.com — Cisco Umbrella Rank: 3643	22 KB
11	speakcreative.com tier3.speakcreative.com	18 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	858 KB
8	doubleclick.net 4 redirects 3418164.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 150 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 cm.g.doubleclick.net — Cisco Umbrella Rank: 283	1 KB
5	getabetterbrowser.com 2 redirects getabetterbrowser.com — Cisco Umbrella Rank: 247602 www.getabetterbrowser.com — Cisco Umbrella Rank: 276192	3 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 604	1 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 357	87 B
2	sojern.com beacon.sojern.com — Cisco Umbrella Rank: 6826 pixel.sojern.com — Cisco Umbrella Rank: 9645	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	tvsquared.com collector-34457.us.tvsquared.com	9 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	71 KB
2	acuityplatform.com origin.acuityplatform.com — Cisco Umbrella Rank: 21410 e.acuityplatform.com — Cisco Umbrella Rank: 16904	2 KB
2	skypack.dev cdn.skypack.dev — Cisco Umbrella Rank: 40256	21 KB
2	windows.net neaq.z13.web.core.windows.net	6 MB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 373	149 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 267	700 B
1	google.de www.google.de — Cisco Umbrella Rank: 11271	64 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 89	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
88	21

	Domain	Requested by
12	prod.speakcdn.com	buy.neaq.org prod.speakcdn.com
11	tier3.speakcreative.com	neaq.z13.web.core.windows.net
9	www.googletagmanager.com	buy.neaq.org www.googletagmanager.com www.google-analytics.com
8	buy.neaq.org	1 redirects buy.neaq.org
7	region1.google-analytics.com	1 redirects www.googletagmanager.com buy.neaq.org
6	www.neaq.org	prod.speakcdn.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	ad.doubleclick.net	2 redirects buy.neaq.org
3	www.getabetterbrowser.com	buy.neaq.org www.getabetterbrowser.com
2	c1.adform.net	2 redirects
2	cm.g.doubleclick.net	buy.neaq.org
2	www.facebook.com	buy.neaq.org
2	3418164.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	collector-34457.us.tvsquared.com	buy.neaq.org
2	connect.facebook.net	buy.neaq.org connect.facebook.net
2	cdn.skypack.dev	buy.neaq.org
2	neaq.z13.web.core.windows.net	buy.neaq.org
2	static.speakcdn.com	buy.neaq.org
2	getabetterbrowser.com	2 redirects
1	pixel.sojern.com	buy.neaq.org
1	match.adsrvr.org	buy.neaq.org
1	ib.adnxs.com	buy.neaq.org
1	adservice.google.com	buy.neaq.org
1	www.google.de	buy.neaq.org
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	beacon.sojern.com	buy.neaq.org
1	www.googleadservices.com	www.googletagmanager.com
1	e.acuityplatform.com	origin.acuityplatform.com
1	origin.acuityplatform.com	buy.neaq.org
1	assets.speakcdn.com	buy.neaq.org
1	fonts.googleapis.com	buy.neaq.org
1	tickets.neaq.org	1 redirects
88	33

This site contains links to these domains. Also see Links.

Domain
www.neaq.org
vwww.neaq.org
neaq.org
support.neaq.org
tickets.neaq.org
www.facebook.com
x.com
www.instagram.com
www.youtube.com
www.linkedin.com
www.citypass.com
my.citypass.com
www.muzemerch.com
www.madebyspeak.com

Subject Issuer	Validity	Valid
buy.neaq.org E6	`2024-09-16` - `2024-12-15`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
speakcdn.com WE1	`2024-09-09` - `2024-12-08`	3 months	crt.sh
*.web.core.windows.net Microsoft Azure RSA TLS Issuing CA 03	`2024-04-05` - `2025-03-31`	a year	crt.sh
www.getabetterbrowser.com DigiCert TLS RSA SHA256 2020 CA1	`2024-09-03` - `2025-09-03`	a year	crt.sh
andersoncabotcenterforoceanlife.org R11	`2024-10-06` - `2025-01-04`	3 months	crt.sh
skypack.dev WE1	`2024-09-23` - `2024-12-22`	3 months	crt.sh
*.acuityplatform.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-04` - `2024-12-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-16` - `2024-10-14`	3 months	crt.sh
*.us.tvsquared.com Amazon RSA 2048 M03	`2024-04-28` - `2025-05-27`	a year	crt.sh
*.googleadservices.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-21`	5 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
speakcreative.com WE1	`2024-08-21` - `2024-11-19`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://buy.neaq.org/
Frame ID: 3FF74305F442091B110D4913CBA7160B
Requests: 81 HTTP requests in this frame

Frame: https://3418164.fls.doubleclick.net/activityi;dc_pre=COH4x6i9_IgDFTKW_QcdLN0LWQ;src=3418164;type=gener233;cat=2018n0;ord=1318952906378;npa=1;auiddc=1378968704.1728311299;ps=1;pcor=1656874546;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a20v9189892006z878347654za201zb78347654;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fbuy.neaq.org%2F
Frame ID: 7D8CA624200D015903256BD9C0B3F887
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Page URL History Show full URLs

https://tickets.neaq.org/ HTTP 301
https://buy.neaq.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

88
Requests

91 %
HTTPS

27 %
IPv6

21
Domains

33
Subdomains

30
IPs

4
Countries

7643 kB
Transfer

10096 kB
Size

42
Cookies

82 Outgoing links

These are links going to different origins than the main page.

URL: https://www.neaq.org/visit/
Title: Plan Your Visit

Search URL Search Domain Scan URL

URL: https://www.neaq.org/visit/tickets/
Title: Tickets

Search URL Search Domain Scan URL

URL: https://www.neaq.org/visit/offers-and-discounts/
Title: Offers and Discounts

Search URL Search Domain Scan URL

URL: https://www.neaq.org/visit/directions-and-parking/
Title: Directions & Parking

Search URL Search Domain Scan URL

URL: https://www.neaq.org/visit/groups-and-tours/
Title: Groups & Tours

Search URL Search Domain Scan URL

URL: https://www.neaq.org/visit/animal-encounters/
Title: Animal Encounters

Search URL Search Domain Scan URL

URL: https://www.neaq.org/visit/our-policies/
Title: General Policies

Search URL Search Domain Scan URL

URL: https://www.neaq.org/exhibits/
Title: Exhibits

Search URL Search Domain Scan URL

URL: https://www.neaq.org/exhibit/amazon-rainforest/
Title: Amazon Rainforest

Search URL Search Domain Scan URL

URL: https://www.neaq.org/exhibit/atlantic-harbor-seals/
Title: Atlantic Harbor Seals

Search URL Search Domain Scan URL

URL: https://www.neaq.org/exhibit/giant-ocean-tank/
Title: Giant Ocean Tank

Search URL Search Domain Scan URL

URL: https://www.neaq.org/exhibit/indo-pacific-coral-reef/
Title: Indo-Pacific Coral Reef

Search URL Search Domain Scan URL

URL: https://www.neaq.org/exhibit/marine-mammal-center/
Title: Marine Mammal Center

Search URL Search Domain Scan URL

URL: https://www.neaq.org/exhibit/olympic-coast-exhibit/
Title: Olympic Coast Sanctuary

Search URL Search Domain Scan URL

URL: https://www.neaq.org/exhibit/penguin-exhibit/
Title: Penguin Colony

Search URL Search Domain Scan URL

URL: https://www.neaq.org/exhibit/sea-jellies-exhibit/
Title: Sea Jellies

Search URL Search Domain Scan URL

URL: https://www.neaq.org/exhibit/science-of-sharks/
Title: Science of Sharks

Search URL Search Domain Scan URL

URL: https://www.neaq.org/exhibit/shark-ray-touch-tank/
Title: Shark & Ray Touch Tank

Search URL Search Domain Scan URL

URL: https://www.neaq.org/visit/simons-theatre/
Title: Simons Theatre

Search URL Search Domain Scan URL

URL: https://www.neaq.org/visit/dining-and-shopping/
Title: Dining & Shopping

Search URL Search Domain Scan URL

URL: https://www.neaq.org/visit/central-wharf/
Title: Central Wharf

Search URL Search Domain Scan URL

URL: https://www.neaq.org/visit/accessibility/
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.neaq.org/visit/frequently-asked-questions/
Title: FAQs

Search URL Search Domain Scan URL

URL: https://www.neaq.org/animals/
Title: Animals

Search URL Search Domain Scan URL

URL: https://vwww.neaq.org/animal/african-penguin/
Title: African Penguin

Search URL Search Domain Scan URL

URL: https://www.neaq.org/animal/anemonefish/
Title: Anemonefish

Search URL Search Domain Scan URL

URL: https://www.neaq.org/animal/atlantic-harbor-seal/
Title: Atlantic Harbor Seal

Search URL Search Domain Scan URL

URL: https://www.neaq.org/animal/california-sea-lion/
Title: California Sea Lion

Search URL Search Domain Scan URL

URL: https://www.neaq.org/animal/common-tern/
Title: Common Tern

Search URL Search Domain Scan URL

URL: https://www.neaq.org/animal/cownose-ray/
Title: Cownose Ray

Search URL Search Domain Scan URL

URL: https://www.neaq.org/animal/dwarf-seahorse/
Title: Dwarf Seahorse

Search URL Search Domain Scan URL

URL: https://www.neaq.org/animal/epaulette-shark/
Title: Epaulette Shark

Search URL Search Domain Scan URL

URL: https://www.neaq.org/animal/giant-pacific-octopus/
Title: Giant Pacific Octopus

Search URL Search Domain Scan URL

URL: https://neaq.org/animal/goliath-grouper/
Title: Goliath Grouper

Search URL Search Domain Scan URL

URL: https://www.neaq.org/animal/green-sea-turtle/
Title: Green Sea Turtle

Search URL Search Domain Scan URL

URL: https://www.neaq.org/animal/lookdown/
Title: Lookdown

Search URL Search Domain Scan URL

URL: https://www.neaq.org/animal/piranha/
Title: Red-Bellied Piranha

Search URL Search Domain Scan URL

URL: https://www.neaq.org/animal/southern-rockhopper-penguin/
Title: Southern Rockhopper Penguin

Search URL Search Domain Scan URL

URL: https://www.neaq.org/animal/right-whales/
Title: Right Whales

Search URL Search Domain Scan URL

URL: https://www.neaq.org/animal/turtles/
Title: Sea Turtles

Search URL Search Domain Scan URL

URL: https://www.neaq.org/animal/sharks/
Title: Sharks

Search URL Search Domain Scan URL

URL: https://www.neaq.org/visit/giant-ocean-tank-webcam/
Title: Giant Ocean Tank

Search URL Search Domain Scan URL

URL: https://www.neaq.org/visit/penguin-webcam/
Title: African Penguin Colony

Search URL Search Domain Scan URL

URL: https://www.neaq.org/conservation-and-research/
Title: Conservation & Research

Search URL Search Domain Scan URL

URL: https://www.neaq.org/conservation-and-research/studying-and-protecting/
Title: Studying & Protecting

Search URL Search Domain Scan URL

URL: https://www.neaq.org/conservation-and-research/advising-and-partnering/
Title: Advising & Partnering

Search URL Search Domain Scan URL

URL: https://www.neaq.org/conservation-and-research/educating-and-inspiring/
Title: Educating & Inspring

Search URL Search Domain Scan URL

URL: https://www.neaq.org/conservation-and-research/engaging-and-supporting/
Title: Engaging & Supporting

Search URL Search Domain Scan URL

URL: https://www.neaq.org/conservation-and-research/anderson-cabot-center-for-ocean-life/
Title: Anderson Cabot Center for Ocean Life

Search URL Search Domain Scan URL

URL: https://www.neaq.org/conservation-and-research/marine-conservation-action-fund/
Title: Marine Conservation Action Fund

Search URL Search Domain Scan URL

URL: https://www.neaq.org/publication/
Title: Research Publications

Search URL Search Domain Scan URL

URL: https://www.neaq.org/engage/
Title: Engage

Search URL Search Domain Scan URL

URL: https://www.neaq.org/engage/take-action/#turtle-rescue
Title: Sea Turtle Rescue Assistance

Search URL Search Domain Scan URL

URL: https://www.neaq.org/engage/take-action/#blue-economy
Title: Blue Economy

Search URL Search Domain Scan URL

URL: https://www.neaq.org/engage/take-action/#whales
Title: Right Whale Protections

Search URL Search Domain Scan URL

URL: https://www.neaq.org/engage/events-and-programs/
Title: Events & Programs

Search URL Search Domain Scan URL

URL: https://www.neaq.org/engage/join-our-team/
Title: Join Our Team

Search URL Search Domain Scan URL

URL: https://www.neaq.org/engage/teen-programs/
Title: Teen Programs

Search URL Search Domain Scan URL

URL: https://www.neaq.org/engage/support/
Title: Donate

Search URL Search Domain Scan URL

URL: https://www.neaq.org/engage/support/corporate-partner/
Title: Become a Corporate Partner

Search URL Search Domain Scan URL

URL: https://www.neaq.org/engage/educational-resources/
Title: Educational Resources & Activities

Search URL Search Domain Scan URL

URL: https://www.neaq.org/news-and-stories/
Title: News & Stories

Search URL Search Domain Scan URL

URL: https://www.neaq.org/about-us/
Title: About

Search URL Search Domain Scan URL

URL: https://www.neaq.org/engage/support/become-a-member/
Title: Become a Member

Search URL Search Domain Scan URL

URL: https://www.neaq.org/engage/host-an-event/
Title: Host an Event

Search URL Search Domain Scan URL

URL: https://support.neaq.org/site/Donation2;jsessionid=00000000.app271a?df_id=5061&mfc_pref=T&5061.donation=form1
Title: Donate

Search URL Search Domain Scan URL

URL: https://tickets.neaq.org/default.aspx
Title: Tickets

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NewEnglandAquarium

Search URL Search Domain Scan URL

URL: https://x.com/NEAQ

Search URL Search Domain Scan URL

URL: https://www.instagram.com/newenglandaquarium/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/NewEnglandAquarium

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/new-england-aquarium/

Search URL Search Domain Scan URL

URL: https://www.citypass.com/boston?mv_source=nea&campaign=cart-text
Title: Buy CityPASS® tickets online

Search URL Search Domain Scan URL

URL: https://my.citypass.com/welcome
Title: My CityPASS® App

Search URL Search Domain Scan URL

URL: https://www.neaq.org/

Search URL Search Domain Scan URL

URL: https://www.neaq.org/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.muzemerch.com/partner/new-england-aquarium
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.neaq.org/about-us/press-room/
Title: Press Room

Search URL Search Domain Scan URL

URL: https://www.neaq.org/about-us/diversity-equity-and-inclusion/
Title: Diversity, Equity, and Inclusion

Search URL Search Domain Scan URL

URL: https://www.neaq.org/subscribe/
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://www.neaq.org/privacy-policy/
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: https://www.madebyspeak.com/
Title: Web Design by Speak

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tickets.neaq.org/ HTTP 301
https://buy.neaq.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://getabetterbrowser.com/js/checker.js?ckcachebust=748359572 HTTP 301
https://www.getabetterbrowser.com/js/checker.js?ckcachebust=748359572

Request Chain 3

https://getabetterbrowser.com/css/checker.css?ckcachebust=748359572 HTTP 301
https://www.getabetterbrowser.com/css/checker.css?ckcachebust=748359572

Request Chain 14

https://buy.neaq.org/assets/3016/neaq-footer-logo.svg HTTP 301
https://assets.speakcdn.com/assets/3016/neaq-footer-logo.svg

Request Chain 45

https://region1.google-analytics.com/g/collect?v=2&tid=G-EP7TZ5H4JV&gtm=45je4a20v894637396z878347654za200zb78347654&_p=1728311298528&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101671035~101747727&cid=1283295594.1728311299&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1728311299&sct=1&seg=0&dl=https%3A%2F%2Fbuy.neaq.org%2F&dt=Home&en=page_view&_fv=1&_ss=1&_c=1&tfd=1933 HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1283295594.1728311299&dbk=10870326149843655082&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4a20v894637396z878347654za200zb78347654&npa=1&tid=G-EP7TZ5H4JV&dl=https%3A%2F%2Fbuy.neaq.org%3F

Request Chain 47

https://3418164.fls.doubleclick.net/activityi;src=3418164;type=gener233;cat=2018n0;ord=1318952906378;npa=1;auiddc=1378968704.1728311299;ps=1;pcor=1656874546;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a20v9189892006z878347654za201zb78347654;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fbuy.neaq.org%2F HTTP 302
https://3418164.fls.doubleclick.net/activityi;dc_pre=COH4x6i9_IgDFTKW_QcdLN0LWQ;src=3418164;type=gener233;cat=2018n0;ord=1318952906378;npa=1;auiddc=1378968704.1728311299;ps=1;pcor=1656874546;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a20v9189892006z878347654za201zb78347654;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fbuy.neaq.org%2F

Request Chain 60

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10940510478/?random=1923303389&cv=11&fst=1728311299327&bg=ffffff&guid=ON&async=1&gtm=45be4a20z878347654za201zb78347654&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fbuy.neaq.org%2F&label=6L5HCLzwk90DEI7i6-Ao&hn=www.googleadservices.com&frm=0&tiba=Home&value=0&npa=1&pscdl=noapi&auid=1378968704.1728311299&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&eitems=ChEI8I2OuAYQ3pim6tucmIDZARIdAMxaeUThEHvhon_I3ws6IBH6s2WJVbPfEWgTfHM&pscrd=IhMI3-PAqL38iAMVWIuDBx0BWw6MMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL2J1eS5uZWFxLm9yZy9CWENoRUk4STJPdUFZUW5hR2w2NmEwNkpiQUFSSXRBSUM1VHB1Wk0zTnloN282MW1SaUFreFBQTWxwV0I2TUNWMkNWcG5vSVFZYkQzWmtlYUU5VXJVcGd5cTY HTTP 302
https://www.google.com/pagead/1p-conversion/10940510478/?random=1923303389&cv=11&fst=1728311299327&bg=ffffff&guid=ON&async=1&gtm=45be4a20z878347654za201zb78347654&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fbuy.neaq.org%2F&label=6L5HCLzwk90DEI7i6-Ao&hn=www.googleadservices.com&frm=0&tiba=Home&value=0&npa=1&pscdl=noapi&auid=1378968704.1728311299&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI3-PAqL38iAMVWIuDBx0BWw6MMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL2J1eS5uZWFxLm9yZy9CWENoRUk4STJPdUFZUW5hR2w2NmEwNkpiQUFSSXRBSUM1VHB1Wk0zTnloN282MW1SaUFreFBQTWxwV0I2TUNWMkNWcG5vSVFZYkQzWmtlYUU5VXJVcGd5cTY&is_vtc=1&cid=CAQSGwDpaXnfiYmgFbri1TUXF0GbMs--MbqucE71zQ&eitems=ChEI8I2OuAYQ3pim6tucmIDZARIdAMxaeUQTkZUYsh08LfoaUYF2eh3s7UTKl4abVrA&random=2035785917 HTTP 302
https://www.google.de/pagead/1p-conversion/10940510478/?random=1923303389&cv=11&fst=1728311299327&bg=ffffff&guid=ON&async=1&gtm=45be4a20z878347654za201zb78347654&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fbuy.neaq.org%2F&label=6L5HCLzwk90DEI7i6-Ao&hn=www.googleadservices.com&frm=0&tiba=Home&value=0&npa=1&pscdl=noapi&auid=1378968704.1728311299&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI3-PAqL38iAMVWIuDBx0BWw6MMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL2J1eS5uZWFxLm9yZy9CWENoRUk4STJPdUFZUW5hR2w2NmEwNkpiQUFSSXRBSUM1VHB1Wk0zTnloN282MW1SaUFreFBQTWxwV0I2TUNWMkNWcG5vSVFZYkQzWmtlYUU5VXJVcGd5cTY&is_vtc=1&cid=CAQSGwDpaXnfiYmgFbri1TUXF0GbMs--MbqucE71zQ&eitems=ChEI8I2OuAYQ3pim6tucmIDZARIdAMxaeUQTkZUYsh08LfoaUYF2eh3s7UTKl4abVrA&random=2035785917&ipr=y

Request Chain 61

https://ad.doubleclick.net/ddm/activity/src=9137113;type=homep0;cat=newen00;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=UNKNOWN HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9137113;dc_pre=CPqbz6i9_IgDFfAJogMd9xgmgw;type=homep0;cat=newen00;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=UNKNOWN HTTP 302
https://adservice.google.com/ddm/fls/z/src=9137113;dc_pre=CPqbz6i9_IgDFfAJogMd9xgmgw;type=homep0;cat=newen00;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=UNKNOWN

Request Chain 66

https://c1.adform.net/serving/cookie/match?cid=e0fa9e70-1877-e35b-7bbf-ca1e4b8eba92&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=e0fa9e70-1877-e35b-7bbf-ca1e4b8eba92&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=638947944633055590&cid=e0fa9e70-1877-e35b-7bbf-ca1e4b8eba92

88 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
buy.neaq.org/
Redirect Chain

https://tickets.neaq.org/
https://buy.neaq.org/

64 KB
9 KB

491ms
168ms

Document
text/html

40.119.1.254
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.neaq.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.119.1.254 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ee3da5ce290b2f5f1c5b04b92fe9b82acf85ce6ba80c3354c1789934772dc686

Security Headers

Name	Value
Content-Security-Policy	default-src https:; object-src 'none'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; connect-src https: wss: data: blob:; img-src 'self' https: data: blob:; font-src 'self' https: data: blob:; worker-src 'self' https: blob:; frame-ancestors 'self' .sitewrench.com .speakcreative.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=529844
content-encoding: gzip
content-security-policy: default-src https:; object-src 'none'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; connect-src https: wss: data: blob:; img-src 'self' https: data: blob:; font-src 'self' https: data: blob:; worker-src 'self' https: blob:; frame-ancestors 'self' *.sitewrench.com *.speakcreative.com
content-type: text/html; charset=utf-8
date: Mon, 07 Oct 2024 14:28:18 GMT
etag: W/"6702cb36-fea2"
last-modified: Sun, 06 Oct 2024 17:39:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-gateway-cache: true
x-gateway-name: gateway1

Redirect headers

access-control-expose-headers: Request-Context
content-length: 138
content-security-policy: default-src https:; object-src 'none'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; connect-src https: wss: data: blob:; img-src 'self' https: data: blob:; font-src 'self' https: data: blob:; worker-src 'self' https: blob:; frame-ancestors 'self' *.sitewrench.com *.speakcreative.com
content-type: text/html; charset=utf-8
date: Mon, 07 Oct 2024 14:28:17 GMT
location: https://buy.neaq.org/
request-context: appId=cid-v1:b5d2d775-220a-40dd-9ea0-f73b5e514e70
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-gateway-name: gateway2
x-server-addr: prod4

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
74 KB 149ms
54ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-9606487-2

Requested by

Host: buy.neaq.org
URL: https://buy.neaq.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6315b81900c9687effc6c97e33adfd09f873cfc685cac3a265e0ac571fe36cf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 07 Oct 2024 14:28:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 07 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 74620
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 314 KB
104 KB 205ms
110ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K8642H37BB

Requested by

Host: buy.neaq.org
URL: https://buy.neaq.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b60ac743478456129201d02fb98a1c5722a96816a94415e6de91ef6b1c39eb4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 07 Oct 2024 14:28:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106183
x-xss-protection: 0
server: Google Tag Manager

GET
H2

200

checker.js Show response
www.getabetterbrowser.com/js/
Redirect Chain

https://getabetterbrowser.com/js/checker.js?ckcachebust=748359572
https://www.getabetterbrowser.com/js/checker.js?ckcachebust=748359572

926 B
1 KB

46ms
45ms

Script
application/javascript

2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getabetterbrowser.com/js/checker.js?ckcachebust=748359572
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Server: 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9500323109402a1885a3edcdc4000d1902cc481cc8ff0ed786cb7c6a62bb11ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

x-ms-version: 2018-03-28
etag: "0x8D82F47C6AE2DEF"
x-fd-int-roxy-purgeid: 45865483
x-ms-request-id: 48c10db6-c01e-0003-6090-184d59000000
accept-ranges: bytes
x-cache: TCP_HIT
content-length: 926
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: application/javascript
last-modified: Thu, 23 Jul 2020 20:34:19 GMT
x-azure-ref: 20241007T142818Z-176d4fdd79cqb65vhheg3zdqhs0000000uy000000000axws

Redirect headers

cache-control: max-age=3600
location: https://www.getabetterbrowser.com/js/checker.js?ckcachebust=748359572
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CIG1%2BRIBxeG2Xl7StGCNkOL4cmZWJGP8W2pzAV%2Flx4HMzOoRsFE3pCP4GtkaY3Lgn2G5uDGOeiQX0qRPCeMxERRe6gmD4w9uCxyDEW3mEgNbCizsbyl3veNJB2lm8jQNxyev7xRk11o%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cee93b26c7cd2c6-FRA
expires: Mon, 07 Oct 2024 15:28:18 GMT
alt-svc: h3=":443"; ma=86400
content-length: 167
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H2

200

checker.css
www.getabetterbrowser.com/css/
Redirect Chain

https://getabetterbrowser.com/css/checker.css?ckcachebust=748359572
https://www.getabetterbrowser.com/css/checker.css?ckcachebust=748359572

244 B
529 B

242ms
44ms

Stylesheet
text/css

2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getabetterbrowser.com/css/checker.css?ckcachebust=748359572
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Server: 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5778aedb07588a6fd397f401079a79cae01b4a2e399b9cbe4d0ddc466be7cf6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

x-ms-version: 2018-03-28
etag: "0x8D82F47C6BDC125"
x-fd-int-roxy-purgeid: 45865483
x-ms-request-id: 32516254-a01e-002a-2d7a-18732d000000
accept-ranges: bytes
x-cache: TCP_HIT
content-length: 244
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: text/css
last-modified: Thu, 23 Jul 2020 20:34:19 GMT
x-azure-ref: 20241007T142818Z-176d4fdd79cqb65vhheg3zdqhs0000000uy000000000axwc

Redirect headers

cache-control: max-age=3600
location: https://www.getabetterbrowser.com/css/checker.css?ckcachebust=748359572
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IcUQFUIwVTtwWfgLAn8XDhA25nl%2FGoTV5Epj6F0gfdrIzZc6LgcNNjD16dJ6gi4TWRkf1pbWjjnAdjigMl3Bx5zMp1qrfVoBq5ZGuAwOsn%2BK3lwZ6AV8GM973OTeMgzxwCNrqv%2Fkyao%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cee93b04d39d2c6-FRA
expires: Mon, 07 Oct 2024 15:28:18 GMT
content-length: 167
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 137ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Source+Serif+Pro:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: buy.neaq.org
URL: https://buy.neaq.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

351862b217fc9af7a1cbafe5cd5f7659d2463c4bb34bf422c32f9143b6ef9512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 07 Oct 2024 14:28:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 07 Oct 2024 14:28:18 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 global.css
prod.speakcdn.com/sitefiles/global/css/ 110 KB
18 KB 153ms
50ms Stylesheet
text/css 2606:4700:20::681a:846
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.speakcdn.com/sitefiles/global/css/global.css?ckcachebust=748359572
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:846 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17d05b47a423ec56f8e8de4a185bc48a5042b365fdc3b1adc9401a011ac1a33b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"5f7dc3ba-1b7ec"
age: 76755
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xf05W%2Fns65z2%2Blso6e7VOUFf1h9AHhzkWmFcsfu1AEWdJnIuMomUMtVjykq8zuJvMqp2Gi6WP0LqfW%2BLKD2YsqDALBK6HuX0jypRNzaPdgzpHHn1Euda7xB4uliz2Akok605dwGnIGfB2CcfhfoD"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cee93b088d1d2f7-FRA
x-gateway-name: gateway2
access-control-allow-origin: *
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: text/css
last-modified: Wed, 07 Oct 2020 13:33:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 master.css
prod.speakcdn.com/sitefiles/3016/css/ 144 KB
22 KB 166ms
64ms Stylesheet
text/css 2606:4700:20::681a:846
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.speakcdn.com/sitefiles/3016/css/master.css
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:846 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 142f2f9280fdb3a43964ad00ccb124da1ad6d407e0524af269a9e651f6959043

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"66fbecdb-2409b"
age: 76755
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NEqYI0%2BfOaHaK1bq%2BzaCUcXOfpMKLeZd5yVXxj6lrwVKdQkTJiFahG0QAY%2F7vYCbYO5SL0HW5oTetFXlOzntor0Mf%2BZ2s99taIHxz46SpxIb9ZawVPTwiFTWz9m0W9jTPlNHw0E%2FugMUnMTFhNOV"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cee93b088d8d2f7-FRA
x-gateway-name: gateway2
access-control-allow-origin: *
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: text/css
last-modified: Tue, 01 Oct 2024 12:36:43 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 search.svg
prod.speakcdn.com/sitefiles/3016/images/icons/ 1 KB
820 B 164ms
62ms Image
image/svg+xml 2606:4700:20::681a:846
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod.speakcdn.com/sitefiles/3016/images/icons/search.svg
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:846 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf51d3dd2de29666677f021d89120dc4ebf47514aac3e748172e7621b0731a8f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"66fbecda-4c2"
age: 76756
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hUV81SJrT1B%2Fy66Hi%2BLaQsDSIsq8UfVsnV1ERVcekPcqb4jEeFHeaK5PMzzs0i%2F5%2FNE8hxeuwDEDjN615TVLwTDMkSqbhSDZiJWiAMnpBJVMy0dvIUw2sdOjIMdqdjOaRwvy5qllpvv9GWREVdJk"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cee93b088ddd2f7-FRA
x-gateway-name: gateway1
access-control-allow-origin: *
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Oct 2024 12:36:42 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 x.svg
prod.speakcdn.com/sitefiles/3016/images/icons/ 449 B
616 B 155ms
53ms Image
image/svg+xml 2606:4700:20::681a:846
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod.speakcdn.com/sitefiles/3016/images/icons/x.svg
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:846 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6afda8c4bb11e4429c3790b9b6879359ff35a0cd0c4613c49047e0786e4abe24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"66fbecda-1c1"
age: 289876
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4MUXFAC7wHHheIXjZpU0OCWMwsIlIxag77ZkDg4XtdofkkK6GU%2FxZ8YQKgE6lNrFOrmMh3622iuUP1kLpeukfXmVlox%2FTRjj9UUuqrsN5qnzojImPwYEf7kAH2Bm7yhskwh8p%2ByatdJJzqlLEzPm"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cee93b088e1d2f7-FRA
x-gateway-name: gateway1
access-control-allow-origin: *
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Oct 2024 12:36:42 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 mobile-logo.svg
prod.speakcdn.com/sitefiles/3016/images/ 14 KB
6 KB 62ms
62ms Image
image/svg+xml 2606:4700:20::681a:846
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod.speakcdn.com/sitefiles/3016/images/mobile-logo.svg
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:846 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c44ff119f2434aaf5c751526c5c417a321c53a10646db19e6bc77096e48ff699

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"66fbecda-3887"
age: 76755
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FQOYar36FqBOFvgPptCGUl9XjZT4snRlOYPERimugq7W%2BIylvvM5pI1zQ6a3qrlgdBaE4SIgvHkfMJuKjE0UBaYwEBLegkTPbKRSfmva9zSkcreKlQXKBcwJf1%2FPTWg%2B%2Bj0lyZD7mEu%2BYwNwKNY2"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cee93b0ea48d2f7-FRA
x-gateway-name: gateway2
access-control-allow-origin: *
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Oct 2024 12:36:42 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 neaq-logo.svg
prod.speakcdn.com/sitefiles/3016/images/ 25 KB
10 KB 53ms
53ms Image
image/svg+xml 2606:4700:20::681a:846
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod.speakcdn.com/sitefiles/3016/images/neaq-logo.svg
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:846 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bb7d3e54ee05fa13a1dd47114257e9c4381e78b7cddab727842abb73d14dfb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"66fbecda-63cf"
age: 76755
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5LkKZe4pwX7r5uYkqnJf8wElvZOxIUwLKs4KqL%2F1Bue77CQseDFFv3AuVVaRbmTC1mNz4zsklzltGCWsjCqOQwNSVfW5bi9WOYWDY5%2BwJ9tQG9GKBtOq6BIRm4JOdLm77vZKdRhQEH8c%2BnsLxSot"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cee93b0fa9ad2f7-FRA
x-gateway-name: gateway3
access-control-allow-origin: *
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Oct 2024 12:36:42 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 blue-search-icon.svg
buy.neaq.org/sitefiles/3016/images/icons/ 1 KB
2 KB 168ms
168ms Image
image/svg+xml 40.119.1.254
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.neaq.org/sitefiles/3016/images/icons/blue-search-icon.svg
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 40.119.1.254 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c7006f42658500f4d7bc780049d62aa15e5dd8a4c8ba228b685da56c09d233b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

x-gateway-name: gateway1
accept-ranges: bytes
content-length: 1455
date: Mon, 07 Oct 2024 14:28:18 GMT
etag: "66fbecda-5af"
content-type: image/svg+xml
last-modified: Tue, 01 Oct 2024 12:36:42 GMT

GET
H2 200 index.js Show response
static.speakcdn.com/public/page-alert/dist/2.0.0/ 3 KB
1 KB 61ms
50ms Script
application/javascript 2606:4700:20::681a:846
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.speakcdn.com/public/page-alert/dist/2.0.0/index.js
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:846 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc8e46a2e9254cac82a256a8ba8ec62cd5391f4e78faea7ffc5870e13c7c3cb9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"66c72bb8-aaa"
age: 3660055
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IzhRiK9X4r54h3JlXEWJ62DmbOuh0Mt5kqX9PNnHCFwZNdnLDG79AXqdHOgQXS%2FUX4beiDfqSknHQKLdRusWl3TaTu%2BALTGMfJPOmhvkGqGqlNjQKR%2FTo%2BdlMIAJcCPkVHJoskvux9oEVehLLhJvXxU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cee93b16c72d2f7-FRA
x-gateway-name: gateway2
access-control-allow-origin: *
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: application/javascript
last-modified: Thu, 22 Aug 2024 12:14:48 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK style.css
neaq.z13.web.core.windows.net/ 14 KB
14 KB 523ms
126ms Stylesheet
text/css 20.209.226.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://neaq.z13.web.core.windows.net/style.css
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.226.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bce77f21c4837674909ad2960d4f0d595ddd09506a2133b9c766c8f8ab9a0139

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

Content-MD5: UCq83+RJpNDbthzFgJL6xg==
x-ms-version: 2018-03-28
ETag: "0x8DCE4A8BFAF35AE"
x-ms-request-id: 359e3319-901e-0000-2ec5-1890fb000000
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 14365
Date: Mon, 07 Oct 2024 14:28:18 GMT
Content-Type: text/css
Last-Modified: Fri, 04 Oct 2024 19:14:20 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0

GET
H2

200

neaq-footer-logo.svg
assets.speakcdn.com/assets/3016/
Redirect Chain

https://buy.neaq.org/assets/3016/neaq-footer-logo.svg
https://assets.speakcdn.com/assets/3016/neaq-footer-logo.svg

25 KB
11 KB

710ms
699ms

Image
image/svg+xml

2606:4700:20::681a:846
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.speakcdn.com/assets/3016/neaq-footer-logo.svg
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Server: 2606:4700:20::681a:846 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bb7d3e54ee05fa13a1dd47114257e9c4381e78b7cddab727842abb73d14dfb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

content-md5: fSO6X517lRnMKiH4smGW6g==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: BYPASS
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FEdbOsC29T9sdxU4oL52rdu1J50WEvWVOXKOSN%2BDFzaTKbyvH5GlasFxBi6Fdrpnc7bSwUCxaMqSRd%2BFqeazthYupUoT9svBBTx4xB%2F82sN%2F51WQxgjvbXklLou3HOwXoaOxwsp8FiMwDNqHZImLCKc%3D"}],"group":"cf-nel","max_age":604800}
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: image/svg+xml
last-modified: Tue, 20 Aug 2024 21:16:03 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id: 739a8914-001e-0035-19c5-18f433000000
request-context: appId=cid-v1:be9309c1-254e-4571-958f-7a48b023db2b
cf-ray: 8cee93b36c7fd2f7-FRA
x-fs-remote: https://swfileshare.blob.core.windows.net/assets/assets/3016/neaq-footer-logo.svg
x-ms-blob-type: BlockBlob
server: cloudflare

Redirect headers

x-gateway-name: gateway1
location: https://assets.speakcdn.com/assets/3016/neaq-footer-logo.svg
content-length: 162
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: text/html

GET
H2 200 master-min.js Show response
prod.speakcdn.com/sitefiles/3016/js/min/ 110 KB
35 KB 58ms
57ms Script
application/javascript 2606:4700:20::681a:846
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.speakcdn.com/sitefiles/3016/js/min/master-min.js
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:846 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45ae48a5956ae08166972027e20438d4665e34fb3d86ee166104d595033fd5f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"66fbecdb-1b9f6"
age: 76754
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HqMijVMLU1M0oDRY26%2BqKtrkf68UO5hC9E8C7OTNWbIvjy1dRwzh4V5e5yg5xL%2BWyhsHq9eYrTOo8RI3Gk8gdoR9t56CN7w2nhRIqxQgi2duAPGLmYwycKgHHpZ9Ie9jHCljjdy1RxAnnaZm956F"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cee93b2684dd2f7-FRA
x-gateway-name: gateway2
access-control-allow-origin: *
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 12:36:43 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 135ms
39ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9606487-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

content-encoding: gzip
age: 3491
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Mon, 07 Oct 2024 15:30:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 13:30:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 314 KB
104 KB 59ms
58ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K8642H37BB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9606487-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4bff95d74abc6298c52837e9c732c9485cb047eee77d4906ec18c317362e3b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 07 Oct 2024 14:28:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106184
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 143ms
48ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K8642H37BB&gtm=45je4a20v9116353249za200&_p=1728311298528&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101529666~101671035~101747727&cid=1283295594.1728311299&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1728311298&sct=1&seg=0&dl=https%3A%2F%2Fbuy.neaq.org%2F&dt=Home&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1401
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8642H37BB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://buy.neaq.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 trigger.css
www.getabetterbrowser.com/css/ 257 B
541 B 42ms
42ms Stylesheet
text/css 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getabetterbrowser.com/css/trigger.css
Requested by: Host: www.getabetterbrowser.com
URL: https://www.getabetterbrowser.com/css/checker.css?ckcachebust=748359572
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bcf268e3d0b490a2634e396f727e6f2916339671ecc9b0fc8751dd4d5092a99e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.getabetterbrowser.com/css/checker.css?ckcachebust=748359572

Response headers

x-ms-version: 2018-03-28
etag: "0x8D82F47C6C82344"
x-fd-int-roxy-purgeid: 45865483
x-ms-request-id: f81dcf30-e01e-0066-5a90-18e31d000000
accept-ranges: bytes
x-cache: TCP_HIT
content-length: 257
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: text/css
last-modified: Thu, 23 Jul 2020 20:34:19 GMT
x-azure-ref: 20241007T142818Z-176d4fdd79cqb65vhheg3zdqhs0000000uy000000000axwe

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 383 KB
120 KB 72ms
71ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KRPLB8G

Requested by

Host: buy.neaq.org
URL: https://buy.neaq.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f4e4654abed70757238672026fb84e493cde4edefbd2b775200a0d37c2d76a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 07 Oct 2024 14:28:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 07 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 122690
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 index.js Show response
static.speakcdn.com/public/page-alert/dist/2.0.0/ 3 KB
0 0ms
0ms Script
application/javascript 2606:4700:20::681a:846
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.speakcdn.com/public/page-alert/dist/2.0.0/index.js
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:846 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc8e46a2e9254cac82a256a8ba8ec62cd5391f4e78faea7ffc5870e13c7c3cb9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://buy.neaq.org
Referer: https://buy.neaq.org/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"66c72bb8-aaa"
age: 3660055
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IzhRiK9X4r54h3JlXEWJ62DmbOuh0Mt5kqX9PNnHCFwZNdnLDG79AXqdHOgQXS%2FUX4beiDfqSknHQKLdRusWl3TaTu%2BALTGMfJPOmhvkGqGqlNjQKR%2FTo%2BdlMIAJcCPkVHJoskvux9oEVehLLhJvXxU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cee93b16c72d2f7-FRA
x-gateway-name: gateway2
access-control-allow-origin: *
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: application/javascript
last-modified: Thu, 22 Aug 2024 12:14:48 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 helveticaneueltstd-roman-webfont.woff
www.neaq.org/wp-content/themes/neaq/fonts/ 26 KB
26 KB 259ms
151ms Font
font/woff 2620:12a:8001::253
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.neaq.org/wp-content/themes/neaq/fonts/helveticaneueltstd-roman-webfont.woff
Requested by: Host: prod.speakcdn.com
URL: https://prod.speakcdn.com/sitefiles/3016/css/master.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8001::253 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 650dfb0e564785e0d80e965a9e46f624249545ce0b521388f96bc28041de1fe6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://buy.neaq.org
Referer: https://prod.speakcdn.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-7788459589-bd22c
etag: "6700023a-678c"
age: 249006
expires: Sun, 05 Oct 2025 17:18:12 GMT
x-cache: HIT, HIT
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: font/woff
last-modified: Fri, 04 Oct 2024 14:56:58 GMT
x-cache-hits: 52, 0
x-served-by: cache-chi-klot8100028-CHI, cache-mxp6963-MXP
cache-control: max-age=31622400
x-timer: S1728311299.069074,VS0,VE64
x-styx-req-id: a2a0b318-8274-11ef-a2ca-ded8d0ff62b7
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26508
server: nginx

GET
H2 200 blue-arrow-down.svg
prod.speakcdn.com/sitefiles/3016/images/icons/ 180 B
568 B 49ms
49ms Image
image/svg+xml 2606:4700:20::681a:846
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod.speakcdn.com/sitefiles/3016/images/icons/blue-arrow-down.svg
Requested by: Host: prod.speakcdn.com
URL: https://prod.speakcdn.com/sitefiles/3016/css/master.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:846 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160710d71b82ae6d61ca9d950ce759321e0d085a517ba7039307529488a3e329

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://prod.speakcdn.com/sitefiles/3016/css/master.css

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"66fbecda-b4"
age: 76751
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d4WMVbOTZ8Fz2TlpBJE%2BF0JZxIlBWuhem5CdQROyiMAu9ScbB%2BWUNIGg4qqBoi52QXqYlqabZ0vezxJn%2BpfKWxYtig58OhXhevdxU%2BRqMSc3OXdtt7z6vGKsEQk6jX0tMgolx6GIVbXtaQX6M%2Bz1"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cee93b26884d2f7-FRA
x-gateway-name: gateway2
access-control-allow-origin: *
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Oct 2024 12:36:42 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 btn-sec-wave.svg
www.neaq.org/wp-content/themes/neaq/images/ 2 KB
1 KB 170ms
56ms Image
image/svg+xml 2620:12a:8001::253
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.neaq.org/wp-content/themes/neaq/images/btn-sec-wave.svg
Requested by: Host: prod.speakcdn.com
URL: https://prod.speakcdn.com/sitefiles/3016/css/master.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8001::253 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 12cc730cb37af022dc8a1b455bec4a50317ba7f5259f8ce48e264f75b212a7f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://prod.speakcdn.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-7788459589-97tvd
content-encoding: gzip
etag: W/"66ffb9b2-698"
age: 249007
expires: Sun, 05 Oct 2025 17:18:12 GMT
x-cache: HIT, HIT
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-cache-hits: 50, 0
last-modified: Fri, 04 Oct 2024 09:47:30 GMT
x-served-by: cache-chi-kigq8000037-CHI, cache-mxp6928-MXP
cache-control: max-age=31622400
x-timer: S1728311299.069182,VS0,VE4
x-styx-req-id: a2779437-8274-11ef-bce2-ca6567033485
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 698
server: nginx

GET
H2 200 white-waves.svg
prod.speakcdn.com/sitefiles/3016/images/ 39 KB
29 KB 53ms
53ms Image
image/svg+xml 2606:4700:20::681a:846
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod.speakcdn.com/sitefiles/3016/images/white-waves.svg
Requested by: Host: prod.speakcdn.com
URL: https://prod.speakcdn.com/sitefiles/3016/css/master.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:846 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9651b8df7318e3734c6b535838489243781c0b1f16452af5548dd8955b76e731

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://prod.speakcdn.com/sitefiles/3016/css/master.css

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"66fbecda-9b85"
age: 76754
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qekSk3Y3760Tpfm8DNshhG7GDneMXyHDJC2jH070NdZekoOdESpsQ683SZRSR%2BW627p5xDj4TO1CrtHAEDj1wKGfmneSbTrWSEtXsF341XhAY4iw6m7KczOx1HycOFH5GYZ4w0hvHsGdO4JXSPf%2B"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cee93b2788bd2f7-FRA
x-gateway-name: gateway3
access-control-allow-origin: *
date: Mon, 07 Oct 2024 14:28:18 GMT
content-type: image/svg+xml
last-modified: Tue, 01 Oct 2024 12:36:42 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 helveticaneueltstd-bd-webfont.woff
www.neaq.org/wp-content/themes/neaq/fonts/ 26 KB
27 KB 161ms
54ms Font
font/woff 2620:12a:8001::253
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.neaq.org/wp-content/themes/neaq/fonts/helveticaneueltstd-bd-webfont.woff
Requested by: Host: prod.speakcdn.com
URL: https://prod.speakcdn.com/sitefiles/3016/css/master.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8001::253 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff44f499cd7b8ce3310103019e32dc197f00313e0f05a084cd31858cacd5d612

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://buy.neaq.org
Referer: https://prod.speakcdn.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-7788459589-z7wpl
etag: "6700023a-69e8"
age: 249006
expires: Sun, 05 Oct 2025 17:18:12 GMT
x-cache: HIT, HIT
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: font/woff
last-modified: Fri, 04 Oct 2024 14:56:58 GMT
x-cache-hits: 51, 0
x-served-by: cache-chi-klot8100174-CHI, cache-mxp6963-MXP
cache-control: max-age=31622400
x-timer: S1728311299.069089,VS0,VE4
x-styx-req-id: a29fc64a-8274-11ef-bfcc-e27a31769411
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27112
server: nginx

GET
H2 200 helveticaneueltstd-cn-webfont.woff
www.neaq.org/wp-content/themes/neaq/fonts/ 26 KB
27 KB 224ms
117ms Font
font/woff 2620:12a:8001::253
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.neaq.org/wp-content/themes/neaq/fonts/helveticaneueltstd-cn-webfont.woff
Requested by: Host: prod.speakcdn.com
URL: https://prod.speakcdn.com/sitefiles/3016/css/master.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8001::253 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7e3e7c21e25f30d42161900f88c52524f1c8001b046a0755559a0ca6b01cc1ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://buy.neaq.org
Referer: https://prod.speakcdn.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-7788459589-wmjvt
etag: "66ffb9b2-69d8"
age: 249005
expires: Sun, 05 Oct 2025 17:18:15 GMT
x-cache: HIT, HIT
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: font/woff
last-modified: Fri, 04 Oct 2024 09:47:30 GMT
x-cache-hits: 39, 0
x-served-by: cache-chi-klot8100041-CHI, cache-mxp6963-MXP
cache-control: max-age=31622400
x-timer: S1728311299.068858,VS0,VE5
x-styx-req-id: a4245aa2-8274-11ef-b076-8e013b613c8a
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27096
server: nginx

GET
H2 200 helveticaneueltstd-hv-webfont.woff
www.neaq.org/wp-content/themes/neaq/fonts/ 26 KB
26 KB 161ms
54ms Font
font/woff 2620:12a:8001::253
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.neaq.org/wp-content/themes/neaq/fonts/helveticaneueltstd-hv-webfont.woff
Requested by: Host: prod.speakcdn.com
URL: https://prod.speakcdn.com/sitefiles/3016/css/master.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8001::253 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d77295a9e742436b3ce0fe2b0420eb6257637e51a53c93ef75f21fcb3549eabb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://buy.neaq.org
Referer: https://prod.speakcdn.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-7788459589-97tvd
etag: "66ffb9b2-6708"
age: 249006
expires: Sun, 05 Oct 2025 17:18:12 GMT
x-cache: HIT, HIT
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: font/woff
last-modified: Fri, 04 Oct 2024 09:47:30 GMT
x-cache-hits: 50, 0
x-served-by: cache-chi-kigq8000022-CHI, cache-mxp6963-MXP
cache-control: max-age=31622400
x-timer: S1728311299.069084,VS0,VE4
x-styx-req-id: a2a22191-8274-11ef-bce2-ca6567033485
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26376
server: nginx

GET
H2 200 helveticaneueltstd-bdcn-webfont.woff
www.neaq.org/wp-content/themes/neaq/fonts/ 25 KB
26 KB 159ms
52ms Font
font/woff 2620:12a:8001::253
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.neaq.org/wp-content/themes/neaq/fonts/helveticaneueltstd-bdcn-webfont.woff
Requested by: Host: prod.speakcdn.com
URL: https://prod.speakcdn.com/sitefiles/3016/css/master.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8001::253 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 97b97313509053ff3fd2e6f8bee0e2d651a9ccbbd5cfab916a61c8e62370daf6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://buy.neaq.org
Referer: https://prod.speakcdn.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-7788459589-97tvd
etag: "66ff6bd9-64ac"
age: 249006
expires: Sun, 05 Oct 2025 15:50:49 GMT
x-cache: HIT, HIT
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: font/woff
last-modified: Fri, 04 Oct 2024 04:15:21 GMT
x-cache-hits: 30, 0
x-served-by: cache-chi-kigq8000079-CHI, cache-mxp6963-MXP
cache-control: max-age=31622400
x-timer: S1728311299.068895,VS0,VE4
x-styx-req-id: 6d9d62f1-8268-11ef-bce2-ca6567033485
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25772
server: nginx

GET
H3 200 date-fns.js Show response
cdn.skypack.dev/pin/date-fns@v2.27.0-kSwHFMsWRtnuspqyJxns/mode=imports,min/optimized/ 328 B
701 B 124ms
67ms Script
application/javascript 172.67.74.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.skypack.dev/pin/date-fns@v2.27.0-kSwHFMsWRtnuspqyJxns/mode=imports,min/optimized/date-fns.js
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.194 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3f0c8fa2b3c016eac5e8ba5942b38a4a39953c61d37c548959cdf2146436335

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://buy.neaq.org
Referer: https://static.speakcdn.com/

Response headers

cache-control: private, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-import-url: /-/date-fns@v2.27.0-kSwHFMsWRtnuspqyJxns/dist=es2020,mode=imports,min/optimized/date-fns.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SzL7%2BI1lUfhq4AEQpukDBZb5xzoadoQVQBYCwDHOsOvZapbic%2BHk58Y9Ok1OFVmfoFTQEzXAi6Aj0dVoEA7m%2B%2BbPOx4Eagts8W45sfL1o4%2B1IC%2BBdO0Pmfq2KgNGyQaRsg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cee93b2dfce6ab9-FRA
access-control-allow-origin: *
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 date-fns.js Show response
cdn.skypack.dev/-/date-fns@v2.27.0-kSwHFMsWRtnuspqyJxns/dist=es2020,mode=imports,min/optimized/ 84 KB
20 KB 76ms
76ms Script
application/javascript 172.67.74.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.skypack.dev/-/date-fns@v2.27.0-kSwHFMsWRtnuspqyJxns/dist=es2020,mode=imports,min/optimized/date-fns.js

Requested by

Host: buy.neaq.org
URL: https://buy.neaq.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

327eba130b20f485687c0a58767e820cd018e135138b94d02bbf75f9c839e3c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://buy.neaq.org
Referer: https://cdn.skypack.dev/pin/date-fns@v2.27.0-kSwHFMsWRtnuspqyJxns/mode=imports,min/optimized/date-fns.js

Response headers

access-control-expose-headers: Content-Length, X-Imports
content-encoding: br
cf-cache-status: HIT
etag: W/"1502b-xa1hTYvVTgU9A8B9oUlc660DDSE"
age: 70711
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xeVi0E9EiUi3cLBB93a27P8MUr4ji%2F7XCbCStlsn2cGD4goFY2DEhKOD91dBtUwiVaF7fgfOsQHouk4L%2BpAI1Nb%2FkBgFOJy9cpETCcnSiba6jU729V0yV4hm03stmisIFg%3D%3D"}],"group":"cf-nel","max_age":604800}
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=63072000
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-cache: HIT
cf-ray: 8cee93b3485a6ab9-FRA
access-control-allow-origin: *
server: cloudflare
x-vercel-id: fra1::sfo1::tcvx2-1728240588412-447202139d96

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
417 B 46ms
46ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=266487351&t=pageview&_s=1&dl=https%3A%2F%2Fbuy.neaq.org%2F&ul=de-de&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1914095327&gjid=936650900&cid=1283295594.1728311299&tid=UA-9606487-2&_gid=151976893.1728311299&_r=1&gtm=457e4a20za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101529665~101671035~101747727&jsscut=1&npa=1&z=445360561

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://buy.neaq.org/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 14:28:19 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://buy.neaq.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 315 KB
105 KB 58ms
58ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EP7TZ5H4JV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRPLB8G

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

15c1b6550442d6d371ea33a77f4d0aedf7879aded678c7396d12c8b27f727ed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 07 Oct 2024 14:28:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 107140
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 127ms
127ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-3418164&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRPLB8G

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ba1fb3247b2b9227fa15ca1cfd5a01ccbef61a1acddf8b64e99d70a8fe630b62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Mon, 07 Oct 2024 14:28:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 07 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 80136
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
86 B 46ms
45ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=266487351&t=pageview&_s=1&dl=https%3A%2F%2Fbuy.neaq.org%2F&ul=de-de&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAAI~&jid=569674597&gjid=503132410&cid=1283295594.1728311299&tid=UA-158202776-1&_gid=151976893.1728311299&_r=1&_slc=1&gtm=45He4a20n81KRPLB8Gv78347654za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cm1=%7B%22debug%22%3Atrue%7D&npa=1&z=949211901

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

37a658378f543c07f63091a615cc35f4b1808be4f725800cf6be73fe34ae4726

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://buy.neaq.org/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 14:28:19 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://buy.neaq.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 240 KB
86 KB 90ms
90ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10940510478&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRPLB8G

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ffab59c7949565bc6d17248ce1525a4b9eb051e085d897de0c4993e2a4929132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Mon, 07 Oct 2024 14:28:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 07 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 87923
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 274 KB
94 KB 60ms
60ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-968640050&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRPLB8G

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

13a2eea8914c3b09d240637efe44a29728c6fbcd2e53015d622599ba80995baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Mon, 07 Oct 2024 14:28:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 07 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 96145
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK pixel.js Show response
origin.acuityplatform.com/event/v1/ 2 KB
2 KB 136ms
41ms Script
application/javascript 23.201.250.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://origin.acuityplatform.com/event/v1/pixel.js
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.250.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-250-60.deploy.static.akamaitechnologies.com
Software: nginx/1.14.0 /
Resource Hash: 8e06744c8c99849a3fdd19e8941825c975b1f2de1ace06c8eb5924b33ddf4550

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

ETag: "5d961b35-6a7"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 1703
Date: Mon, 07 Oct 2024 14:28:19 GMT
Content-Type: application/javascript
Last-Modified: Thu, 03 Oct 2019 16:00:53 GMT
Server: nginx/1.14.0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 226 KB
58 KB 81ms
40ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: buy.neaq.org
URL: https://buy.neaq.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4430, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 6uBiLkzJOiaf6lTsAQO9DQa9HgqPWrfIFRSehBlI7k7xCoiflrzEdU5YMoOMe6R7VdvWHOmtL/IRoSrDRGr8EA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59131
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H/1.1 200
OK tv2track.js Show response
collector-34457.us.tvsquared.com/ 20 KB
9 KB 529ms
130ms Script
application/javascript 3.140.234.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-34457.us.tvsquared.com/tv2track.js
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.234.245 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-234-245.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

X-Robots-Tag: noindex
Cache-Control: max-age=600
Content-Encoding: gzip
ETag: "65d377e7-2133"
Connection: keep-alive
Expires: Mon, 07 Oct 2024 14:38:19 GMT
Accept-Ranges: bytes
Content-Length: 8499
Date: Mon, 07 Oct 2024 14:28:19 GMT
Content-Type: application/javascript
Last-Modified: Mon, 19 Feb 2024 15:46:47 GMT
Server: nginx

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
94 KB 86ms
85ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MNHLNJGTYR&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9e0331cc38e85d25bc4282c0ebf337c5dd44646cf44e00dddcf12b5a543233d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 07 Oct 2024 14:28:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 96349
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 879263343584496 Show response
connect.facebook.net/signals/config/ 68 KB
13 KB 105ms
104ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/879263343584496?v=2.9.170&r=stable&domain=buy.neaq.org&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

8c73241630e76430cae5f903be851b475c3da1d6937d0dc410e19bf7372be693

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=74, mss=1232, tbw=67292, tp=63, tpl=0, uplat=64, ullat=0
pragma: public
x-fb-debug: 8IBvt3n8A99pjgR6Tq3wh4lVjDtYSQjoPgq17k53wB1nlLUMsvE0CEmCpdTqO1Rq9BIUUMb9I5otXYghgOv41Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H/1.1 204
No Content pj Show response
e.acuityplatform.com/ 0
188 B 262ms
136ms Script
text/plain 154.59.122.94
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://e.acuityplatform.com/pj?pk=7459557826003703914&pu=https%3A%2F%2Fbuy.neaq.org%2F
Requested by: Host: origin.acuityplatform.com
URL: https://origin.acuityplatform.com/event/v1/pixel.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 154.59.122.94 Schiphol, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

access-control-allow-origin: *

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/10940510478/ 6 KB
3 KB 132ms
66ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10940510478/?random=1728311299327&cv=11&fst=1728311299327&bg=ffffff&guid=ON&async=1&gtm=45be4a20z878347654za201zb78347654&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fbuy.neaq.org%2F&label=6L5HCLzwk90DEI7i6-Ao&hn=www.googleadservices.com&frm=0&tiba=Home&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1378968704.1728311299&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10940510478&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

fa75aa7eef716d52138b21f2b9819ca9e1d86b681d0929da9355a21c113b1eda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2652
date: Mon, 07 Oct 2024 14:28:19 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3

204

https://region1.google-analytics.com/g/collect?v=2&tid=G-EP7TZ5H4JV&gtm=45je4a20v894637396z878347654za200zb78347654&_p=1728311298528&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~1...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1283295594.1728311299&dbk=10870326149843655082&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4a20v894637396z878347654z...

0
0

57ms
57ms

Fetch
text/plain

216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1283295594.1728311299&dbk=10870326149843655082&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4a20v894637396z878347654za200zb78347654&npa=1&tid=G-EP7TZ5H4JV&dl=https%3A%2F%2Fbuy.neaq.org%3F
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H3
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
attribution-reporting-info: preferred-platform=os
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
attribution-reporting-register-os-trigger: "https://region1.google-analytics.com/privacy-sandbox/register-os-conversion?_c=1&cid=1283295594.1728311299&dbk=10870326149843655082&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4a20v894637396z878347654za200zb78347654&npa=1&tid=G-EP7TZ5H4JV&dl=https%3A%2F%2Fbuy.neaq.org%3F"
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0xb313bb0061a962cb","source_keys":["1"]},{"key_piece":"0xac3f9e396b7510bb","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"10870326149843655082","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["1056051963","11108385715","974350951"],"5":["10-07","10-06","10-05"]}}
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1283295594.1728311299&dbk=10870326149843655082&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4a20v894637396z878347654za200zb78347654&npa=1&tid=G-EP7TZ5H4JV&dl=https%3A%2F%2Fbuy.neaq.org%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 48ms
48ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7Q8KM3479R&gtm=45je4a20v894637396z878347654za200zb78347654&_p=1728311298528&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101671035~101747727&cid=1283295594.1728311299&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1728311299&sct=1&seg=0&dl=https%3A%2F%2Fbuy.neaq.org%2F&dt=Home&en=page_view&_fv=1&_ss=1&tfd=1935
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EP7TZ5H4JV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://buy.neaq.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: text/plain
server: Golfe2

GET
H2

200

activityi;dc_pre=COH4x6i9_IgDFTKW_QcdLN0LWQ;src=3418164;type=gener233;cat=2018n0;ord=1318952906378;npa=1;auiddc=1378968704.1728311299;ps=1;pcor=1656874546;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;ua...
3418164.fls.doubleclick.net/ Frame 7D8C
Redirect Chain

https://3418164.fls.doubleclick.net/activityi;src=3418164;type=gener233;cat=2018n0;ord=1318952906378;npa=1;auiddc=1378968704.1728311299;ps=1;pcor=1656874546;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;...
https://3418164.fls.doubleclick.net/activityi;dc_pre=COH4x6i9_IgDFTKW_QcdLN0LWQ;src=3418164;type=gener233;cat=2018n0;ord=1318952906378;npa=1;auiddc=1378968704.1728311299;ps=1;pcor=1656874546;uaa=;u...

0
0

66ms
65ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3418164.fls.doubleclick.net/activityi;dc_pre=COH4x6i9_IgDFTKW_QcdLN0LWQ;src=3418164;type=gener233;cat=2018n0;ord=1318952906378;npa=1;auiddc=1378968704.1728311299;ps=1;pcor=1656874546;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a20v9189892006z878347654za201zb78347654;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fbuy.neaq.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-3418164&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buy.neaq.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Oct 2024 14:28:19 GMT
expires: Mon, 07 Oct 2024 14:28:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Oct 2024 14:28:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://3418164.fls.doubleclick.net/activityi;dc_pre=COH4x6i9_IgDFTKW_QcdLN0LWQ;src=3418164;type=gener233;cat=2018n0;ord=1318952906378;npa=1;auiddc=1378968704.1728311299;ps=1;pcor=1656874546;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a20v9189892006z878347654za201zb78347654;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fbuy.neaq.org%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=3418164;type=gener233;cat=2018n0;ord=1318952906378;npa=1;auiddc=1378968704.1728311299;ps=1;pcor=1656874546;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noa...
ad.doubleclick.net/ 0
23 B 166ms
82ms Image
image/png 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=3418164;type=gener233;cat=2018n0;ord=1318952906378;npa=1;auiddc=1378968704.1728311299;ps=1;pcor=1656874546;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a20v9189892006z878347654za201zb78347654;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fbuy.neaq.org%2F?

Requested by

Host: buy.neaq.org
URL: https://buy.neaq.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 07 Oct 2024 14:28:19 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"16229556106080417393"}],"aggregatable_trigger_data":[{"filters":[{"14":["7035308"]}],"key_piece":"0x1611a403a6648089","source_keys":["12","13","14","15","16","17","18","19","20","21","18858808","18858809","18858810","18858811","20534340","20534341","20534342","20534343","22101376","22101377","22101378","22101379","638575212","638575213","638575214","638575215"]},{"key_piece":"0xdd5a15dfb09389d6","not_filters":{"14":["7035308"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","18858808","18858809","18858810","18858811","20534340","20534341","20534342","20534343","22101376","22101377","22101378","22101379","638575212","638575213","638575214","638575215"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"18858808":65,"18858809":65,"18858810":65,"18858811":6356,"19":65,"20":65,"20534340":81,"20534341":81,"20534342":81,"20534343":7946,"21":6356,"22101376":109,"22101377":109,"22101378":109,"22101379":10594,"638575212":72,"638575213":72,"638575214":72,"638575215":7062},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"14588277006484260147","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"16229556106080417393","filters":[{"14":["7035308"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"16229556106080417393","filters":[{"14":["7035308"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"16229556106080417393","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"16229556106080417393","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["3418164"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 48ms
48ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MNHLNJGTYR&gtm=45je4a20v9123112382za200&_p=1728311298528&gcd=13l3l3l2l3l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&ul=de-de&sr=1600x1200&cid=1283295594.1728311299&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fbuy.neaq.org%2F&dt=Home&sid=1728311299&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_metric_1=%7B%22debug%22%3Atrue%7D&tfd=1989
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MNHLNJGTYR&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://buy.neaq.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 footer-waves.png
prod.speakcdn.com/sitefiles/3016/images/ 8 KB
8 KB 50ms
50ms Image
image/webp 2606:4700:20::681a:846
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod.speakcdn.com/sitefiles/3016/images/footer-waves.png
Requested by: Host: prod.speakcdn.com
URL: https://prod.speakcdn.com/sitefiles/3016/css/master.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:846 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8145832b17425b8ec24f8979c4175f0448ce41bf8536529f121f0b936922851b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://prod.speakcdn.com/sitefiles/3016/css/master.css

Response headers

cf-bgj: imgq:85,h2pri
etag: "66fbecda-917e"
age: 76754
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rivpk12USZNH90q1%2BCAsMkTq3jLFE6cAQ1j%2FeOJqjlNglzQq5BF5bDwrgdymP1v1A4Eu6mj%2B%2BRT44Bp%2BX8Zt6no15iGULxi6aIasZel43WOZOokrOHq1cjxgjVSjH9bVY%2BLzOOfHfvMvXVx6LuG6"}],"group":"cf-nel","max_age":604800}
x-gateway-name: gateway1
cf-polished: origFmt=png, origSize=37246
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: image/webp
content-disposition: inline; filename="footer-waves.webp"
vary: Accept
last-modified: Tue, 01 Oct 2024 12:36:42 GMT
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8cee93b5ae02d2f7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8156
server: cloudflare

GET
H2 200 facebook-icon.svg
buy.neaq.org/sitefiles/3016/images/icons/ 406 B
544 B 168ms
168ms Image
image/svg+xml 40.119.1.254
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.neaq.org/sitefiles/3016/images/icons/facebook-icon.svg
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 40.119.1.254 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5aff22965791a5aeff4cb70b40a371bff8c41d1b6df2b001eb7059f1118f5531

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

x-gateway-name: gateway1
accept-ranges: bytes
content-length: 406
date: Mon, 07 Oct 2024 14:28:19 GMT
etag: "66fbecda-196"
content-type: image/svg+xml
last-modified: Tue, 01 Oct 2024 12:36:42 GMT

GET
H2 200 x-icon.svg
buy.neaq.org/sitefiles/3016/images/icons/ 1 KB
1 KB 170ms
169ms Image
image/svg+xml 40.119.1.254
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.neaq.org/sitefiles/3016/images/icons/x-icon.svg
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 40.119.1.254 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 996eb2ac0b0e0d67297c1d8e93456780ed458342e0918d8925f6b0cb5f17cf2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

x-gateway-name: gateway1
accept-ranges: bytes
content-length: 1252
date: Mon, 07 Oct 2024 14:28:19 GMT
etag: "66fbecda-4e4"
content-type: image/svg+xml
last-modified: Tue, 01 Oct 2024 12:36:42 GMT

GET
H2 200 instagram-icon.svg
buy.neaq.org/sitefiles/3016/images/icons/ 3 KB
3 KB 180ms
179ms Image
image/svg+xml 40.119.1.254
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.neaq.org/sitefiles/3016/images/icons/instagram-icon.svg
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 40.119.1.254 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c9b21bcd0a8fa704fd4767428dfc9af56f5fe96da28996a5c7e639c5f36dc67a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

x-gateway-name: gateway1
accept-ranges: bytes
content-length: 3087
date: Mon, 07 Oct 2024 14:28:19 GMT
etag: "66fbecda-c0f"
content-type: image/svg+xml
last-modified: Tue, 01 Oct 2024 12:36:42 GMT

GET
H2 200 youtube-icon.svg
buy.neaq.org/sitefiles/3016/images/icons/ 907 B
1 KB 191ms
190ms Image
image/svg+xml 40.119.1.254
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.neaq.org/sitefiles/3016/images/icons/youtube-icon.svg
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 40.119.1.254 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bc89da2bb3eac9ee37fe5f94e1ed7042ed148b88e8ff2c8736b2863b21826a09

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

x-gateway-name: gateway1
accept-ranges: bytes
content-length: 907
date: Mon, 07 Oct 2024 14:28:19 GMT
etag: "66fbecda-38b"
content-type: image/svg+xml
last-modified: Tue, 01 Oct 2024 12:36:42 GMT

GET
H2 200 linkedin-icon.svg
buy.neaq.org/sitefiles/3016/images/icons/ 1008 B
1 KB 202ms
202ms Image
image/svg+xml 40.119.1.254
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.neaq.org/sitefiles/3016/images/icons/linkedin-icon.svg
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 40.119.1.254 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 12fed360f745683718514c61cc04ea2bf0766950af511b725432c0802618c9a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

x-gateway-name: gateway1
accept-ranges: bytes
content-length: 1008
date: Mon, 07 Oct 2024 14:28:19 GMT
etag: "66fbecda-3f0"
content-type: image/svg+xml
last-modified: Tue, 01 Oct 2024 12:36:42 GMT

GET
H/1.1 200
OK acme-ticketing.js Show response
neaq.z13.web.core.windows.net/ 6 MB
6 MB 528ms
155ms Script
text/javascript 20.209.226.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://neaq.z13.web.core.windows.net/acme-ticketing.js
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.226.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2013390a0b17e7651d6cd340c8702345901335f18b44e0728f79af7e90bf3ded

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://buy.neaq.org
Referer: https://buy.neaq.org/

Response headers

Content-MD5: EjtjMVrz6AL/2zGeNodidQ==
x-ms-version: 2018-03-28
ETag: "0x8DCE4A8BFE1A5AD"
x-ms-request-id: 20ef4e17-e01e-0078-64c5-183303000000
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 6471388
Date: Mon, 07 Oct 2024 14:28:19 GMT
Content-Type: text/javascript
Last-Modified: Fri, 04 Oct 2024 19:14:20 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 126ms
45ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=879263343584496&ev=PageView&dl=https%3A%2F%2Fbuy.neaq.org%2F&rl=&if=false&ts=1728311299456&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728311299455.738452440660662133&ler=empty&cdl=API_unavailable&it=1728311299245&coo=false&rqm=GET

Requested by

Host: buy.neaq.org
URL: https://buy.neaq.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=2918, tp=-1, tpl=-1, uplat=0, ullat=1
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 263ms
181ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=879263343584496&ev=PageView&dl=https%3A%2F%2Fbuy.neaq.org%2F&rl=&if=false&ts=1728311299456&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728311299455.738452440660662133&ler=empty&cdl=API_unavailable&it=1728311299245&coo=false&rqm=FGET

Requested by

Host: buy.neaq.org
URL: https://buy.neaq.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7423040506763301156"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: gBKN+CespJuOQoinjeo39IIRwvZIpBiI73oXK6Uq3p4Fv0eLlSuQRRtSXrBf6TioTOTvoMcH1Hp6KeQviOCXrg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7423040506763301156", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=3236, tp=-1, tpl=-1, uplat=135, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 357081 Show response
beacon.sojern.com/pixel/p/ 4 KB
1 KB 154ms
52ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/357081?f_v=v6_js&p_v=1&vid=tou&cid=
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 96113a418657a2bc274508ae7cca5dc6d1285614790b3052fb9f1fdf799f6480

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 822
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: application/javascript
vary: Accept-Encoding
x-accel-expires: 0

GET
H3

200

/
www.google.de/pagead/1p-conversion/10940510478/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10940510478/?random=1923303389&cv=11&fst=1728311299327&bg=ffffff&guid=ON&async=1&gtm=45be4a20z878347654za201zb78347654&gcd=13l3l3l2l...
https://www.google.com/pagead/1p-conversion/10940510478/?random=1923303389&cv=11&fst=1728311299327&bg=ffffff&guid=ON&async=1&gtm=45be4a20z878347654za201zb78347654&gcd=13l3l3l2l1l1&dma_cps=syphamo&d...
https://www.google.de/pagead/1p-conversion/10940510478/?random=1923303389&cv=11&fst=1728311299327&bg=ffffff&guid=ON&async=1&gtm=45be4a20z878347654za201zb78347654&gcd=13l3l3l2l1l1&dma_cps=syphamo&dm...

42 B
64 B

112ms
63ms

Image
image/gif

142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/10940510478/?random=1923303389&cv=11&fst=1728311299327&bg=ffffff&guid=ON&async=1&gtm=45be4a20z878347654za201zb78347654&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fbuy.neaq.org%2F&label=6L5HCLzwk90DEI7i6-Ao&hn=www.googleadservices.com&frm=0&tiba=Home&value=0&npa=1&pscdl=noapi&auid=1378968704.1728311299&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI3-PAqL38iAMVWIuDBx0BWw6MMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL2J1eS5uZWFxLm9yZy9CWENoRUk4STJPdUFZUW5hR2w2NmEwNkpiQUFSSXRBSUM1VHB1Wk0zTnloN282MW1SaUFreFBQTWxwV0I2TUNWMkNWcG5vSVFZYkQzWmtlYUU5VXJVcGd5cTY&is_vtc=1&cid=CAQSGwDpaXnfiYmgFbri1TUXF0GbMs--MbqucE71zQ&eitems=ChEI8I2OuAYQ3pim6tucmIDZARIdAMxaeUQTkZUYsh08LfoaUYF2eh3s7UTKl4abVrA&random=2035785917&ipr=y

Requested by

Host: buy.neaq.org
URL: https://buy.neaq.org/

Protocol

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 07 Oct 2024 14:28:19 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/10940510478/?random=1923303389&cv=11&fst=1728311299327&bg=ffffff&guid=ON&async=1&gtm=45be4a20z878347654za201zb78347654&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fbuy.neaq.org%2F&label=6L5HCLzwk90DEI7i6-Ao&hn=www.googleadservices.com&frm=0&tiba=Home&value=0&npa=1&pscdl=noapi&auid=1378968704.1728311299&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI3-PAqL38iAMVWIuDBx0BWw6MMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL2J1eS5uZWFxLm9yZy9CWENoRUk4STJPdUFZUW5hR2w2NmEwNkpiQUFSSXRBSUM1VHB1Wk0zTnloN282MW1SaUFreFBQTWxwV0I2TUNWMkNWcG5vSVFZYkQzWmtlYUU5VXJVcGd5cTY&is_vtc=1&cid=CAQSGwDpaXnfiYmgFbri1TUXF0GbMs--MbqucE71zQ&eitems=ChEI8I2OuAYQ3pim6tucmIDZARIdAMxaeUQTkZUYsh08LfoaUYF2eh3s7UTKl4abVrA&random=2035785917&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 07 Oct 2024 14:28:19 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

src=9137113;dc_pre=CPqbz6i9_IgDFfAJogMd9xgmgw;type=homep0;cat=newen00;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9137113;type=homep0;cat=newen00;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_7...
https://ad.doubleclick.net/ddm/activity/src=9137113;dc_pre=CPqbz6i9_IgDFfAJogMd9xgmgw;type=homep0;cat=newen00;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%...
https://adservice.google.com/ddm/fls/z/src=9137113;dc_pre=CPqbz6i9_IgDFfAJogMd9xgmgw;type=homep0;cat=newen00;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7...

42 B
63 B

155ms
75ms

Image
image/gif

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9137113;dc_pre=CPqbz6i9_IgDFfAJogMd9xgmgw;type=homep0;cat=newen00;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=UNKNOWN

Requested by

Host: buy.neaq.org
URL: https://buy.neaq.org/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 07 Oct 2024 14:28:19 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 07 Oct 2024 14:28:19 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"10379702245018921690"}],"aggregatable_trigger_data":[{"filters":[{"14":["14386896"]}],"key_piece":"0x688316e37f6cbc3f","source_keys":["12","13","14","15","16","17","18","19","20","21","15072816","15072817","15072818","15072819","20446704","20446705","20446706","20446707","22974968","22974969","22974970","22974971","640968580","640968581","640968582","640968583"]},{"key_piece":"0xa5c3bac18b8bbab6","not_filters":{"14":["14386896"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","15072816","15072817","15072818","15072819","20446704","20446705","20446706","20446707","22974968","22974969","22974970","22974971","640968580","640968581","640968582","640968583"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"15072816":655,"15072817":655,"15072818":655,"15072819":63569,"16":65,"17":65,"18":6356,"19":65,"20":65,"20446704":327,"20446705":327,"20446706":327,"20446707":31784,"21":6356,"22974968":72,"22974969":72,"22974970":72,"22974971":7062,"640968580":109,"640968581":109,"640968582":109,"640968583":10594},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"6307321008484642175","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"10379702245018921690","filters":[{"14":["14386896"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"10379702245018921690","filters":[{"14":["14386896"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"10379702245018921690","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"10379702245018921690","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9137113"]}}
content-type: image/png
cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://adservice.google.com/ddm/fls/z/src=9137113;dc_pre=CPqbz6i9_IgDFfAJogMd9xgmgw;type=homep0;cat=newen00;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=UNKNOWN
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
232 B 176ms
82ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=ZTBmYTllNzAtMTg3Ny1lMzViLTdiYmYtY2ExZTRiOGViYTky&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=ahh062CLsPwz-Bp2XqIW6gmqoYsQ7Nv6c6i46Uyek6yFbdssp9zzowlzCQFQi6p8&sjrn_ula=8005733357

Requested by

Host: buy.neaq.org
URL: https://buy.neaq.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Mon, 07 Oct 2024 14:28:19 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 174ms
79ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_hm=ZTBmYTllNzAtMTg3Ny1lMzViLTdiYmYtY2ExZTRiOGViYTky&google_nid=sojern_adh

Requested by

Host: buy.neaq.org
URL: https://buy.neaq.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Mon, 07 Oct 2024 14:28:19 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2 200 getuidnb
ib.adnxs.com/ 43 B
700 B 163ms
75ms Image
image/gif 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=ahh062CLsPwz-Bp2XqIW6gmqoYsQ7Nv6c6i46Uyek6yFbdssp9zzowlzCQFQi6p8

Requested by

Host: buy.neaq.org
URL: https://buy.neaq.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.105; 80.255.7.105; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 211be3a3-e54e-4621-8c32-f6ea78d3172b
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Mon, 07 Oct 2024 14:28:19 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
149 B 168ms
54ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=ahh062CLsPwz-Bp2XqIW6gmqoYsQ7Nv6c6i46Uyek6yFbdssp9zzowlzCQFQi6p8&ttd_tpi=1
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

content-length: 70
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: image/gif
server: Kestrel

GET
H2

202

adf
pixel.sojern.com/idsync/
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=e0fa9e70-1877-e35b-7bbf-ca1e4b8eba92&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=e0fa9e70-1877-e35b-7bbf-ca1e4b8eba92&party=1296
https://pixel.sojern.com/idsync/adf?adfid=638947944633055590&cid=e0fa9e70-1877-e35b-7bbf-ca1e4b8eba92

0
233 B

57ms
50ms

Image
text/plain

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=638947944633055590&cid=e0fa9e70-1877-e35b-7bbf-ca1e4b8eba92
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 07 Oct 2024 14:28:19 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding
x-accel-expires: 0

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
location: https://pixel.sojern.com/idsync/adf?adfid=638947944633055590&cid=e0fa9e70-1877-e35b-7bbf-ca1e4b8eba92
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
content-length: 0
date: Mon, 07 Oct 2024 14:28:19 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1 200
OK tv2track.php
collector-34457.us.tvsquared.com/ 42 B
276 B 129ms
129ms Image
image/gif 3.140.234.245
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-34457.us.tvsquared.com/tv2track.php?action_name=Home&idsite=TV-6354544527-1&rec=1&r=689387&h=16&m=28&s=19&url=https%3A%2F%2Fbuy.neaq.org%2F&_id=e35ac286ef6c356b&_idts=1728311300&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=175
Requested by: Host: buy.neaq.org
URL: https://buy.neaq.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.234.245 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-234-245.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

Request-Id: 47acbdbc-a170-484b-bbfb-b450a15d0a0b
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Content-Length: 42
Date: Mon, 07 Oct 2024 14:28:19 GMT
Content-Type: image/gif
Server: nginx
Connection: keep-alive

POST
H2 200 token Show response
tier3.speakcreative.com/oauth/ 1 KB
1 KB 251ms
247ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tier3.speakcreative.com/oauth/token

Requested by

Host: neaq.z13.web.core.windows.net
URL: https://neaq.z13.web.core.windows.net/acme-ticketing.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3404d0cb7faa12b8c9cb3dd4f5e6a3575b61a65dfc2e1c2e82aa33bfe9861fd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://buy.neaq.org/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VoB81EL0T9aLdOHs1B0yMcIPjiJH0o4YpgARPhqlioHwVGbogCWiOd7nzABRUxETM9xBK6IA4U6YWccq3jlgvRaCOJTrM5iEb6Gxg2AD%2Fh3CNszL6WnO0bDV%2BGVp%2BIbn%2BlWW88t3K71ShZk0r1eCIxpBL3QuYA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 07 Oct 2024 14:28:23 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
cache-control: no-store, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
x-ratelimit-remaining: 59
cf-ray: 8cee93cc3f95dcca-FRA
access-control-allow-origin: https://buy.neaq.org
x-xss-protection: 1; mode=block
x-ratelimit-limit: 60
server: cloudflare

OPTIONS
H2 204 token
tier3.speakcreative.com/oauth/ Frame 0
0 758ms
346ms Preflight 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tier3.speakcreative.com/oauth/token

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://buy.neaq.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://buy.neaq.org
access-control-max-age: 0
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8cee93ca0ee4dcca-FRA
date: Mon, 07 Oct 2024 14:28:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iop6ITJCpSfPwKtIiyykRU2zJBzL1GlpGieqyyPAlUU8YTcB6wuoKGxjD6gj%2B7DClPc0TjMLP6qXdERAwQMuneHSjKUzzxY47O%2B0pQYaLlsfZ4x5o90mETTZE8BkyYbpafPx404BfqQJ2UdY3Q4BAm3nOHeQsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
26 B 131ms
130ms XHR
text/plain 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=266487351&t=event&ni=0&_s=1&dl=https%3A%2F%2Fbuy.neaq.org%2F&ul=de-de&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=25&ea=Scroll&el=Page%20Scroll&ev=25&_u=aADAAUABAAAAACAAI~&jid=1492766940&gjid=522683548&cid=1283295594.1728311299&tid=UA-80426472-1&_gid=151976893.1728311299&_r=1&_slc=1&gtm=45He4a20n81KRPLB8Gv78347654za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&npa=1&z=170788979

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://buy.neaq.org/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 14:28:22 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://buy.neaq.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 110ms
109ms Image
image/gif 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=266487351&t=event&ni=0&_s=1&dl=https%3A%2F%2Fbuy.neaq.org%2F&ul=de-de&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=50&ea=Scroll&el=Page%20Scroll&ev=50&_u=aAHAAUABAAAAACAAI~&jid=&gjid=&cid=1283295594.1728311299&tid=UA-80426472-1&_gid=151976893.1728311299&gtm=45He4a20n81KRPLB8Gv78347654za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&npa=1&z=86643099

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

age: 21951
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 08:22:31 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 110ms
109ms Image
image/gif 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=266487351&t=event&ni=0&_s=1&dl=https%3A%2F%2Fbuy.neaq.org%2F&ul=de-de&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=75&ea=Scroll&el=Page%20Scroll&ev=75&_u=aAHAAUABAAAAACAAI~&jid=&gjid=&cid=1283295594.1728311299&tid=UA-80426472-1&_gid=151976893.1728311299&gtm=45He4a20n81KRPLB8Gv78347654za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&npa=1&z=218637130

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

age: 21951
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 08:22:31 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 favicon.ico
prod.speakcdn.com/sitefiles/3016/images/favicon/ 1 KB
1 KB 457ms
455ms Other
image/x-icon 2606:4700:20::681a:846
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.speakcdn.com/sitefiles/3016/images/favicon/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:846 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e53cf3294dabc6b0e4bae22de5f3d7d39d345e66db00ce6e0c4a4b78da1cbb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: MISS
etag: W/"66fbecda-47e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k2t1cMN39w4z5TEGY0npwB1iBX8tcXcr2N%2BZ23L68eijGRynKQb1IG6E1gY1ebDe%2FlGtGEMY7tLCiNtD4LXjD5GQQRCrqA6fbMZ5k6R6a4Mzy3mFFwZESl1Qb04qHoU45BLKvyXQZkgARWGzyVfd"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cee93c7fcd0d2f7-FRA
x-gateway-name: gateway3
access-control-allow-origin: *
date: Mon, 07 Oct 2024 14:28:22 GMT
content-type: image/x-icon
last-modified: Tue, 01 Oct 2024 12:36:42 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 favicon-32x32.png
prod.speakcdn.com/sitefiles/3016/images/favicon/ 810 B
1 KB 49ms
49ms Other
image/webp 2606:4700:20::681a:846
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.speakcdn.com/sitefiles/3016/images/favicon/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:846 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5fd5a407c0fa66f4fd4e679174e7570a042c6768bd6994878d40e037c2c5705

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cf-bgj: imgq:85,h2pri
etag: "66fbecda-7b2"
age: 76754
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QTQ79Q3jZ%2BY7uZJvKiGF3ou%2FcmF3OR5%2FaPId%2BT1ENP%2Ba%2FnH30MxdMC5IHLhzweZ1Fa2AxfDFtazyzgmV7lsYZtgvfC7qSZo0vRvs9GFvin9mYPjPkpwdQ5sc7erv3Tq5SL5esQ267wkluuLMBeyL"}],"group":"cf-nel","max_age":604800}
x-gateway-name: gateway2
cf-polished: origFmt=png, origSize=1970
date: Mon, 07 Oct 2024 14:28:22 GMT
content-type: image/webp
content-disposition: inline; filename="favicon-32x32.webp"
vary: Accept
last-modified: Tue, 01 Oct 2024 12:36:42 GMT
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8cee93cabe8fd2f7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 810
server: cloudflare

GET
H3 200 1 Show response
tier3.speakcreative.com/api/app-configuration/ 21 KB
6 KB 591ms
591ms Fetch
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tier3.speakcreative.com/api/app-configuration/1

Requested by

Host: neaq.z13.web.core.windows.net
URL: https://neaq.z13.web.core.windows.net/acme-ticketing.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

019a397f2e84d4eba72fae2ddcc9bf9e79a0f5fff0d5ac6407dc19dfbc6e2a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiI2IiwianRpIjoiNzAyMWJkNTFhYmQyMzFjZmY5ZmJhYzlhNDYwODgyNjk3YWRjM2I1NWYxZThhNDhkNWQ0YzVlOTY3MWM1Yjc4YTZlZTg1OTM1NjUzOTNmOWQiLCJpYXQiOjE3MjgzMTEzMDMuMjI1MzEsIm5iZiI6MTcyODMxMTMwMy4yMjUzMTMsImV4cCI6MTcyOTAwMjUwMy4yMjE0NTEsInN1YiI6IiIsInNjb3BlcyI6WyIqIl19.X5Jd14SnDEXa2nVAHsnejwwAyrMk1dyTQ9x3j7fQhbfzFSPGlIxDCouGQYIKBbvp2LqHvrEnbGzYVOFXzvLfjWto0k0a3Rh_cbLZOJOTQKHNFeFNnD6XHQ_G1TgsF_XKbHcgFg0JJEl-Bjjl881zXJGjyXCwXjimjZazKiXfY9-qClvfnSRzRJNAwxgziMgpAXv1RJYjblQ4CcVtQb_8s2kmY_HbsCAlFa87-R5S0rjFdnHK7mxxSzyhbd0zmwXkmWoL7BMob4LX2ZFglhSy55hR6cJqJ-dqM0V9a7Y5vEeXsQxz_4QVLaOJ8jXmpsMyPBY2CVgOu7UG8nbDjMWqyzgNJqbv4z0XuQk1yOdCN2jRaaVImDENvPT9hXkF8h5Cla9ugjCqToY5GSOo1mA0WL5f3eKV3b4_sUEbsAWpNzYkN85KOVQCUjrLKPnpIxC5IQvvLaZT6GRvc6jFdXJRQK_p77Dm79IOhOw0iZoUSTiyw7FFhyXF-eJyzW7daDXwmXow0eZyKpj2dSA_Timn0QQwM9c8W2PeYY1q0wvFdWtFNVNxq8-yzqweGxWHclBYgjAV5w4xZXAfLxq-fGib2WZsrzAgs_ETCrdBoyn4S6gVm7ARI_DcmGXDH6ZTCI9LeYdzrhyvgxsda3OAXp0DMzj6rIqYFEeOIX9pX6ZtkaE
Referer: https://buy.neaq.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ob%2FwPpAYdhMfpyCew%2FcpcAxPubI8NaE1S35C34JDddQYkag4JvVXfgoy9DpKU8UBb%2By0Pn4e4tnFyyGGcp4htvMjavwFdTqwbvNUnyBfe01EbQRi3x3ooR4lhv9xYkQ72v7uU5iFya84xA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 07 Oct 2024 14:28:24 GMT
content-type: application/json
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
cache-control: no-cache, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ratelimit-remaining: 57
cf-ray: 8cee93cedeecd9d8-FRA
access-control-allow-origin: https://buy.neaq.org
x-xss-protection: 1; mode=block
x-ratelimit-limit: 60
server: cloudflare

GET
H3 200 countries Show response
tier3.speakcreative.com/api/avs/ 39 KB
9 KB 552ms
551ms Fetch
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tier3.speakcreative.com/api/avs/countries

Requested by

Host: neaq.z13.web.core.windows.net
URL: https://neaq.z13.web.core.windows.net/acme-ticketing.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b21e0922855599991ff4bf9d6b5ae08a0d433bf0ad3e73fe85b0812d5ba85f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiI2IiwianRpIjoiNzAyMWJkNTFhYmQyMzFjZmY5ZmJhYzlhNDYwODgyNjk3YWRjM2I1NWYxZThhNDhkNWQ0YzVlOTY3MWM1Yjc4YTZlZTg1OTM1NjUzOTNmOWQiLCJpYXQiOjE3MjgzMTEzMDMuMjI1MzEsIm5iZiI6MTcyODMxMTMwMy4yMjUzMTMsImV4cCI6MTcyOTAwMjUwMy4yMjE0NTEsInN1YiI6IiIsInNjb3BlcyI6WyIqIl19.X5Jd14SnDEXa2nVAHsnejwwAyrMk1dyTQ9x3j7fQhbfzFSPGlIxDCouGQYIKBbvp2LqHvrEnbGzYVOFXzvLfjWto0k0a3Rh_cbLZOJOTQKHNFeFNnD6XHQ_G1TgsF_XKbHcgFg0JJEl-Bjjl881zXJGjyXCwXjimjZazKiXfY9-qClvfnSRzRJNAwxgziMgpAXv1RJYjblQ4CcVtQb_8s2kmY_HbsCAlFa87-R5S0rjFdnHK7mxxSzyhbd0zmwXkmWoL7BMob4LX2ZFglhSy55hR6cJqJ-dqM0V9a7Y5vEeXsQxz_4QVLaOJ8jXmpsMyPBY2CVgOu7UG8nbDjMWqyzgNJqbv4z0XuQk1yOdCN2jRaaVImDENvPT9hXkF8h5Cla9ugjCqToY5GSOo1mA0WL5f3eKV3b4_sUEbsAWpNzYkN85KOVQCUjrLKPnpIxC5IQvvLaZT6GRvc6jFdXJRQK_p77Dm79IOhOw0iZoUSTiyw7FFhyXF-eJyzW7daDXwmXow0eZyKpj2dSA_Timn0QQwM9c8W2PeYY1q0wvFdWtFNVNxq8-yzqweGxWHclBYgjAV5w4xZXAfLxq-fGib2WZsrzAgs_ETCrdBoyn4S6gVm7ARI_DcmGXDH6ZTCI9LeYdzrhyvgxsda3OAXp0DMzj6rIqYFEeOIX9pX6ZtkaE
Referer: https://buy.neaq.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5TiU5MZ2ry4bGalHSxnvMYeXeDfUCYrDis4bYYIXGUyyStnB%2BeiY02aHEnKoWlMBs2jqyq%2FUQfp08fX5SZvLpZ4Zpqm5KodeGUYDx7htSW5qtjsNR3cXWo5MCeyCd67O9mVcza6TRKolEw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 07 Oct 2024 14:28:24 GMT
content-type: application/json
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
cache-control: no-cache, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ratelimit-remaining: 57
cf-ray: 8cee93cedef4d9d8-FRA
access-control-allow-origin: https://buy.neaq.org
x-xss-protection: 1; mode=block
x-ratelimit-limit: 60
server: cloudflare

GET states
tier3.speakcreative.com/api/avs/ 0
0

OPTIONS
H2 204 1
tier3.speakcreative.com/api/app-configuration/ Frame 0
0 164ms
163ms Preflight 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tier3.speakcreative.com/api/app-configuration/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://buy.neaq.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET
access-control-allow-origin: https://buy.neaq.org
access-control-max-age: 0
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8cee93cdce66dcca-FRA
date: Mon, 07 Oct 2024 14:28:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6qIxNWsV6ZHSxEfnOAjFWY5%2BsdB0Qt6WcLNztfQPctm3VdULHl1Q6Da6e6SgM9R6dAUYaXodRS1kBgsmgt0VualvS0Ehc2Xd%2BR92lRR%2BB6FnCtma46igXYL44gcnRQWus1iCe9CA14f13MJPatkHwqluxgE31Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 204 countries
tier3.speakcreative.com/api/avs/ Frame 0
0 164ms
163ms Preflight 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tier3.speakcreative.com/api/avs/countries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://buy.neaq.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET
access-control-allow-origin: https://buy.neaq.org
access-control-max-age: 0
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8cee93cdce69dcca-FRA
date: Mon, 07 Oct 2024 14:28:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EIw9LHOVnW50l5qR7Eksa2Nnw85mNV1YhNAW1iYiwuKTgh9Nngtn%2BjKipRoSusQ2cuBqc2C30yuViH4%2Fkl3pFZ0XB7YFRVRrAW0eWZIyg22Q2YwBKviwvvdPADWWQMrpfwJa5%2FPRpOr%2B8NCsDB3ZEq8%2BPFhnUg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 204 states
tier3.speakcreative.com/api/avs/ Frame 0
0 166ms
166ms Preflight 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tier3.speakcreative.com/api/avs/states

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://buy.neaq.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET
access-control-allow-origin: https://buy.neaq.org
access-control-max-age: 0
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8cee93cdce6ddcca-FRA
date: Mon, 07 Oct 2024 14:28:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oi2d4B2TucvkO%2BGeacHSNe3KbhJtdQ0PHOKqQ2E7RkSAo3tqFRF8qeKTC1qYYpMJet5poWJMPKNQX8Rb49XdwRrZjMX7KsRekQBAXHeshoWd9EcN65dknqbe6kda%2FM38Qzetx58aPEoq81EQcrhrvwx%2F%2F%2FIZoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 47ms
47ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K8642H37BB&gtm=45je4a20v9116353249za200&_p=1728311298528&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101529666~101671035~101747727&cid=1283295594.1728311299&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1728311298&sct=1&seg=0&dl=https%3A%2F%2Fbuy.neaq.org%2F&dt=Home&en=scroll&epn.percent_scrolled=90&_et=4&tfd=6407
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8642H37BB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://buy.neaq.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 14:28:23 GMT
content-type: text/plain
server: Golfe2

OPTIONS
H3 204 tickets
tier3.speakcreative.com/api/ Frame 0
0 230ms
230ms Preflight 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tier3.speakcreative.com/api/tickets?date=2024-10-01&template_ids=667afb2fa6071e49bd119cb4%2C66b03f01ea70a47c9f928caf%2C66b0449d173a8d48f2797bad%2C66b0483d6be62e7c2bdfd3b0

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://buy.neaq.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET
access-control-allow-origin: https://buy.neaq.org
access-control-max-age: 0
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8cee93d2ad8bd9d8-FRA
date: Mon, 07 Oct 2024 14:28:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tuzocw1OnQQavGPIqfyWVuMl72ums%2B%2FyeU2lCM%2F%2BKNIjlgftbiRLWF2gXRMj42SIFFw%2BgNHisPwc%2BUx0k9BNfOKFPRZWaG%2BSK72kdDISyzysuCzY6UFjPtfn%2F%2BWKQJnvmd8ydWX3kkB76A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 tickets Show response
tier3.speakcreative.com/api/ 11 B
510 B 296ms
296ms Fetch
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tier3.speakcreative.com/api/tickets?date=2024-10-01&template_ids=667afb2fa6071e49bd119cb4%2C66b03f01ea70a47c9f928caf%2C66b0449d173a8d48f2797bad%2C66b0483d6be62e7c2bdfd3b0

Requested by

Host: neaq.z13.web.core.windows.net
URL: https://neaq.z13.web.core.windows.net/acme-ticketing.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiI2IiwianRpIjoiNzAyMWJkNTFhYmQyMzFjZmY5ZmJhYzlhNDYwODgyNjk3YWRjM2I1NWYxZThhNDhkNWQ0YzVlOTY3MWM1Yjc4YTZlZTg1OTM1NjUzOTNmOWQiLCJpYXQiOjE3MjgzMTEzMDMuMjI1MzEsIm5iZiI6MTcyODMxMTMwMy4yMjUzMTMsImV4cCI6MTcyOTAwMjUwMy4yMjE0NTEsInN1YiI6IiIsInNjb3BlcyI6WyIqIl19.X5Jd14SnDEXa2nVAHsnejwwAyrMk1dyTQ9x3j7fQhbfzFSPGlIxDCouGQYIKBbvp2LqHvrEnbGzYVOFXzvLfjWto0k0a3Rh_cbLZOJOTQKHNFeFNnD6XHQ_G1TgsF_XKbHcgFg0JJEl-Bjjl881zXJGjyXCwXjimjZazKiXfY9-qClvfnSRzRJNAwxgziMgpAXv1RJYjblQ4CcVtQb_8s2kmY_HbsCAlFa87-R5S0rjFdnHK7mxxSzyhbd0zmwXkmWoL7BMob4LX2ZFglhSy55hR6cJqJ-dqM0V9a7Y5vEeXsQxz_4QVLaOJ8jXmpsMyPBY2CVgOu7UG8nbDjMWqyzgNJqbv4z0XuQk1yOdCN2jRaaVImDENvPT9hXkF8h5Cla9ugjCqToY5GSOo1mA0WL5f3eKV3b4_sUEbsAWpNzYkN85KOVQCUjrLKPnpIxC5IQvvLaZT6GRvc6jFdXJRQK_p77Dm79IOhOw0iZoUSTiyw7FFhyXF-eJyzW7daDXwmXow0eZyKpj2dSA_Timn0QQwM9c8W2PeYY1q0wvFdWtFNVNxq8-yzqweGxWHclBYgjAV5w4xZXAfLxq-fGib2WZsrzAgs_ETCrdBoyn4S6gVm7ARI_DcmGXDH6ZTCI9LeYdzrhyvgxsda3OAXp0DMzj6rIqYFEeOIX9pX6ZtkaE
Referer: https://buy.neaq.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qBS5Q1%2FguGQQKfI7HOp0XuG%2FpUV9wlf7GQwbkA8oLBSpCVYn1A0dvEYCn2H%2FAh2i5tF3toYjMw%2Fc0WtqGRBEssHSL2YdUsYzRnifkSviHo1btEYYYxyvf1PhzGMeOnEub%2FKWkhpgERmwZg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 07 Oct 2024 14:28:24 GMT
content-type: application/json
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
cache-control: no-cache, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ratelimit-remaining: 55
cf-ray: 8cee93d41b88d9d8-FRA
access-control-allow-origin: https://buy.neaq.org
x-xss-protection: 1; mode=block
x-ratelimit-limit: 60
server: cloudflare

OPTIONS
H3 204 daily
tier3.speakcreative.com/api/tickets/ Frame 0
0 204ms
203ms Preflight 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tier3.speakcreative.com/api/tickets/daily?date=2024-10-01&days=7&summary_category=Adult&template_ids=667afb2fa6071e49bd119cb4

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://buy.neaq.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET
access-control-allow-origin: https://buy.neaq.org
access-control-max-age: 0
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8cee93d2de39d9d8-FRA
date: Mon, 07 Oct 2024 14:28:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GFVnQbrZ1oZ3Kftrru5dtzf0qUL%2Bo6i0q137jeE4g1KVjMd5C%2BCmKziQI2GFBu8twwEjRc60a2HcIVTbyqv8e1fXy5hGYgCTrYeAWfdptfh5ZHvLm1xfu4rDeqCluJ9UEuMOgtgmlbyLXw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 daily Show response
tier3.speakcreative.com/api/tickets/ 342 B
648 B 408ms
408ms Fetch
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tier3.speakcreative.com/api/tickets/daily?date=2024-10-01&days=7&summary_category=Adult&template_ids=667afb2fa6071e49bd119cb4

Requested by

Host: neaq.z13.web.core.windows.net
URL: https://neaq.z13.web.core.windows.net/acme-ticketing.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27568e5e624b5dc8c7a817f4f2c4565c425da5c562496c9c4dece0aba76230c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiI2IiwianRpIjoiNzAyMWJkNTFhYmQyMzFjZmY5ZmJhYzlhNDYwODgyNjk3YWRjM2I1NWYxZThhNDhkNWQ0YzVlOTY3MWM1Yjc4YTZlZTg1OTM1NjUzOTNmOWQiLCJpYXQiOjE3MjgzMTEzMDMuMjI1MzEsIm5iZiI6MTcyODMxMTMwMy4yMjUzMTMsImV4cCI6MTcyOTAwMjUwMy4yMjE0NTEsInN1YiI6IiIsInNjb3BlcyI6WyIqIl19.X5Jd14SnDEXa2nVAHsnejwwAyrMk1dyTQ9x3j7fQhbfzFSPGlIxDCouGQYIKBbvp2LqHvrEnbGzYVOFXzvLfjWto0k0a3Rh_cbLZOJOTQKHNFeFNnD6XHQ_G1TgsF_XKbHcgFg0JJEl-Bjjl881zXJGjyXCwXjimjZazKiXfY9-qClvfnSRzRJNAwxgziMgpAXv1RJYjblQ4CcVtQb_8s2kmY_HbsCAlFa87-R5S0rjFdnHK7mxxSzyhbd0zmwXkmWoL7BMob4LX2ZFglhSy55hR6cJqJ-dqM0V9a7Y5vEeXsQxz_4QVLaOJ8jXmpsMyPBY2CVgOu7UG8nbDjMWqyzgNJqbv4z0XuQk1yOdCN2jRaaVImDENvPT9hXkF8h5Cla9ugjCqToY5GSOo1mA0WL5f3eKV3b4_sUEbsAWpNzYkN85KOVQCUjrLKPnpIxC5IQvvLaZT6GRvc6jFdXJRQK_p77Dm79IOhOw0iZoUSTiyw7FFhyXF-eJyzW7daDXwmXow0eZyKpj2dSA_Timn0QQwM9c8W2PeYY1q0wvFdWtFNVNxq8-yzqweGxWHclBYgjAV5w4xZXAfLxq-fGib2WZsrzAgs_ETCrdBoyn4S6gVm7ARI_DcmGXDH6ZTCI9LeYdzrhyvgxsda3OAXp0DMzj6rIqYFEeOIX9pX6ZtkaE
Referer: https://buy.neaq.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jrgSjFehcmtHttgtYuERDU78o5GPn%2FlCdF5MicSKzBqiHCoqi9%2BIGlosQ5o4SelDoVcmOwpv%2FE%2BpsjbzMMU7nuS5PBRMu6%2FD5GGhWKY74vfdx1lZNuqGPN0PWWIenBWmSPkAScX6ue8rbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 07 Oct 2024 14:28:24 GMT
content-type: application/json
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
cache-control: no-cache, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ratelimit-remaining: 55
cf-ray: 8cee93d40b34d9d8-FRA
access-control-allow-origin: https://buy.neaq.org
x-xss-protection: 1; mode=block
x-ratelimit-limit: 60
server: cloudflare

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 47ms
47ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EP7TZ5H4JV&gtm=45je4a20v894637396za200zb78347654&_p=1728311298528&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101671035~101747727&cid=1283295594.1728311299&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1728311299&sct=1&seg=0&dl=https%3A%2F%2Fbuy.neaq.org%2F&dt=Home&en=scroll&epn.percent_scrolled=90&_et=66&tfd=7002
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EP7TZ5H4JV&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://buy.neaq.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://buy.neaq.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 14:28:24 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tier3.speakcreative.com
URL: https://tier3.speakcreative.com/api/avs/states

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.neaq.org/	1970-01-21 09:41:11	Name: _ga_K8642H37BB Value: GS1.1.1728311298.1.0.1728311298.0.0.0
.neaq.org/	1970-01-21 00:06:37	Name: _gid Value: GA1.2.151976893.1728311299
.neaq.org/	1970-01-21 00:05:11	Name: _gat_gtag_UA_9606487_2 Value: 1
.neaq.org/	1970-01-21 02:14:47	Name: _gcl_au Value: 1.1.1378968704.1728311299
.neaq.org/	1970-01-21 00:05:11	Name: _gat_UA-158202776-1 Value: 1
.neaq.org/	1970-01-21 09:41:11	Name: _ga Value: GA1.1.1283295594.1728311299
.neaq.org/	1970-01-21 09:41:11	Name: _ga_7Q8KM3479R Value: GS1.1.1728311299.1.0.1728311299.0.0.0
.neaq.org/	1970-01-21 09:41:11	Name: _ga_MNHLNJGTYR Value: GS1.2.1728311299.1.0.1728311299.0.0.0
.neaq.org/	1970-01-21 09:41:11	Name: _ga_EP7TZ5H4JV Value: GS1.1.1728311299.1.0.1728311299.0.0.0
.neaq.org/	1970-01-21 02:14:47	Name: _fbp Value: fb.1.1728311299455.738452440660662133
.region1.google-analytics.com/	1970-01-21 02:14:47	Name: ar_debug Value: 1
.acuityplatform.com/	1970-01-21 08:50:47	Name: auid Value: 1093542313120
.doubleclick.net/	1970-01-21 00:48:23	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 09:26:47	Name: IDE Value: AHWqTUl8yCxCeENR63EW2Lp0uNr1gA0rP8k2cVuifzHZc89pNGxpQA-oF6jPWjqE7cw
.doubleclick.net/	1970-01-21 04:24:23	Name: receive-cookie-deprecation Value: 1
buy.neaq.org/	1970-01-21 09:41:11	Name: _tq_id.TV-6354544527-1.8588 Value: e35ac286ef6c356b.1728311300.0.1728311300..
.adform.net/	1970-01-21 00:49:49	Name: C Value: 1
.adnxs.com/	1970-01-21 09:41:11	Name: receive-cookie-deprecation Value: 1
.yieldoptimizer.com/	1970-01-21 08:50:47	Name: cktst Value: 386975741
.adform.net/	1970-01-21 01:31:35	Name: uid Value: 638947944633055590
.assets.speakcdn.com/	1970-01-21 00:05:14	Name: TiPMix Value: 63.829528339456466
.assets.speakcdn.com/	1970-01-21 00:05:14	Name: x-ms-routing-name Value: self
.yieldoptimizer.com/	1970-01-21 08:50:47	Name: ckid Value: 3019267597387
.yieldoptimizer.com/	1970-01-21 08:50:47	Name: ph Value: %7B%22p%22%3A%5B1025%2C1490%2C1203%2C1476%2C39%2C1305%2C1084%2C1022%2C1214%5D%2C%22t%22%3A%5B138206%2C138206%2C138206%2C138206%2C138206%2C138206%2C138206%2C138206%2C138206%5D%7D
.sojern.com/	1970-01-21 08:50:47	Name: cid Value: e0fa9e70-1877-e35b-7bbf-ca1e4b8eba92#1728259200000
.sojern.com/	1970-01-21 08:50:47	Name: adfid Value: 638947944633055590
.adaraanalytics.com/	1970-01-21 08:50:47	Name: ckid Value: 3019267597387
.adaraanalytics.com/	1970-01-21 08:50:47	Name: aackid Value: 3019267597387
.turn.com/	1970-01-21 04:24:23	Name: uid Value: 7005188188549820893
.demdex.net/	1970-01-21 04:24:23	Name: demdex Value: 71452212798853797180088878960646173501
.dpm.demdex.net/	1970-01-21 04:24:23	Name: dpm Value: 71452212798853797180088878960646173501
sync.srv.stackadapt.com/	1970-01-21 08:50:47	Name: sa-user-id Value: s%3A0-7aa1ae45-be64-5bec-7755-11ff74bf1434.kD7%2BLL7RlW5eVfpSM9Pov9Aryi2GCkdeU4PnMtcb6sI
.srv.stackadapt.com/	1970-01-21 08:50:47	Name: sa-user-id Value: s%3A0-7aa1ae45-be64-5bec-7755-11ff74bf1434.kD7%2BLL7RlW5eVfpSM9Pov9Aryi2GCkdeU4PnMtcb6sI
sync.srv.stackadapt.com/	1970-01-21 08:50:47	Name: sa-user-id-v2 Value: s%3AeqGuRb5kW-x3VRH_dL8UNFD_B2k.bz12SYb2gh%2BNDRdnXFcvK67%2FK4IEVw4rJ5o700X76oM
.srv.stackadapt.com/	1970-01-21 08:50:47	Name: sa-user-id-v2 Value: s%3AeqGuRb5kW-x3VRH_dL8UNFD_B2k.bz12SYb2gh%2BNDRdnXFcvK67%2FK4IEVw4rJ5o700X76oM
sync.srv.stackadapt.com/	1970-01-21 08:50:47	Name: sa-user-id-v3 Value: s%3AAQAKIA4Ju9CxCGPyzIJZgZthvPROs68vEQ9pBYJB4HIyL1SvEGcYBCCE4I-4BjABOgS9RxseQgSSgKre.adtt06YyPe%2F8aVP%2F8zUc8PCVbDR5syla5aGgzDFlEJQ
.srv.stackadapt.com/	1970-01-21 08:50:47	Name: sa-user-id-v3 Value: s%3AAQAKIA4Ju9CxCGPyzIJZgZthvPROs68vEQ9pBYJB4HIyL1SvEGcYBCCE4I-4BjABOgS9RxseQgSSgKre.adtt06YyPe%2F8aVP%2F8zUc8PCVbDR5syla5aGgzDFlEJQ
.yieldoptimizer.com/	1970-01-21 08:50:47	Name: dph Value: %7B%22t%22%3A%5B138206%2C138206%2C138206%5D%2C%22dp%22%3A%5B8064%2C2084%2C4889%5D%7D
buy.neaq.org/	1970-01-21 08:50:47	Name: alert_state Value: 0
.buy.neaq.org/	1970-01-21 09:41:11	Name: _ga Value: GA1.3.1283295594.1728311299
.buy.neaq.org/	1970-01-21 00:06:37	Name: _gid Value: GA1.3.151976893.1728311299
.buy.neaq.org/	1970-01-21 00:05:11	Name: _gat_UA-80426472-1 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https:; object-src 'none'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; connect-src https: wss: data: blob:; img-src 'self' https: data: blob:; font-src 'self' https: data: blob:; worker-src 'self' https: blob:; frame-ancestors 'self' .sitewrench.com .speakcreative.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3418164.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
assets.speakcdn.com
beacon.sojern.com
buy.neaq.org
c1.adform.net
cdn.skypack.dev
cm.g.doubleclick.net
collector-34457.us.tvsquared.com
connect.facebook.net
e.acuityplatform.com
fonts.googleapis.com
getabetterbrowser.com
googleads.g.doubleclick.net
ib.adnxs.com
match.adsrvr.org
neaq.z13.web.core.windows.net
origin.acuityplatform.com
pixel.sojern.com
prod.speakcdn.com
region1.google-analytics.com
static.speakcdn.com
tickets.neaq.org
tier3.speakcreative.com
www.facebook.com
www.getabetterbrowser.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.neaq.org
tier3.speakcreative.com
107.178.244.119
142.250.184.198
142.250.184.226
142.250.185.168
142.250.185.66
142.250.185.70
142.250.185.98
142.250.186.131
142.250.186.34
142.250.74.206
154.59.122.94
157.240.0.6
172.217.23.100
172.67.149.130
172.67.74.194
188.114.97.3
20.209.226.68
2001:4860:4802:34::36
216.239.34.36
23.201.250.60
2606:4700:20::681a:846
2620:12a:8001::253
2620:1ec:bdf::64
2a00:1450:4001:812::200e
2a00:1450:4001:813::2008
2a00:1450:4001:82b::200a
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3120::3
3.140.234.245
3.33.220.150
37.157.3.26
37.252.171.85
40.119.1.254
019a397f2e84d4eba72fae2ddcc9bf9e79a0f5fff0d5ac6407dc19dfbc6e2a57
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb7d3e54ee05fa13a1dd47114257e9c4381e78b7cddab727842abb73d14dfb7
12cc730cb37af022dc8a1b455bec4a50317ba7f5259f8ce48e264f75b212a7f8
12fed360f745683718514c61cc04ea2bf0766950af511b725432c0802618c9a0
13a2eea8914c3b09d240637efe44a29728c6fbcd2e53015d622599ba80995baa
142f2f9280fdb3a43964ad00ccb124da1ad6d407e0524af269a9e651f6959043
15c1b6550442d6d371ea33a77f4d0aedf7879aded678c7396d12c8b27f727ed1
160710d71b82ae6d61ca9d950ce759321e0d085a517ba7039307529488a3e329
17d05b47a423ec56f8e8de4a185bc48a5042b365fdc3b1adc9401a011ac1a33b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2013390a0b17e7651d6cd340c8702345901335f18b44e0728f79af7e90bf3ded
27568e5e624b5dc8c7a817f4f2c4565c425da5c562496c9c4dece0aba76230c3
327eba130b20f485687c0a58767e820cd018e135138b94d02bbf75f9c839e3c8
3404d0cb7faa12b8c9cb3dd4f5e6a3575b61a65dfc2e1c2e82aa33bfe9861fd8
351862b217fc9af7a1cbafe5cd5f7659d2463c4bb34bf422c32f9143b6ef9512
37a658378f543c07f63091a615cc35f4b1808be4f725800cf6be73fe34ae4726
45ae48a5956ae08166972027e20438d4665e34fb3d86ee166104d595033fd5f9
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
4b21e0922855599991ff4bf9d6b5ae08a0d433bf0ad3e73fe85b0812d5ba85f8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bff95d74abc6298c52837e9c732c9485cb047eee77d4906ec18c317362e3b99
5778aedb07588a6fd397f401079a79cae01b4a2e399b9cbe4d0ddc466be7cf6e
5aff22965791a5aeff4cb70b40a371bff8c41d1b6df2b001eb7059f1118f5531
6315b81900c9687effc6c97e33adfd09f873cfc685cac3a265e0ac571fe36cf3
650dfb0e564785e0d80e965a9e46f624249545ce0b521388f96bc28041de1fe6
6afda8c4bb11e4429c3790b9b6879359ff35a0cd0c4613c49047e0786e4abe24
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f4e4654abed70757238672026fb84e493cde4edefbd2b775200a0d37c2d76a8
7e3e7c21e25f30d42161900f88c52524f1c8001b046a0755559a0ca6b01cc1ba
8145832b17425b8ec24f8979c4175f0448ce41bf8536529f121f0b936922851b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c73241630e76430cae5f903be851b475c3da1d6937d0dc410e19bf7372be693
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e06744c8c99849a3fdd19e8941825c975b1f2de1ace06c8eb5924b33ddf4550
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0
9500323109402a1885a3edcdc4000d1902cc481cc8ff0ed786cb7c6a62bb11ef
96113a418657a2bc274508ae7cca5dc6d1285614790b3052fb9f1fdf799f6480
9651b8df7318e3734c6b535838489243781c0b1f16452af5548dd8955b76e731
97b97313509053ff3fd2e6f8bee0e2d651a9ccbbd5cfab916a61c8e62370daf6
996eb2ac0b0e0d67297c1d8e93456780ed458342e0918d8925f6b0cb5f17cf2a
9e0331cc38e85d25bc4282c0ebf337c5dd44646cf44e00dddcf12b5a543233d4
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b60ac743478456129201d02fb98a1c5722a96816a94415e6de91ef6b1c39eb4a
ba1fb3247b2b9227fa15ca1cfd5a01ccbef61a1acddf8b64e99d70a8fe630b62
bc89da2bb3eac9ee37fe5f94e1ed7042ed148b88e8ff2c8736b2863b21826a09
bce77f21c4837674909ad2960d4f0d595ddd09506a2133b9c766c8f8ab9a0139
bcf268e3d0b490a2634e396f727e6f2916339671ecc9b0fc8751dd4d5092a99e
bf51d3dd2de29666677f021d89120dc4ebf47514aac3e748172e7621b0731a8f
c44ff119f2434aaf5c751526c5c417a321c53a10646db19e6bc77096e48ff699
c7006f42658500f4d7bc780049d62aa15e5dd8a4c8ba228b685da56c09d233b2
c9b21bcd0a8fa704fd4767428dfc9af56f5fe96da28996a5c7e639c5f36dc67a
d5fd5a407c0fa66f4fd4e679174e7570a042c6768bd6994878d40e037c2c5705
d77295a9e742436b3ce0fe2b0420eb6257637e51a53c93ef75f21fcb3549eabb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e53cf3294dabc6b0e4bae22de5f3d7d39d345e66db00ce6e0c4a4b78da1cbb
ee3da5ce290b2f5f1c5b04b92fe9b82acf85ce6ba80c3354c1789934772dc686
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f3f0c8fa2b3c016eac5e8ba5942b38a4a39953c61d37c548959cdf2146436335
fa75aa7eef716d52138b21f2b9819ca9e1d86b681d0929da9355a21c113b1eda
fc8e46a2e9254cac82a256a8ba8ec62cd5391f4e78faea7ffc5870e13c7c3cb9
ff44f499cd7b8ce3310103019e32dc197f00313e0f05a084cd31858cacd5d612
ffab59c7949565bc6d17248ce1525a4b9eb051e085d897de0c4993e2a4929132

buy.neaq.org Open in urlscan Pro 40.119.1.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

91 %HTTPS

27 %IPv6

21 Domains

33 Subdomains

30 IPs

4 Countries

7643 kBTransfer

10096 kBSize

42 Cookies

82 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

buy.neaq.org Open in urlscan Pro
40.119.1.254 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

91 %
HTTPS

27 %
IPv6

21
Domains

33
Subdomains

30
IPs

4
Countries

7643 kB
Transfer

10096 kB
Size

42
Cookies

88 HTTP transactions
0 data transactions