URL: https://www.naturecaptions.com/
Submission: On October 18 via api from IN — Scanned from CA

Summary

This website contacted 34 IPs in 3 countries across 26 domains to perform 113 HTTP transactions. The main IP is 2606:4700:20::681a:761, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.naturecaptions.com.
TLS certificate: Issued by WE1 on September 18th 2024. Valid for: 3 months.
This is the only time www.naturecaptions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2400:52e0:1a0... 200325 (BUNNYCDN)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
12 2400:52e0:1a0... 200325 (BUNNYCDN)
2 183.240.98.228 56040 (CMNET-GUA...)
3 2607:f8b0:400... 15169 (GOOGLE)
2 208.95.112.2 53334 (TUT-AS)
1 2400:52e0:1a0... 200325 (BUNNYCDN)
4 173.194.175.156 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
4 162.19.138.118 16276 (OVH)
2 2607:f8b0:400... 15169 (GOOGLE)
1 3.162.103.64 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 173.194.175.155 15169 (GOOGLE)
1 2600:9000:204... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
1 2620:100:a00b::4 19750 (AS-CRITEO)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
8 209.85.201.113 15169 (GOOGLE)
1 2620:100:a00b... 19750 (AS-CRITEO)
1 2a04:4e42:400... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2620:1ec:bdf::40 8075 (MICROSOFT...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 209.85.201.154 15169 (GOOGLE)
12 2400:52e0:1a0... 200325 (BUNNYCDN)
3 172.175.38.6 8075 (MICROSOFT...)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 173.194.68.103 15169 (GOOGLE)
113 34
Apex Domain
Subdomains
Transfer
24 unibotscdn.com
cdn.unibotscdn.com — Cisco Umbrella Rank: 53698
stream.unibotscdn.com — Cisco Umbrella Rank: 97471
4 MB
17 naturecaptions.com
www.naturecaptions.com
127 KB
11 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
www.google.com — Cisco Umbrella Rank: 3
73 KB
9 yx247.com
gimg.yx247.com
311 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 634
k.clarity.ms — Cisco Umbrella Rank: 16360
c.clarity.ms — Cisco Umbrella Rank: 1236
30 KB
6 googlesyndication.com
5b597851d729d09037d2d8b6516d324f.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
109 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
182 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 522
cdn.id5-sync.com — Cisco Umbrella Rank: 994
31 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
276 KB
3 unibots.in
cdn.unibots.in — Cisco Umbrella Rank: 83040
168 KB
2 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 501
145 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
2 b-cdn.net
playerapi.b-cdn.net — Cisco Umbrella Rank: 63199
unibots.b-cdn.net — Cisco Umbrella Rank: 85568
4 KB
2 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6020
515 B
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 13307
12 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 190
771 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 364
17 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
10 KB
1 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 5947
183 KB
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 461
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 917
294 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2261
8 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 776
13 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
897 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 3694
4 KB
1 socket.io
cdn.socket.io — Cisco Umbrella Rank: 37029
13 KB
113 26
Domain Requested by
17 www.naturecaptions.com www.naturecaptions.com
12 stream.unibotscdn.com vjs.zencdn.net
12 cdn.unibotscdn.com www.naturecaptions.com
cdn.unibotscdn.com
vjs.zencdn.net
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
9 gimg.yx247.com www.naturecaptions.com
5 securepubads.g.doubleclick.net cdn.unibots.in
securepubads.g.doubleclick.net
imasdk.googleapis.com
3 k.clarity.ms www.clarity.ms
3 pagead2.googlesyndication.com imasdk.googleapis.com
securepubads.g.doubleclick.net
3 id5-sync.com cdn.unibots.in
cdn.id5-sync.com
3 www.googletagmanager.com cdn.unibots.in
cdn.unibotscdn.com
www.googletagmanager.com
3 cdn.unibots.in www.naturecaptions.com
cdn.unibots.in
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 c.clarity.ms 1 redirects
2 www.clarity.ms cdn.unibotscdn.com
www.clarity.ms
2 imasdk.googleapis.com cdn.unibotscdn.com
imasdk.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
2 pro.ip-api.com cdn.unibots.in
cdn.unibotscdn.com
2 hm.baidu.com www.naturecaptions.com
1 www.google.com tpc.googlesyndication.com
1 c.bing.com 1 redirects
1 s0.2mdn.net imasdk.googleapis.com
1 unibots.b-cdn.net cdn.unibotscdn.com
1 cdnjs.cloudflare.com cdn.unibotscdn.com
1 vjs.zencdn.net cdn.unibotscdn.com
1 gum.criteo.com static.criteo.net
1 lb.eu-1-id5-sync.com cdn.unibots.in
1 5b597851d729d09037d2d8b6516d324f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn.socket.io cdn.unibotscdn.com
1 playerapi.b-cdn.net cdn.unibotscdn.com
113 34

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
pinterest.com
Subject Issuer Validity Valid
naturecaptions.com
WE1
2024-09-18 -
2024-12-17
3 months crt.sh
cdn.unibots.in
R11
2024-10-01 -
2024-12-30
3 months crt.sh
yx247.com
WE1
2024-09-09 -
2024-12-08
3 months crt.sh
cdn.unibotscdn.com
R11
2024-09-30 -
2024-12-29
3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2024-07-08 -
2025-08-09
a year crt.sh
*.google-analytics.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-21 -
2025-01-20
a year crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA
2023-11-05 -
2024-11-11
a year crt.sh
*.g.doubleclick.net
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.id5-sync.com
E5
2024-09-01 -
2024-11-30
3 months crt.sh
*.google.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
cdn.socket.io
Amazon RSA 2048 M02
2024-09-19 -
2025-10-16
a year crt.sh
upload.video.google.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
cdn.prod.uidapi.com
E6
2024-09-11 -
2024-12-10
3 months crt.sh
id5-sync.com
WE1
2024-09-30 -
2024-12-29
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-24 -
2024-12-21
3 months crt.sh
oa.openxcdn.net
WR3
2024-09-16 -
2024-12-15
3 months crt.sh
*.eu-1-id5-sync.com
R10
2024-09-01 -
2024-11-30
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-24 -
2024-12-25
3 months crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-03-06 -
2025-04-07
a year crt.sh
cdnjs.cloudflare.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
*.doubleclick.net
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
stream.unibotscdn.com
R11
2024-09-05 -
2024-12-04
3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh
tpc.googlesyndication.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.naturecaptions.com/
Frame ID: 2415A73079CF81D7EDFB32B451E39068
Requests: 104 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 8FE4B0E701E475A704E870C449AC5DB7
Requests: 1 HTTP requests in this frame

Frame: https://5b597851d729d09037d2d8b6516d324f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F3C85D9552DEB045C144934AB3ECAB97
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.naturecaptions.com&gdpr=0&gdpr_consent=
Frame ID: AD963A3A20BCA4146EA61714D8BE3E6D
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.673.0_en.html
Frame ID: 2A6D54E8CA3CD9C1B55032DB14299003
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 55D5162E20CEFEBD27EF48F841B87252
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 437BD8053787B3E21529EB6556EB6175
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 902AA18CD1D9DD21FB79A9C072C7CB51
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Nature Captions

Detected technologies

Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

113
Requests

95 %
HTTPS

65 %
IPv6

26
Domains

34
Subdomains

34
IPs

3
Countries

5401 kB
Transfer

8387 kB
Size

29
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=83EA7002E0344434B7FB6747F194DE84&RedC=c.clarity.ms&MXFR=17DDACD5BC6B6FAA34C5B9C9B86B6199 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=83EA7002E0344434B7FB6747F194DE84&MUID=0EB871AE2DCC60A82D2064B22CF761A7

113 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.naturecaptions.com/
25 KB
6 KB
Document
General
Full URL
https://www.naturecaptions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:761 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.3.8
Resource Hash
cba5221543932f28168669a09cf4d00c8bbaf408b9e38e904caa3f9760f1e312
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8d45603eea096e0b-YUL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 18 Oct 2024 03:17:32 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FQUId1Jq4TpKewTYXdP7hM3NC9K3hFB3ZYKxHObmRk9i%2FEdjFwW81lwVu4%2FDZeDf8C0w2EbEOIFeyQbw3gRb4eNRybnJ1JPUmWn4YH5HeZp5NT9glz2Hi0lVT6%2BfBMNahTBliBpF9qGUwKhWmCfezUZNim8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
PHP/5.3.8
jquery.min.js
www.naturecaptions.com/files/js/
85 KB
31 KB
Script
General
Full URL
https://www.naturecaptions.com/files/js/jquery.min.js
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:761 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"5ac44255-1538f"
age
3097
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HCY4lcW4%2Bmqz1UznOUM94DHyqD7SMDRfL8stHt5On9nvVjsumf2SEJeZsZzgj2jeOWFtaWaNCdRdMhjOP%2Fp0WkaRV98pJ12VwsCaO0Prr2925mzuyI66nUqL%2BjmTmrhgIwnLftZhz1O%2BPVdbxeJjepXvqd4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 03:25:54 GMT
date
Fri, 18 Oct 2024 03:17:32 GMT
content-type
application/javascript
last-modified
Wed, 04 Apr 2018 03:11:17 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d456040bb706e0b-YUL
server
cloudflare
hb.js
cdn.unibots.in/headerbidding/common/
108 KB
42 KB
Script
General
Full URL
https://cdn.unibots.in/headerbidding/common/hb.js
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
6b350278900adf143c1325bb2287a0946bf75c623ad41025b0903f63f993f0a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
content-encoding
br
etag
"66f7f6f6-1afa5"
cdn-fileserver
687
date
Fri, 18 Oct 2024 03:17:33 GMT
cdn-storageserver
SG-560
last-modified
Sat, 28 Sep 2024 12:30:46 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cdn-cachedat
09/28/2024 12:30:57
cache-control
public, max-age=3600
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
6d836e0baf835a92bc8d01c168c7178f
cdn-pullzone
483488
cdn-proxyver
1.04
cdn-edgestorageid
940
server
BunnyCDN-IL1-1069
cdn-requestcountrycode
CA
index.css
www.naturecaptions.com/files/dist/css/ideas/
21 KB
5 KB
Stylesheet
General
Full URL
https://www.naturecaptions.com/files/dist/css/ideas/index.css?v=169
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:761 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94c49175acef1de393bbaf693f7eb11b0e964de82194af9713e3e696ba532f28
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66ea6c79-53ce"
age
2273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5VDT9r5iJAIY%2FL6caJtzF9aiu4VYbQgZ%2FyY4sNcpeYYmKegtbgZWhsB3k1e40g1Y3jFAFPPNRGRgqqvfH0DBl4nSjB5FeRRTk3kjAhIiwOTlOgAIDJFbSR1n7J8aiuvEUe0KNqcG24T8ZTAmn%2FGxKYBgP74%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 03:39:39 GMT
date
Fri, 18 Oct 2024 03:17:32 GMT
content-type
text/css
last-modified
Wed, 18 Sep 2024 06:00:25 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d456040bb6d6e0b-YUL
server
cloudflare
2002140823_24296_1709899919.jpg
gimg.yx247.com/feed_pic_2/151/15/
23 KB
23 KB
Image
General
Full URL
https://gimg.yx247.com/feed_pic_2/151/15/2002140823_24296_1709899919.jpg?101
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
745816f08b428caef13ef272379496f04f8e3d6727562404b0db74c755ca1569
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=16070400
cf-bgj
h2pri
cf-cache-status
HIT
age
275332
x-content-type-options
nosniff
cf-ray
8d4560417f034bd1-YUL
expires
Wed, 13 Nov 2024 21:53:52 GMT
accept-ranges
bytes
content-length
23260
date
Fri, 18 Oct 2024 03:17:33 GMT
content-type
image/jpeg
last-modified
Fri, 08 Mar 2024 12:11:59 GMT
vary
Accept-Encoding
server
cloudflare
2002141070_24296_1715934172.jpg
gimg.yx247.com/feed_pic_2/p600/142/28/
25 KB
25 KB
Image
General
Full URL
https://gimg.yx247.com/feed_pic_2/p600/142/28/2002141070_24296_1715934172.jpg?101
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e39455ed43f16f415b6ec773b3cd467d7fdd83255bd9d92fbf3d981201e99fa3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=16070400
cf-bgj
h2pri
cf-cache-status
HIT
age
275333
x-content-type-options
nosniff
cf-ray
8d4560417efe4bd1-YUL
expires
Wed, 13 Nov 2024 21:53:52 GMT
accept-ranges
bytes
content-length
25241
date
Fri, 18 Oct 2024 03:17:33 GMT
content-type
image/jpeg
last-modified
Fri, 17 May 2024 08:22:52 GMT
vary
Accept-Encoding
server
cloudflare
2002141074_24296_1715935929.jpg
gimg.yx247.com/feed_pic_2/p600/146/57/
20 KB
21 KB
Image
General
Full URL
https://gimg.yx247.com/feed_pic_2/p600/146/57/2002141074_24296_1715935929.jpg?101
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2086a2f0c85f8dfebfcb345e940036ac9f0df204757aa450cea5c2581f840c9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=16070400
cf-bgj
h2pri
cf-cache-status
HIT
age
75759
x-content-type-options
nosniff
cf-ray
8d4560417f004bd1-YUL
expires
Sat, 16 Nov 2024 05:20:04 GMT
accept-ranges
bytes
content-length
20880
date
Fri, 18 Oct 2024 03:17:33 GMT
content-type
image/jpeg
last-modified
Fri, 17 May 2024 08:52:09 GMT
vary
Accept-Encoding
server
cloudflare
player.js
cdn.unibotscdn.com/player/mvp/
272 KB
99 KB
Script
General
Full URL
https://cdn.unibotscdn.com/player/mvp/player.js
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::941:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-941 /
Resource Hash
d40ed650c401cf6f01da6396053aada03b2ea59003ab1198a61765314c59962d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"66912378-43ffc"
cdn-fileserver
630
date
Fri, 18 Oct 2024 03:17:33 GMT
cdn-storageserver
SG-516
last-modified
Fri, 12 Jul 2024 12:37:12 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
10/06/2024 16:28:36
cache-control
public, max-age=3600
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
40a26c15bda2e2d51124049b7d6c0167
cdn-pullzone
873945
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
1067
server
BunnyCDN-IL1-941
cdn-requestcountrycode
CA
2002141075_24296_1715936031.jpg
gimg.yx247.com/feed_pic_2/p600/147/31/
28 KB
29 KB
Image
General
Full URL
https://gimg.yx247.com/feed_pic_2/p600/147/31/2002141075_24296_1715936031.jpg?101
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
377e5f2d7c79bb81577fad2c51fb4e45be1b92d31d059e08da00b7fdef61187d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=16070400
cf-bgj
h2pri
cf-cache-status
HIT
age
301286
x-content-type-options
nosniff
cf-ray
8d4560417f024bd1-YUL
expires
Wed, 13 Nov 2024 14:41:19 GMT
accept-ranges
bytes
content-length
28919
date
Fri, 18 Oct 2024 03:17:33 GMT
content-type
image/jpeg
last-modified
Fri, 17 May 2024 08:53:51 GMT
vary
Accept-Encoding
server
cloudflare
2002141073_24296_1715935792.jpg
gimg.yx247.com/feed_pic_2/p600/145/48/
59 KB
59 KB
Image
General
Full URL
https://gimg.yx247.com/feed_pic_2/p600/145/48/2002141073_24296_1715935792.jpg?101
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e79abd320a6d0cf9a73dcc9ceaeea24da80f265f904e0faf894bb778248818b5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=16070400
cf-bgj
h2pri
cf-cache-status
HIT
age
75759
x-content-type-options
nosniff
cf-ray
8d4560417f054bd1-YUL
expires
Sat, 16 Nov 2024 05:20:04 GMT
accept-ranges
bytes
content-length
59958
date
Fri, 18 Oct 2024 03:17:33 GMT
content-type
image/jpeg
last-modified
Fri, 17 May 2024 08:49:53 GMT
vary
Accept-Encoding
server
cloudflare
2002141072_24296_1715935167.jpg
gimg.yx247.com/feed_pic_2/p600/144/63/
22 KB
22 KB
Image
General
Full URL
https://gimg.yx247.com/feed_pic_2/p600/144/63/2002141072_24296_1715935167.jpg?101
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bce591c64fa77d087fc8822356887f46d19650fe5ff30112f48c1c8f5413971
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=16070400
cf-bgj
h2pri
cf-cache-status
HIT
age
1984131
x-content-type-options
nosniff
cf-ray
8d4560417f074bd1-YUL
expires
Fri, 25 Oct 2024 03:14:08 GMT
accept-ranges
bytes
content-length
22171
date
Fri, 18 Oct 2024 03:17:33 GMT
content-type
image/jpeg
last-modified
Fri, 17 May 2024 08:39:27 GMT
vary
Accept-Encoding
server
cloudflare
2002141071_24296_1715935050.jpg
gimg.yx247.com/feed_pic_2/p600/143/10/
59 KB
59 KB
Image
General
Full URL
https://gimg.yx247.com/feed_pic_2/p600/143/10/2002141071_24296_1715935050.jpg?101
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1721b3c2d61f2ebb5888e3306c0b76d98c1301f2f0e1f35128cc636cdff1832
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=16070400
cf-bgj
h2pri
cf-cache-status
HIT
age
1984131
x-content-type-options
nosniff
cf-ray
8d456041bf504bd1-YUL
expires
Fri, 25 Oct 2024 03:14:08 GMT
accept-ranges
bytes
content-length
60467
date
Fri, 18 Oct 2024 03:17:33 GMT
content-type
image/jpeg
last-modified
Fri, 17 May 2024 08:37:30 GMT
vary
Accept-Encoding
server
cloudflare
2002141069_24296_1715934011.jpg
gimg.yx247.com/feed_pic_2/p600/141/59/
11 KB
11 KB
Image
General
Full URL
https://gimg.yx247.com/feed_pic_2/p600/141/59/2002141069_24296_1715934011.jpg?101
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac4b34114e7d551859bc3d3bed82eef9b915d3b84d490592febaf24b8957a633
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=16070400
cf-bgj
h2pri
cf-cache-status
HIT
age
1984131
x-content-type-options
nosniff
cf-ray
8d456041bf524bd1-YUL
expires
Fri, 25 Oct 2024 03:14:08 GMT
accept-ranges
bytes
content-length
11296
date
Fri, 18 Oct 2024 03:17:33 GMT
content-type
image/jpeg
last-modified
Fri, 17 May 2024 08:20:11 GMT
vary
Accept-Encoding
server
cloudflare
2002141068_24296_1715933916.jpg
gimg.yx247.com/feed_pic_2/p600/140/28/
64 KB
64 KB
Image
General
Full URL
https://gimg.yx247.com/feed_pic_2/p600/140/28/2002141068_24296_1715933916.jpg?101
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66b40bdf6e1c0849db5379eaa81418452ace082f4dcc002c0f6b8f663e3a747b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=16070400
cf-bgj
h2pri
cf-cache-status
HIT
age
1984131
x-content-type-options
nosniff
cf-ray
8d456041bf534bd1-YUL
expires
Fri, 25 Oct 2024 03:14:08 GMT
accept-ranges
bytes
content-length
65200
date
Fri, 18 Oct 2024 03:17:33 GMT
content-type
image/jpeg
last-modified
Fri, 17 May 2024 08:18:36 GMT
vary
Accept-Encoding
server
cloudflare
index.js
www.naturecaptions.com/files/dist/js/career/
3 KB
1 KB
Script
General
Full URL
https://www.naturecaptions.com/files/dist/js/career/index.js?v=169
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:761 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b496f7e8a2b68df851e26639b2f7e1890837b8e9fa5c708e355df39b870a34b1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"653e5bad-b93"
age
2271
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NACrbjvaYHKNUAazxdzF1%2F%2BvAwlxwOHIs4a8pVToBsNf7r18hs8CX5g6VmtWiNHEUU6iMZKWHQaydv8DDHRJ7g0ZmxBuZvcHX%2FLEOL73MqCCTUx6QewOGdVSv8cuTGlBNBD2f%2FSKGeXxakmlxU6yClcqha0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 03:39:40 GMT
date
Fri, 18 Oct 2024 03:17:32 GMT
content-type
application/javascript
last-modified
Sun, 29 Oct 2023 13:18:37 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d4560411bcc6e0b-YUL
server
cloudflare
all_one.js
www.naturecaptions.com/files/js/
1 KB
962 B
Script
General
Full URL
https://www.naturecaptions.com/files/js/all_one.js?v=169
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:761 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e475fbbe82e258fb7fe2010ea797ad1a66d88091aeb435efe1cb1a3f177a66d5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
age
3241
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cv91fz%2Fwugw9w8ZysDxz%2FlXhDDDFgbWGNZ9GZqibrUsNuQS9Ex%2B1s%2FF7gvuVUGmZdZhVUMkr%2FQaMaa82TKJY8rfkEp%2FqNnn4%2BP60u3MzjrmCkYh8k5dNUWvR%2BOxpLZfyVLnhKe7qGuHqWof7pa7ClwMSkYA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d4560411bce6e0b-YUL
expires
Fri, 18 Oct 2024 03:23:30 GMT
date
Fri, 18 Oct 2024 03:17:32 GMT
content-type
application/x-javascript
last-modified
Mon, 14 Oct 2024 00:37:06 GMT
vary
Accept-Encoding
server
cloudflare
dot0.svg
www.naturecaptions.com/files/images/material/
433 B
639 B
Image
General
Full URL
https://www.naturecaptions.com/files/images/material/dot0.svg
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/files/dist/css/ideas/index.css?v=169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:761 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e695ae6914d5fd0659923eefbdf985481172bbcc320155513bfc750a690de730
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/files/dist/css/ideas/index.css?v=169

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"65483bc0-1b1"
age
734
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HIvU73YWc2nH26jB1lEmJUQ4BP3nLDUcz5bou2Qyi43VZ7gOCZxKDSnY0KGFoFn5FnEc9prQxp45nXbYIp7IVDpSD75BJ0ocQpkyez%2FzMvrsrEOR1Hg%2Bq0HyUc89DmIXrNHPxnylKBGuIQApzNAdTQonVJA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d4560412bd46e0b-YUL
date
Fri, 18 Oct 2024 03:17:32 GMT
content-type
image/svg+xml
last-modified
Mon, 06 Nov 2023 01:05:04 GMT
vary
Accept-Encoding
server
cloudflare
dot1.svg
www.naturecaptions.com/files/images/material/
433 B
557 B
Image
General
Full URL
https://www.naturecaptions.com/files/images/material/dot1.svg
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/files/dist/css/ideas/index.css?v=169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:761 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29ce531591bb191ea0f69f31ddd2f09631de8ddece5e76d33628efc22d009ff2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/files/dist/css/ideas/index.css?v=169

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"65483bc0-1b1"
age
4444
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N7louWSIIQZOPvH%2BwSs2tpp6RVbTKt5ev7Avk9eDrx7yV7Ncmz2JdxiPO%2Fxg3dcT9lcWYtW6%2F9DaYA3SnCL62p2MIxwD5r6a0iZ9fdPJiYepRAJcniPyFjevE%2FDz7pDCGEAum%2BSVHwCv5LeKi5zppYPpgG8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d4560412bd66e0b-YUL
date
Fri, 18 Oct 2024 03:17:32 GMT
content-type
image/svg+xml
last-modified
Mon, 06 Nov 2023 01:05:04 GMT
vary
Accept-Encoding
server
cloudflare
dot2.svg
www.naturecaptions.com/files/images/material/
433 B
580 B
Image
General
Full URL
https://www.naturecaptions.com/files/images/material/dot2.svg
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/files/dist/css/ideas/index.css?v=169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:761 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e41ab8387a55b89f067cd405b86bcf78a8c4d8ef07bb4fe0f7e3eac2c417a4c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/files/dist/css/ideas/index.css?v=169

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
age
4444
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uPoBQiFONj5wjkfsJq%2Bxux8ZU3zvCbdBtXfLsxloUL%2BmnH9kgzyvTxHInhJ5lzBQepyc6g1N1u2rXkU0hB6Sh2GzAiPf0dZkw2ijo3zwhDANlqr6h%2F03TztB5QDGQLLtOYFrBp%2B%2BNZEwDYN0rUbYBFcaa6Q%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d4560412bd76e0b-YUL
date
Fri, 18 Oct 2024 03:17:32 GMT
content-type
image/svg+xml
last-modified
Mon, 06 Nov 2023 01:05:04 GMT
vary
Accept-Encoding
server
cloudflare
quote.svg
www.naturecaptions.com/files/images/material/
2 KB
1 KB
Image
General
Full URL
https://www.naturecaptions.com/files/images/material/quote.svg
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/files/dist/css/ideas/index.css?v=169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:761 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
982a7906f47251bd67679711f4ab13eb5c8afe9b0f5f1ec61970d14c9265e93c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/files/dist/css/ideas/index.css?v=169

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"65483bc0-62d"
age
2270
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZN6o%2FlSStcM%2BniTg9I22Rs6iFAQ%2Bp9vfkQXIeGmqOaLRcgzAgwN2Wp0pQUuBw0huBMsN6TuWMBxpPq2%2B%2FUcIsde%2BTuX0zXTsIelt9ES6LFamsHuFU8GOVw8W%2F6XfbSrW4%2BVW%2FrvuZ4SKa7gmrp0H6%2FnG2s%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d4560412bd96e0b-YUL
date
Fri, 18 Oct 2024 03:17:32 GMT
content-type
image/svg+xml
last-modified
Mon, 06 Nov 2023 01:05:04 GMT
vary
Accept-Encoding
server
cloudflare
barlow-semi-condensed-v6-latin-600.woff2
www.naturecaptions.com/files/fonts/
21 KB
21 KB
Font
General
Full URL
https://www.naturecaptions.com/files/fonts/barlow-semi-condensed-v6-latin-600.woff2
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/files/dist/css/ideas/index.css?v=169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:761 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f9635b2f06eeb1599c6c2028366aae6ef5815c3f62a73ac594fd432ea5236d3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.naturecaptions.com
Referer
https://www.naturecaptions.com/files/dist/css/ideas/index.css?v=169

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pJVFcRRejCv63K4xOU0L8zBw1kq83RKOjxpZ0KZfXo7iaJjGdJBEjavbsjCyPapdL6fQcw2hNAPYJDb6x6w3kOtC%2Bqr1tdg9c3h3F0SEWU2fxVBDfUrQatHsajCXAmjmtk0lQjWPB4%2BfySLyBYP%2Bx%2BWSCiA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d4560414bf96e0b-YUL
accept-ranges
bytes
content-length
21236
date
Fri, 18 Oct 2024 03:17:33 GMT
content-type
application/octet-stream
last-modified
Mon, 06 Nov 2023 01:05:04 GMT
vary
Accept-Encoding
server
cloudflare
nunito-sans-v6-latin-regular.woff2
www.naturecaptions.com/files/fonts/
17 KB
17 KB
Font
General
Full URL
https://www.naturecaptions.com/files/fonts/nunito-sans-v6-latin-regular.woff2
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/files/dist/css/ideas/index.css?v=169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:761 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b6bdb341440c662d46a4fe200f47772ede3040d2ce52ecfcab8f017f4fa2738
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.naturecaptions.com
Referer
https://www.naturecaptions.com/files/dist/css/ideas/index.css?v=169

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rMZWlMvvBdUGiw89EkSn4M8EQ%2FZsD2504RuJbOrnMFOaExGV3DwvXC8mk2Q%2FVN0jHhyKT%2BlmLu9tCVW2EedIK7ZDVeyiiJrCyRKoF3maZBqNPu3Mc8YqMEd2fvee%2FMj24YsFDksKGdZHo3qsc99GdukqNhs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d4560414bfb6e0b-YUL
accept-ranges
bytes
content-length
16920
date
Fri, 18 Oct 2024 03:17:33 GMT
content-type
application/octet-stream
last-modified
Mon, 06 Nov 2023 01:05:04 GMT
vary
Accept-Encoding
server
cloudflare
proximanova-semibold-webfont.woff2
www.naturecaptions.com/files/fonts/
20 KB
20 KB
Font
General
Full URL
https://www.naturecaptions.com/files/fonts/proximanova-semibold-webfont.woff2
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/files/dist/css/ideas/index.css?v=169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:761 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ec2b29096b119e0d33066f109b86bd25438f02717af7003af528941f932b8b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.naturecaptions.com
Referer
https://www.naturecaptions.com/files/dist/css/ideas/index.css?v=169

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QNWVXc6bONNO26DflLnzhDJ%2F4HC7dCxpwGtOqgHzQj9nDav1zcpc55krPGqeIIgj0xRvK7bQel00Wyx8I9oIDiH5jOoym%2BvLfUrBnXgowzAuZ3bguEPBoayltWDKJw8ragiGMqxotM6rjuA5qrh6f43dGrg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d4560414bfc6e0b-YUL
accept-ranges
bytes
content-length
20648
date
Fri, 18 Oct 2024 03:17:33 GMT
content-type
application/octet-stream
last-modified
Mon, 21 Aug 2023 07:00:35 GMT
vary
Accept-Encoding
server
cloudflare
hm.js
hm.baidu.com/
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?e5e377ae8ee4f612dbba993fb11f25b6
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/files/js/all_one.js?v=169
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.240.98.228 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
d8b3728382b845361033501fe23647be51a0565ecbd1eecf8a6fe447061cbbc9
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
max-age=0, must-revalidate
Content-Encoding
gzip
Etag
009e86fe8cacffccf2955079138fce87
Content-Length
11298
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date
Fri, 18 Oct 2024 03:17:34 GMT
Content-Type
application/javascript
Server
apache
proximanova-regular-webfont.woff2
www.naturecaptions.com/files/fonts/
20 KB
20 KB
Font
General
Full URL
https://www.naturecaptions.com/files/fonts/proximanova-regular-webfont.woff2
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/files/dist/css/ideas/index.css?v=169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:761 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6319442692dd4fc73547a3c23c0cf533ccffff8e14f9a6743bb3ebddb499313
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.naturecaptions.com
Referer
https://www.naturecaptions.com/files/dist/css/ideas/index.css?v=169

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jqMWljKMCx%2FgOpqubYE9%2FalAiBsPXOZovfU5iuxcERBhwYZa8VcFc9InJnhJT8z3OugugcwliLK6CxTGwpOA%2FkV5U3YUUWM5GfzD4UHBQP7fGfgm4FdajJcJay5f2E9PQcN1JmDtlK%2BXn%2FC4huKQQw23v%2BQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d4560417c216e0b-YUL
accept-ranges
bytes
content-length
20556
date
Fri, 18 Oct 2024 03:17:33 GMT
content-type
application/octet-stream
last-modified
Mon, 21 Aug 2023 07:00:35 GMT
vary
Accept-Encoding
server
cloudflare
naturecaptions_monetiseup.json
cdn.unibots.in/headerbidding/
3 KB
2 KB
Fetch
General
Full URL
https://cdn.unibots.in/headerbidding/naturecaptions_monetiseup.json
Requested by
Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
77c7d7e876f32d48da13e1071a662f2dc4de7fb626919e3130bcb25b255a4887

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"66ebeab7-d3f"
cdn-fileserver
901
date
Fri, 18 Oct 2024 03:17:33 GMT
cdn-storageserver
SG-515
last-modified
Thu, 19 Sep 2024 09:11:19 GMT
content-type
application/json
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
09/26/2024 12:25:06
cache-control
public, max-age=3600
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
356ab6853b75e7fcdbe00501b55af393
cdn-pullzone
483488
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
1029
server
BunnyCDN-IL1-1069
cdn-requestcountrycode
CA
js
www.googletagmanager.com/gtag/
261 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MMPZX2GT12
Requested by
Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4ec02a3e3f4255648f8bf783799c47629c4060725d8be25eaed7a27bbebea887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 18 Oct 2024 03:17:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 03:17:33 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
94026
x-xss-protection
0
server
Google Tag Manager
/
pro.ip-api.com/json/
60 B
215 B
Fetch
General
Full URL
https://pro.ip-api.com/json/?fields=status,message,continentCode,countryCode&key=LWKtz4EzQwMJRyQ
Requested by
Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
208.95.112.2 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
f408deedaaa8000776b1e95c0088ebadfb04579740d030e6730e91aa88f022c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

Access-Control-Allow-Origin
*
Content-Length
60
Date
Fri, 18 Oct 2024 03:17:34 GMT
Content-Type
application/json; charset=utf-8
/
pro.ip-api.com/json/
144 B
300 B
Fetch
General
Full URL
https://pro.ip-api.com/json/?fields=query,status,message,continent,countryCode,country,city,region&key=LWKtz4EzQwMJRyQ
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
208.95.112.2 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
3a282f19c0680096900409e869270446e9512b14bf7127e6eae73fa0f11e1071

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

Access-Control-Allow-Origin
*
Content-Length
144
Date
Fri, 18 Oct 2024 03:17:34 GMT
Content-Type
application/json; charset=utf-8
playerConfig
playerapi.b-cdn.net/website/
5 KB
2 KB
XHR
General
Full URL
https://playerapi.b-cdn.net/website/playerConfig?playerName=naturecaptions.com_1726552941529
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::718:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-718 / Express
Resource Hash
49dd50369fd4ca5dbdf086ee36fef1df4d1c3186b41b7a9c9ff33a07a21862b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
content-encoding
gzip
date
Fri, 18 Oct 2024 03:17:34 GMT
content-type
application/json; charset=utf-8
cdn-cachedat
10/16/2024 20:50:53
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cache-control
public, max-age=180
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
24d87eac51b6ced95fe96b06b4f09a18
cdn-pullzone
2334489
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
941
x-powered-by
Express
server
BunnyCDN-IL1-718
cdn-requestcountrycode
CA
gpt.js
securepubads.g.doubleclick.net/tag/js/
107 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f156.1e100.net
Software
cafe /
Resource Hash
755634f30bba153f4db6f2680e87d930386ca5bc09a8da8c4c10e1a4e9881d81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

content-encoding
br
etag
87 / 20014 / m202410140101 / config-hash: 6456294324285830647
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 03:17:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 18 Oct 2024 03:17:34 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33803
x-xss-protection
0
server
cafe
adScript.js
cdn.unibots.in/headerbidding/common/
371 KB
124 KB
Script
General
Full URL
https://cdn.unibots.in/headerbidding/common/adScript.js
Requested by
Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
c4c1a9ec5d0205eef5ce26dc81689e83882d32aead392258c07a29332a234b90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
content-encoding
br
etag
"66ea7b65-5cb22"
cdn-fileserver
560
date
Fri, 18 Oct 2024 03:17:34 GMT
cdn-storageserver
SG-561
last-modified
Wed, 18 Sep 2024 07:04:05 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cdn-cachedat
10/16/2024 23:15:55
cache-control
public, max-age=3600
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
caecc38effaf4d5f0b90c9e413bd3736
cdn-pullzone
483488
cdn-proxyver
1.04
cdn-edgestorageid
871
server
BunnyCDN-IL1-1069
cdn-requestcountrycode
CA
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MMPZX2GT12&gtm=45je4ah0v9195446892za200&_p=1729221453815&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685&cid=136849250.1729221454&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729221454&sct=1&seg=0&dl=https%3A%2F%2Fwww.naturecaptions.com%2F&dt=Nature%20Captions&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1582
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MMPZX2GT12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.naturecaptions.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 03:17:34 GMT
content-type
text/plain
server
Golfe2
mvp_parent.json
cdn.unibotscdn.com/clientdata/
16 KB
5 KB
Fetch
General
Full URL
https://cdn.unibotscdn.com/clientdata/mvp_parent.json
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::941:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-941 /
Resource Hash
ab5ff8c06e076b6e5293abba892095446248aa4a83a60e73cbdda9842f739a5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"66ff743a-3eba"
cdn-fileserver
687
date
Fri, 18 Oct 2024 03:17:34 GMT
cdn-storageserver
SG-561
last-modified
Fri, 04 Oct 2024 04:51:06 GMT
content-type
application/json
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
10/04/2024 04:52:24
cache-control
public, max-age=3600
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
a3bd0206a6ae423e62f5336f8ac39ad1
cdn-pullzone
873945
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
845
server
BunnyCDN-IL1-941
cdn-requestcountrycode
CA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/
475 KB
148 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f156.1e100.net
Software
cafe /
Resource Hash
1a3cba3a57e7b6bd578bfd37c841b6fa2e2b0f332e83b86848e1183d2a6b5e70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

content-encoding
br
etag
6200590973078812877
age
27801
x-content-type-options
nosniff
expires
Fri, 17 Oct 2025 19:34:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 17 Oct 2024 19:34:13 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
151472
x-xss-protection
0
server
cafe
basic_upr.json
cdn.unibotscdn.com/clientdata/
3 KB
1 KB
Fetch
General
Full URL
https://cdn.unibotscdn.com/clientdata/basic_upr.json
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::941:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-941 /
Resource Hash
eded1498ff4cb5d806f045bb3f877c154f9b4154ee473a3f87ee2a68971a43f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"662786ec-b36"
cdn-fileserver
713
date
Fri, 18 Oct 2024 03:17:34 GMT
cdn-storageserver
SG-560
last-modified
Tue, 23 Apr 2024 10:01:16 GMT
content-type
application/json
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
09/24/2024 08:56:41
cache-control
public, max-age=3600
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
d14736eec2ed7d2b5c8935eab66536db
cdn-pullzone
873945
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
894
server
BunnyCDN-IL1-941
cdn-requestcountrycode
CA
prebid
id5-sync.com/api/config/
194 B
671 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/adScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
016e288491a21b26e08af68daed5da701a2ae9bc8d7713fbf76e11870019e106
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.naturecaptions.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.naturecaptions.com
p3p
CP="CAO PSA OUR"
date
Fri, 18 Oct 2024 03:17:34 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
21928950349
fundingchoicesmessages.google.com/i/
195 KB
64 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/21928950349?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c378960545b5264679aba05d2277578fcc45d47c642b544c7c4b5f6add020b0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_MOXxV4Bkjt1q3McuLLVRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 03:17:34 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJi8NeQYjhx6zbTBSA-73SH6ToQS3x9yaQGxE7pM1gDgLj15jnWyUCc9O88awEQu2tdZPUHYkOFS6z2QOxYdInVE4hVey6xGgPx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1gYgvt10hfUxEAvxcJxbdnwHm8CPd0eWMSlpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoYmuoZmMcXGAAA1DVQGQ"
content-security-policy
script-src 'report-sample' 'nonce-_MOXxV4Bkjt1q3McuLLVRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
socket.io.min.js
cdn.socket.io/4.5.4/
43 KB
13 KB
Script
General
Full URL
https://cdn.socket.io/4.5.4/socket.io.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-64.iad61.r.cloudfront.net
Software
Vercel /
Resource Hash
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

content-encoding
gzip
etag
W/"db9bf2a88958a37857fb8f7b56e0fe04"
age
1768816
x-cache
Hit from cloudfront
x-amz-cf-id
7mjJDehpJ8KdeekC5RoGYQmZhFjT6737m5konV6KAgKnFq2A5y4Kuw==
date
Mon, 07 Oct 2024 04:15:46 GMT
content-type
application/javascript; charset=utf-8
content-disposition
inline; filename="socket.io.min.js"
strict-transport-security
max-age=63072000
cache-control
public, max-age=31536000, immutable
x-vercel-cache
HIT
via
1.1 3fad6888361bd8bcd9c5b458635f78d0.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD61-P1
server
Vercel
x-vercel-id
iad1::kr7w7-1728274546266-87525f16aa9a
videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/
975 B
1010 B
Stylesheet
General
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::941:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-941 /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"642bf618-3cf"
cdn-fileserver
561
date
Fri, 18 Oct 2024 03:17:34 GMT
cdn-storageserver
SG-560
last-modified
Tue, 04 Apr 2023 10:04:08 GMT
content-type
text/css
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
10/14/2024 17:35:22
cache-control
public, max-age=3600
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
a96f86b27b571783a8efc310741676e3
cdn-pullzone
873945
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
894
server
BunnyCDN-IL1-941
cdn-requestcountrycode
CA
videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::941:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-941 /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"642bf619-eda"
cdn-fileserver
560
date
Fri, 18 Oct 2024 03:17:34 GMT
cdn-storageserver
SG-560
last-modified
Tue, 04 Apr 2023 10:04:09 GMT
content-type
text/css
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
09/24/2024 08:58:00
cache-control
public, max-age=3600
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
18cc47951aa220da25f22aae13c87151
cdn-pullzone
873945
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
941
server
BunnyCDN-IL1-941
cdn-requestcountrycode
CA
video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/
39 KB
11 KB
Stylesheet
General
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::941:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-941 /
Resource Hash
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"642bf617-9cdf"
cdn-fileserver
561
date
Fri, 18 Oct 2024 03:17:34 GMT
cdn-storageserver
SG-515
last-modified
Tue, 04 Apr 2023 10:04:07 GMT
content-type
text/css
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
09/24/2024 21:58:41
cache-control
public, max-age=3600
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
30bfbc407f8c10b3395757d27467ee61
cdn-pullzone
873945
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
1068
server
BunnyCDN-IL1-941
cdn-requestcountrycode
CA
main.css
cdn.unibotscdn.com/ubplayer/mvp/css/
13 KB
4 KB
Stylesheet
General
Full URL
https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::941:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-941 /
Resource Hash
8a114725ea768b5c7ec4245d865daf3ee81a0341ce40d0a76d2ecdf5b634f502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"66ed210c-326e"
cdn-fileserver
560
date
Fri, 18 Oct 2024 03:17:34 GMT
cdn-storageserver
SG-561
last-modified
Fri, 20 Sep 2024 07:15:24 GMT
content-type
text/css
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
10/06/2024 01:22:34
cache-control
public, max-age=3600
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
b15c2e782c2b86908ef455ca8d6b617d
cdn-pullzone
873945
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
871
server
BunnyCDN-IL1-941
cdn-requestcountrycode
CA
ima3.js
imasdk.googleapis.com/js/sdkloader/
423 KB
145 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75eaff1b0db3d278028ca29165d0e696ab4fe9d0ecf694b1ee84623c1f9a2d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cache-control
private, max-age=900, stale-while-revalidate=3600
content-encoding
gzip
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 03:17:34 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147932
date
Fri, 18 Oct 2024 03:17:34 GMT
x-xss-protection
0
content-type
text/javascript
vary
Accept-Encoding
server
sffe
AGSKWxUi99piysjcRC2sTQfzsl5G7Z-kVlA6GWzXfLmLZF1az6C-9brdT5R6x58zdFZ4L66LblfQ97hXzD9362TUU3dliUeXKDLAgskXA0SDFOTkSGdttx5e2dCH1pztytPJE9RZLsdSDQ==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUi99piysjcRC2sTQfzsl5G7Z-kVlA6GWzXfLmLZF1az6C-9brdT5R6x58zdFZ4L66LblfQ97hXzD9362TUU3dliUeXKDLAgskXA0SDFOTkSGdttx5e2dCH1pztytPJE9RZLsdSDQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MjIxNDU0LDc3NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cubmF0dXJlY2FwdGlvbnMuY29tLyIsbnVsbCxbWzgsIlR5MGhlTWZ6WDNzIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
20a782f938606dfd7ba9aa008221a2136c48cbe0345476eec6eeee45c944e235
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gKUtr___c5QNt9gAumDStQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 03:17:34 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJicNeQYjh56zbTRSA-73SH6ToQS3x9yaQGxE7pM1gDgLj15jnWyUCc9O88awEQu2tdZPUHYkOFS6z2QOxYdInVE4hVey6xGgPx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1gYgvt10hfUxEAvxcJxbdnwHm8CHzZ86mJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0MTfUMzOMLDADG-E_h"
content-security-policy
script-src 'report-sample' 'nonce-gKUtr___c5QNt9gAumDStQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 8FE4
0
0
Document
General
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f155.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.naturecaptions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1701
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29415
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 02:49:13 GMT
expires
Fri, 18 Oct 2024 03:39:13 GMT
last-modified
Mon, 14 Oct 2024 19:44:52 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
uid2SecureSignal.js
cdn.prod.uidapi.com/
3 KB
4 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2043:9800:a:e047:754:afe1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

x-amz-version-id
0u1R0tyw.MUCZY63NwBE.7D35dRY5mh8
ETag
"0537d8d06dd9dfbe911ad6bf6504f4bf"
Age
24861
Connection
keep-alive
Via
1.1 ad33a7dc97675cfa762f108cc1358fdc.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
3181
X-Amz-Cf-Id
epkTk4K4K2clDtSvnnY8rwNDSul1onNuxF5GJbUWNv7W7Q--qOpNqQ==
Date
Thu, 17 Oct 2024 20:23:15 GMT
Content-Type
text/javascript
Last-Modified
Wed, 31 Jul 2024 16:30:07 GMT
Server
AmazonS3
X-Amz-Cf-Pop
MSP50-C2
x-amz-server-side-encryption
AES256
esp.js
cdn.id5-sync.com/api/1.0/
99 KB
29 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae33c40aa889646f2c2b3383d8be2cb2a29f4c84e27cc856536bf576dcd82f33
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

x-amz-id-2
ZFdsmLDiL6YM+0Mb+Uu+J+48nLxU/uLlhyoURDhn2NtM1bSxrIZkXKyVE3qpXFaRaoSDg9qU0SQ=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"851c43b3dfc1b13c6814012a69b7a390"
age
2263
x-amz-request-id
C0JFJRT2SKKAMMJ0
cf-ray
8d45604ccd02a308-YUL
date
Fri, 18 Oct 2024 03:17:34 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 02 Oct 2024 12:26:13 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
897 B
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
age
1281
x-content-type-options
nosniff
x-jsd-version-type
branch
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 18 Oct 2024 03:17:34 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230042-FRA, cache-yul1970026-YUL
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
439
x-jsd-version
master
publishertag.ids.js
static.criteo.net/js/ld/
42 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"670e3454-a69c"
cross-origin-resource-policy
cross-origin
expires
Sat, 19 Oct 2024 03:17:34 GMT
access-control-allow-origin
*
date
Fri, 18 Oct 2024 03:17:34 GMT
content-type
text/javascript
last-modified
Tue, 15 Oct 2024 09:22:28 GMT
server
nginx
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag
"df5542b88bc0e368c6999754a5b9e2ba"
age
92866
x-goog-stored-content-encoding
gzip
expires
Fri, 17 Oct 2025 01:29:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
7927
date
Thu, 17 Oct 2024 01:29:48 GMT
last-modified
Thu, 27 May 2021 18:30:51 GMT
content-type
application/javascript
x-guploader-uploadid
AHmUCY3saqH7HO1lKRFbvC78kpA_JH0PvbIRXrWazoiCaUx-lGTyRtoDAN_Zl2MozQIQSYG8BGo
cache-control
no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
x-goog-generation
1622140251693895
content-length
7927
server
UploadServer
ads
securepubads.g.doubleclick.net/gampad/
2 KB
477 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2221548414081545&correlator=4423758478036829&eid=31079957%2C31085776%2C31086810&output=ldjh&gdfp_req=1&vrg=202410140101&ptt=17&impl=fifs&gdpr=0&iu_parts=21928950349%3A22971522028%2Cnaturecaptions.com_monetiseup_anchor%2Cnaturecaptions.com_monetiseup_leaderboard_1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x50%7C300x90%7C300x100%7C320x50%7C320x90%7C320x100%7C728x90%2C300x100%7C300x250%7C336x250%7C720x90%7C728x90%7C728x250%7C970x90%7C970x250&ifi=1&didk=1564615756~2855009535&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1729221454792&lmt=1729221454&adxs=-12245933%2C650&adys=-12245933%2C2426&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.naturecaptions.com%2F&vis=1&psz=300x-1%7C1360x0&msz=0x-1%7C1360x0&fws=640%2C0&ohw=0%2C0&td=1&egid=18449&tan=846e08cb-c61d-4aed-88a2-988486976700%2C846e08cb-c61d-4aed-88a2-988486976701&tdf=2&topics=9&tps=9&htps=10&a3p=EhkKCnB1YmNpZC5vcmcYwteF7akySABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMLXhe2pMkgAUgIIZBIZCgp1aWRhcGkuY29tGMLXhe2pMkgAUgIIZBIUCgVvcGVueBjC14XtqTJIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMLXhe2pMkgAUgIIZA..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1729221452897&idt=1485&prev_scp=ad_ref_count%3D0%26KV2%3D0.01%7Cad_ref_count%3D0%26KV2%3D0.01&adks=2090996628%2C4261745961&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f156.1e100.net
Software
cafe /
Resource Hash
562d37e07410df9cfb46c2408a669a8f67bbcaf9ec201b49f793a5a893465621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

content-encoding
br
google-lineitem-id
-2,-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2,-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 18 Oct 2024 03:17:35 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2,-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.naturecaptions.com
content-length
446
x-xss-protection
0
server
cafe
container.html
5b597851d729d09037d2d8b6516d324f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F3C8
0
0
Document
General
Full URL
https://5b597851d729d09037d2d8b6516d324f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.naturecaptions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 03:17:34 GMT
expires
Fri, 18 Oct 2024 03:17:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?hca=7888424A68938538&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-ca&lo=0&rnd=1006977683&si=e5e377ae8ee4f612dbba993fb11f25b6&v=1.3.2&lv=1&sn=14945&r=0&ww=1600&u=https%3A%2F%2Fwww.naturecaptions.com%2F&tt=Nature%20Captions
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.240.98.228 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
private, max-age=0, no-cache
Pragma
no-cache
X-Content-Type-Options
nosniff
Content-Length
43
Date
Fri, 18 Oct 2024 03:17:35 GMT
Content-Type
image/gif
Server
apache
v1
lb.eu-1-id5-sync.com/lb/
45 B
294 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/adScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
429c09ef872b45d80fa51a8ed156e581ed31fd094c179e4d6dd1d3f1bf18f20b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.naturecaptions.com
date
Fri, 18 Oct 2024 03:17:34 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
AGSKWxUEi9gJ6JN1NNi4cgt17vly1Ss6tCpg2N3qGGknVsFJnOcQ5Hpp2Hed4RENapDqkmnzQWHnFmtnSMI8f4Gj9O5yKfVkoqkeMVfV8kvH1wGcHQv-xyWFlEs4UI_gKq1iSzx70vZwyw==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUEi9gJ6JN1NNi4cgt17vly1Ss6tCpg2N3qGGknVsFJnOcQ5Hpp2Hed4RENapDqkmnzQWHnFmtnSMI8f4Gj9O5yKfVkoqkeMVfV8kvH1wGcHQv-xyWFlEs4UI_gKq1iSzx70vZwyw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MjIxNDU0LDg1NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3Lm5hdHVyZWNhcHRpb25zLmNvbS8iLG51bGwsW1s4LCJUeTBoZU1melgzcyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f113.1e100.net
Software
ESF /
Resource Hash
42bac0fe5518d41c72ff1c0a2b8ffdf5dd58ead5cf725de43a07f1f1b11e3f32
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Hzjkp9bKQuwsWpY0JA8O6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 03:17:34 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJicNeQYjh56zbTRSA-73SH6ToQS3x9yaQGxE7pM1gDgLj15jnWyUCc9O88awEQu2tdZPUHYkOFS6z2QOxYdInVE4hVey6xGgPx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1gYgvt10hfUxEAvxcJxbdnwHm0DD6c0bmZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0MTfUMzOMLDACysU9z"
content-security-policy
script-src 'report-sample' 'nonce-Hzjkp9bKQuwsWpY0JA8O6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
increment
id5-sync.com/api/esp/
0
238 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.naturecaptions.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.naturecaptions.com
date
Fri, 18 Oct 2024 03:17:34 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
syncframe
gum.criteo.com/ Frame AD96
0
0
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.naturecaptions.com&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.naturecaptions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 03:17:34 GMT
server
Kestrel
server-processing-duration-in-ticks
317191
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
ima_ppub_config
securepubads.g.doubleclick.net/pagead/
802 B
202 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fwww.naturecaptions.com%2F
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f156.1e100.net
Software
cafe /
Resource Hash
56da8c229bc6cb6156a0a3eb4a87bc2ddd0016a27225cdf39c8399ae390e4eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 03:17:35 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
177
date
Fri, 18 Oct 2024 03:17:35 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
video.min.js
vjs.zencdn.net/8.10.0/
619 KB
183 KB
Script
General
Full URL
https://vjs.zencdn.net/8.10.0/video.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0957d68a4f0298bad4d37b150b48cbb022f62ac9b660df7056dd6194f69e4dc0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

vary
Accept-Encoding
timing-allow-origin
*
content-encoding
gzip
etag
"1b57eb5452ebb18f777d224eb9b0fc06"
access-control-allow-origin
*
x-cache
HIT
content-length
187525
date
Fri, 18 Oct 2024 03:17:35 GMT
last-modified
Wed, 17 Jan 2024 12:53:07 GMT
content-type
text/javascript
x-served-by
cache-yul1970053-YUL
x-cache-hits
2892
x-amz-server-side-encryption
AES256
videojs.ads.min.js
cdnjs.cloudflare.com/ajax/libs/videojs-contrib-ads/7.5.2/
38 KB
10 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/videojs-contrib-ads/7.5.2/videojs.ads.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad2d77b2cd7915291574050a8dc0cbadaf09f260ff6467fba39a3018fcf382c0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"66479b54-2595"
age
115934
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oKdI0wkq4i9zqtj57ojqwuAl9oMMGDBV3GjDaydRXEa26LRc%2F%2FNtmnkc5Anm1Vu8UpA9dO2xS906%2BakUrb6HZsNVWtcZMYqdqQr4E8gUH7KZclIl335z%2FTjH5rhocJ96bjGBZTanYPbb%2Bt6SM8tS3KI0"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 03:17:35 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 03:17:35 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 17 May 2024 18:00:52 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d45604f7aada2c8-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
9621
server
cloudflare
videojs.ima.js
cdn.unibotscdn.com/ubplayer/dist/js/
84 KB
18 KB
Script
General
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::941:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-941 /
Resource Hash
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"642bf625-14fe2"
cdn-fileserver
561
date
Fri, 18 Oct 2024 03:17:35 GMT
cdn-storageserver
SG-560
last-modified
Tue, 04 Apr 2023 10:04:21 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
10/14/2024 17:35:23
cache-control
public, max-age=3600
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
b0fb1b17a5ec5f7bf58bca87270d6772
cdn-pullzone
873945
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
894
server
BunnyCDN-IL1-941
cdn-requestcountrycode
CA
can-autoplay.min.js
cdn.unibotscdn.com/ubplayer/dist/js/
11 KB
4 KB
Script
General
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::941:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-941 /
Resource Hash
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"642bf620-2ae4"
cdn-fileserver
561
date
Fri, 18 Oct 2024 03:17:35 GMT
cdn-storageserver
SG-516
last-modified
Tue, 04 Apr 2023 10:04:16 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
09/24/2024 09:00:38
cache-control
public, max-age=3600
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
93979521f5d4ac5933db31e1d91a3b7b
cdn-pullzone
873945
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
1068
server
BunnyCDN-IL1-941
cdn-requestcountrycode
CA
videojs-playlist.min.js
cdn.unibotscdn.com/ubplayer/dist/js/
5 KB
3 KB
Script
General
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::941:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-941 /
Resource Hash
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"642bf623-13b1"
cdn-fileserver
560
date
Fri, 18 Oct 2024 03:17:35 GMT
cdn-storageserver
SG-560
last-modified
Tue, 04 Apr 2023 10:04:19 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
09/24/2024 09:00:41
cache-control
public, max-age=3600
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
2bb9255e024cc770c28424d610041281
cdn-pullzone
873945
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
1070
server
BunnyCDN-IL1-941
cdn-requestcountrycode
CA
438.json
id5-sync.com/g/v2/
632 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/438.json
Requested by
Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/adScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
8d55c95249c5a1d2647a2e20523c92efa8ea5b0446b2d6cd07ac88573c62f143
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.naturecaptions.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.naturecaptions.com
p3p
CP="CAO PSA OUR"
date
Fri, 18 Oct 2024 03:17:35 GMT
content-type
application/json
vary
Origin
js
www.googletagmanager.com/gtag/
261 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7R5B678L79
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fd0b0fe6fea75eb6267b4a924b6312dcdcd14430378ac8ec29995a3c82cf59f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 18 Oct 2024 03:17:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 03:17:35 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
93991
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/
261 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7R5B678L79&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MMPZX2GT12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d2d7d79997129f8b8b18c91d24a0262e204f168951878425fe3100c517f03517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 18 Oct 2024 03:17:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 03:17:35 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
94050
x-xss-protection
0
server
Google Tag Manager
o612gms0jg
www.clarity.ms/tag/
689 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/o612gms0jg
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3dc08ba0926a27201a08b086e65c71b0bdd7da1bb1b2ba4e65b08fce0675886c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
689
date
Fri, 18 Oct 2024 03:17:35 GMT
content-type
application/x-javascript
x-azure-ref
20241018T031735Z-17bf56bcc4bbnvmfdd6x1nd1kc00000004x000000000c16c
b8227dda-2f21-45e6-82ed-702aee4acbdc
https://www.naturecaptions.com/
1 KB
0
Media
General
Full URL
blob:https://www.naturecaptions.com/b8227dda-2f21-45e6-82ed-702aee4acbdc
Requested by
Host: www.naturecaptions.com
URL: https://www.naturecaptions.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

Content-Type
video/mp4
Content-Range
bytes 0-1492/1493
Content-Length
1493
truncated
/
4 KB
4 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4735c4e647a5fbf02419108212b4a35c4462430a862cc3d30577eb2e6eb7d9d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.naturecaptions.com
Referer

Response headers

Content-Type
application/font-woff;charset=utf-8
thumbnail_mapping.json
cdn.unibotscdn.com/ubplayer/video/
4 KB
2 KB
Fetch
General
Full URL
https://cdn.unibotscdn.com/ubplayer/video/thumbnail_mapping.json
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::941:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-941 /
Resource Hash
2700c69458511762f8bdd51c6ac3f01e048994ab9ff65ef9b094e7bce30e367a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"64d33021-109d"
cdn-fileserver
630
date
Fri, 18 Oct 2024 03:17:35 GMT
cdn-storageserver
SG-516
last-modified
Wed, 09 Aug 2023 06:20:17 GMT
content-type
application/json
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
09/24/2024 09:00:46
cache-control
public, max-age=3600
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
77352a2bccea1647d6a5546539f2597f
cdn-pullzone
873945
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
1069
server
BunnyCDN-IL1-941
cdn-requestcountrycode
CA
logo_2.svg
unibots.b-cdn.net/ubplayer/logo/new/
1 KB
1 KB
Image
General
Full URL
https://unibots.b-cdn.net/ubplayer/logo/new/logo_2.svg
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://cdn.unibotscdn.com/

Response headers

cdn-status
200
content-encoding
br
etag
"6388262c-57b"
cdn-fileserver
424
date
Fri, 18 Oct 2024 03:17:35 GMT
cdn-storageserver
SG-561
last-modified
Thu, 01 Dec 2022 03:57:32 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cdn-cachedat
09/24/2024 09:00:45
cache-control
public, max-age=3600
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
2d7e7b3e417f5216f6ca605b5e8dd0b6
cdn-pullzone
483488
cdn-proxyver
1.04
cdn-edgestorageid
1069
server
BunnyCDN-IL1-1069
cdn-requestcountrycode
CA
bridge3.673.0_en.html
imasdk.googleapis.com/js/core/ Frame 2A6D
0
0
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.673.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.naturecaptions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
228388
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
257403
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Oct 2024 11:51:07 GMT
expires
Wed, 15 Oct 2025 11:51:07 GMT
last-modified
Mon, 14 Oct 2024 19:57:21 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c00::94 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cache-control
private, max-age=900
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 03:17:35 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
16746
date
Fri, 18 Oct 2024 03:17:35 GMT
x-xss-protection
0
content-type
text/javascript
vary
Accept-Encoding
server
sffe
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 55D5
40 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f154.1e100.net
Software
sffe /
Resource Hash
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
695
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 04:06:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 03:06:00 GMT
last-modified
Thu, 11 Apr 2024 19:10:13 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges
bytes
content-length
13943
x-xss-protection
0
server
sffe
0b2901b4-e634-4dae-8956-1327c913ef3f
https://www.naturecaptions.com/ Frame
0
0

95b40d46-5348-4e59-af84-20e6438e791b
https://www.naturecaptions.com/ Frame
0
0

ba7dc1fb-257b-4cbe-8b5f-9b6eae999ce3
https://www.naturecaptions.com/ Frame
0
0

playlist.m3u8
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/
171 B
850 B
XHR
General
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/playlist.m3u8
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/8.10.0/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-894 /
Resource Hash
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
gzip
cdn-fileserver
354
date
Fri, 18 Oct 2024 03:17:35 GMT
cdn-storageserver
NY-430
last-modified
Fri, 09 Dec 2022 05:44:02 GMT
content-type
application/vnd.apple.mpegurl
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
206
cdn-cachedat
09/03/2024 08:23:49
cache-control
public, max-age=30
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
048c8d9150c405255530d813cc22fd5c
cdn-pullzone
829957
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
1067
server
BunnyCDN-IL1-894
cdn-requestcountrycode
CA
tech-min.jpg
cdn.unibotscdn.com/ubplayer/thumbnails/
64 KB
64 KB
Image
General
Full URL
https://cdn.unibotscdn.com/ubplayer/thumbnails/tech-min.jpg
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/8.10.0/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::941:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-941 /
Resource Hash
ed60b1c798422f0dbc569ade7ff13d06bc0cb17120cebf86e69742f2df78954f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.naturecaptions.com
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver
515
date
Fri, 18 Oct 2024 03:17:35 GMT
cdn-storageserver
SG-560
content-type
image/jpeg
last-modified
Wed, 31 May 2023 09:07:39 GMT
cdn-cachedat
10/06/2024 01:22:55
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
206
cache-control
public, max-age=3600
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
de645dbba5336aa7b3b1100111d6e9f7
cdn-pullzone
873945
cdn-proxyver
1.04
accept-ranges
bytes
access-control-allow-origin
*
content-length
65221
cdn-edgestorageid
871
server
BunnyCDN-IL1-941
cdn-requestcountrycode
CA
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-7R5B678L79&gtm=45je4ah0v9195443060za200zb9195446892&_p=1729221453815&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=101686685~101823848&cid=136849250.1729221454&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729221455&sct=1&seg=0&dl=https%3A%2F%2Fwww.naturecaptions.com%2F&dt=Nature%20Captions&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2943
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7R5B678L79&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.naturecaptions.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 03:17:35 GMT
content-type
text/plain
server
Golfe2
clarity.js
www.clarity.ms/s/0.7.48/
64 KB
27 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.48/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/o612gms0jg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
36b4b4c6757a5d380d22a491759f8a72f54b16791387c3826e69d2546208d4f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

x-azure-ref
20241018T031735Z-17bf56bcc4bbnvmfdd6x1nd1kc00000004x000000000c16f
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCEEDAF33D8C6F"
x-fd-int-roxy-purgeid
51562430
x-ms-request-id
5f0b8f56-301e-003f-04e2-20e678000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 18 Oct 2024 03:17:35 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 17 Oct 2024 18:38:53 GMT
cornerbig.swf
fundingchoicesmessages.google.com/f/AGSKWxWnx36wj-tXy9qvbd-0tGlH3Jy3Oo1v11BGe4wh_K1dkeqxGq2U7aU44941BYCeGi0kIwaWks2NzHd56rS2ukaSfkSjfxO03FS5qNbZVhLBN01ShAVwIhJF3QoiBP6YA0ZhjkJWwgVyQ7zZNV_fBKwbLPXcA...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWnx36wj-tXy9qvbd-0tGlH3Jy3Oo1v11BGe4wh_K1dkeqxGq2U7aU44941BYCeGi0kIwaWks2NzHd56rS2ukaSfkSjfxO03FS5qNbZVhLBN01ShAVwIhJF3QoiBP6YA0ZhjkJWwgVyQ7zZNV_fBKwbLPXcAUMSMSQ-yF-gMLxuQ7jJn628NiRz4l7q/_/rotation/banner/ad300s._adsetup_/900x130_/cornerbig.swf
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxUPD0xmZnYVZPX03o5ddtfCFBSgg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f113.1e100.net
Software
ESF /
Resource Hash
da611f546f30b554ff4a8353f33ee48beced08076f5ec858d3c12f7310f1af66
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZQNVWag8jrztcxO4ZS06TA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 03:17:35 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII0JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XCcX3Z8B5vAh5Y365iUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDE31DMzjCwwAUdlKyg"
content-security-policy
script-src 'report-sample' 'nonce-ZQNVWag8jrztcxO4ZS06TA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
lidar.js
pagead2.googlesyndication.com/pagead/js/
243 KB
76 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxUPD0xmZnYVZPX03o5ddtfCFBSgg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f154.1e100.net
Software
cafe /
Resource Hash
e267aae381fb53cc12f08c4a3e159362833dbb06dde256946c014916e040c3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

content-encoding
br
etag
9884473526552927528
age
1809
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 03:47:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 18 Oct 2024 02:47:26 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
77589
x-xss-protection
0
server
cafe
AGSKWxX-B-oYAhTcXU_1C5WBVkXOfaxwZ5mlEBQeEjcJSf8jFrEVYYA81BzZQBtgXpY5Q2X3-yk10ESV-RghAoQGotLnTX3wr9MSaeOTlkfEHK2V70d5Q6lw94xPe3w-Dg73fNMiIzR7-Q==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX-B-oYAhTcXU_1C5WBVkXOfaxwZ5mlEBQeEjcJSf8jFrEVYYA81BzZQBtgXpY5Q2X3-yk10ESV-RghAoQGotLnTX3wr9MSaeOTlkfEHK2V70d5Q6lw94xPe3w-Dg73fNMiIzR7-Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fBVI1JSPpVYBXABi8K3lSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.naturecaptions.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 03:17:35 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH4_yy4zvYBG7caHnCpOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MzfQMzOILDAD40y_P"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fBVI1JSPpVYBXABi8K3lSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.naturecaptions.com
content-length
0
x-xss-protection
0
server
ESF
video.m3u8
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/
4 KB
1 KB
XHR
General
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video.m3u8
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/8.10.0/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-894 /
Resource Hash
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
gzip
cdn-fileserver
268
date
Fri, 18 Oct 2024 03:17:35 GMT
cdn-storageserver
NY-427
last-modified
Fri, 09 Dec 2022 05:43:14 GMT
content-type
application/vnd.apple.mpegurl
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
206
cdn-cachedat
09/26/2024 12:22:33
cache-control
public, max-age=30
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
8452dd69ce58d8df271da46fa7fa7843
cdn-pullzone
829957
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
1067
server
BunnyCDN-IL1-894
cdn-requestcountrycode
CA
AGSKWxX-B-oYAhTcXU_1C5WBVkXOfaxwZ5mlEBQeEjcJSf8jFrEVYYA81BzZQBtgXpY5Q2X3-yk10ESV-RghAoQGotLnTX3wr9MSaeOTlkfEHK2V70d5Q6lw94xPe3w-Dg73fNMiIzR7-Q==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX-B-oYAhTcXU_1C5WBVkXOfaxwZ5mlEBQeEjcJSf8jFrEVYYA81BzZQBtgXpY5Q2X3-yk10ESV-RghAoQGotLnTX3wr9MSaeOTlkfEHK2V70d5Q6lw94xPe3w-Dg73fNMiIzR7-Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EBXOogxu7WgfKLQYBdTECg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.naturecaptions.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 03:17:35 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1pBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH4_yy4zvYBHZcW_KEScklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmukZmMUXGAAA-Wcv0A"
content-security-policy
script-src 'report-sample' 'nonce-EBXOogxu7WgfKLQYBdTECg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.naturecaptions.com
content-length
0
x-xss-protection
0
server
ESF
collect
k.clarity.ms/
0
286 B
XHR
General
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.48/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.naturecaptions.com/

Response headers

Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin
https://www.naturecaptions.com
Date
Fri, 18 Oct 2024 03:17:35 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
video0.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/
337 KB
338 KB
XHR
General
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video0.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/8.10.0/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-894 /
Resource Hash
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver
427
date
Fri, 18 Oct 2024 03:17:35 GMT
cdn-storageserver
NY-346
content-type
video/mp2t
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
cdn-cachedat
08/17/2024 00:27:42
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
206
cache-control
public, max-age=43200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
42b338b9e566dd3325f86d3ab2c87ec3
cdn-pullzone
829957
cdn-proxyver
1.04
accept-ranges
bytes
access-control-allow-origin
*
content-length
345356
cdn-edgestorageid
894
server
BunnyCDN-IL1-894
cdn-requestcountrycode
CA
AGSKWxX-B-oYAhTcXU_1C5WBVkXOfaxwZ5mlEBQeEjcJSf8jFrEVYYA81BzZQBtgXpY5Q2X3-yk10ESV-RghAoQGotLnTX3wr9MSaeOTlkfEHK2V70d5Q6lw94xPe3w-Dg73fNMiIzR7-Q==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX-B-oYAhTcXU_1C5WBVkXOfaxwZ5mlEBQeEjcJSf8jFrEVYYA81BzZQBtgXpY5Q2X3-yk10ESV-RghAoQGotLnTX3wr9MSaeOTlkfEHK2V70d5Q6lw94xPe3w-Dg73fNMiIzR7-Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1egsGHn6EWsrbSjQAl3spg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.naturecaptions.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 03:17:35 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw15BicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH4_yy4zvYBDq-fXrCpOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MzfQMzOILDAAJBDAK"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1egsGHn6EWsrbSjQAl3spg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.naturecaptions.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxX-B-oYAhTcXU_1C5WBVkXOfaxwZ5mlEBQeEjcJSf8jFrEVYYA81BzZQBtgXpY5Q2X3-yk10ESV-RghAoQGotLnTX3wr9MSaeOTlkfEHK2V70d5Q6lw94xPe3w-Dg73fNMiIzR7-Q==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX-B-oYAhTcXU_1C5WBVkXOfaxwZ5mlEBQeEjcJSf8jFrEVYYA81BzZQBtgXpY5Q2X3-yk10ESV-RghAoQGotLnTX3wr9MSaeOTlkfEHK2V70d5Q6lw94xPe3w-Dg73fNMiIzR7-Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cE34R_C1eqO_JpcL8MVdzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.naturecaptions.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 03:17:35 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII0JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH4_yy4zvYBD7smviBScklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmukZmMUXGAAAAhMv6g"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cE34R_C1eqO_JpcL8MVdzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.naturecaptions.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXxX6N-LuOba_7KmeQS_riqRS78xWVUJqVxURA1KypZb5H27uyvDemBV6zcWLgUiu4r2oTeXU_3ylGKY7RKnhtteNsA4rbUKMOL2ZR0mNelFV1pftD7z1JfOAM3_JaL6v3gvpmlPA==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXxX6N-LuOba_7KmeQS_riqRS78xWVUJqVxURA1KypZb5H27uyvDemBV6zcWLgUiu4r2oTeXU_3ylGKY7RKnhtteNsA4rbUKMOL2ZR0mNelFV1pftD7z1JfOAM3_JaL6v3gvpmlPA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MjIxNDU1LDcxNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cubmF0dXJlY2FwdGlvbnMuY29tLyIsbnVsbCxbWzgsIlR5MGhlTWZ6WDNzIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f113.1e100.net
Software
ESF /
Resource Hash
d6d5bdb2770eb308f31b0d6b623a0f7c16354d5f3cd3a2dfe381e7283a5e2d97
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-YCav3sZoqMVbV2uxmdZpSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 03:17:35 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII1JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XCcX3Z8B5tAR-v9l0xKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGhqZ6BubxBQYAR3ZKkg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-YCav3sZoqMVbV2uxmdZpSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxWSM31fPHH92Q3FMVol48Goil2uuAesE0JFfZvmURE9QK9kro8G03iUl0FecIvYdOLg28Si9wLnKosrNzDrJKdEPlpC30SVMLDK8QnFiyMhsDvYeVkoyMMnKBK4NToRm5KY6qI6zg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWSM31fPHH92Q3FMVol48Goil2uuAesE0JFfZvmURE9QK9kro8G03iUl0FecIvYdOLg28Si9wLnKosrNzDrJKdEPlpC30SVMLDK8QnFiyMhsDvYeVkoyMMnKBK4NToRm5KY6qI6zg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tE7GErwmrbW8CjTqpF8CeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.naturecaptions.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 03:17:35 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII0JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH4_yy4zvYBG5cP9HKrOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MzfQMzOILDAD1PC-8"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tE7GErwmrbW8CjTqpF8CeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.naturecaptions.com
content-length
0
x-xss-protection
0
server
ESF
sodar
pagead2.googlesyndication.com/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202410140101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f154.1e100.net
Software
cafe /
Resource Hash
061d6de4eee25bc1316b2a528846942e4bf5d169c8cbaf0bfcbb2ee0c9f994fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12890
date
Fri, 18 Oct 2024 03:17:35 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=83EA7002E0344434B7FB6747F194DE84&RedC=c.clarity.ms&MXFR=17DDACD5BC6B6FAA34C5B9C9B86B6199
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=83EA7002E0344434B7FB6747F194DE84&MUID=0EB871AE2DCC60A82D2064B22CF761A7
42 B
443 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=83EA7002E0344434B7FB6747F194DE84&MUID=0EB871AE2DCC60A82D2064B22CF761A7
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"8d3dafd6e71fdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Fri, 18 Oct 2024 03:17:35 GMT
content-type
image/gif
last-modified
Wed, 16 Oct 2024 16:24:13 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=83EA7002E0344434B7FB6747F194DE84&MUID=0EB871AE2DCC60A82D2064B22CF761A7
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 32852A6627F44D36920A2D9C797BF832 Ref B: YMQ01EDGE0811 Ref C: 2024-10-18T03:17:36Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Fri, 18 Oct 2024 03:17:36 GMT
x-powered-by
ASP.NET
favicon.ico
www.naturecaptions.com/files/images/ideas/
17 KB
1 KB
Other
General
Full URL
https://www.naturecaptions.com/files/images/ideas/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:761 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4105baac3e20135eb0187c3f410b073fcd8a4d5cd791a6c3019a3474cff1b29c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"65edb0ab-423e"
age
3080
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2Bj1x%2BGpxgOFA4A5h%2FryuC%2BF3T2dGX8TxILwQIt5jI67LUqn4Z4WATJqVGpkDiP4bSalpRxt6tmllTTTEtgkbACBxEDBL32iZ2wBjU%2B0%2FmO%2Fbn%2FSdnLjXq1knMZHMNnYzy5sfaxg%2B4LkGoE4HJWvQejIqIo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d456052cbb06e0b-YUL
date
Fri, 18 Oct 2024 03:17:35 GMT
content-type
image/x-icon
last-modified
Sun, 10 Mar 2024 13:07:55 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
www.naturecaptions.com/files/images/ideas/
17 KB
0
Other
General
Full URL
https://www.naturecaptions.com/files/images/ideas/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:761 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4105baac3e20135eb0187c3f410b073fcd8a4d5cd791a6c3019a3474cff1b29c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"65edb0ab-423e"
age
3080
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2Bj1x%2BGpxgOFA4A5h%2FryuC%2BF3T2dGX8TxILwQIt5jI67LUqn4Z4WATJqVGpkDiP4bSalpRxt6tmllTTTEtgkbACBxEDBL32iZ2wBjU%2B0%2FmO%2Fbn%2FSdnLjXq1knMZHMNnYzy5sfaxg%2B4LkGoE4HJWvQejIqIo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d456052cbb06e0b-YUL
date
Fri, 18 Oct 2024 03:17:35 GMT
content-type
image/x-icon
last-modified
Sun, 10 Mar 2024 13:07:55 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
www.naturecaptions.com/files/images/ideas/
17 KB
0
Other
General
Full URL
https://www.naturecaptions.com/files/images/ideas/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:761 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4105baac3e20135eb0187c3f410b073fcd8a4d5cd791a6c3019a3474cff1b29c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"65edb0ab-423e"
age
3080
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2Bj1x%2BGpxgOFA4A5h%2FryuC%2BF3T2dGX8TxILwQIt5jI67LUqn4Z4WATJqVGpkDiP4bSalpRxt6tmllTTTEtgkbACBxEDBL32iZ2wBjU%2B0%2FmO%2Fbn%2FSdnLjXq1knMZHMNnYzy5sfaxg%2B4LkGoE4HJWvQejIqIo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d456052cbb06e0b-YUL
date
Fri, 18 Oct 2024 03:17:35 GMT
content-type
image/x-icon
last-modified
Sun, 10 Mar 2024 13:07:55 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
www.naturecaptions.com/files/images/ideas/
17 KB
0
Other
General
Full URL
https://www.naturecaptions.com/files/images/ideas/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:761 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4105baac3e20135eb0187c3f410b073fcd8a4d5cd791a6c3019a3474cff1b29c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"65edb0ab-423e"
age
3080
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2Bj1x%2BGpxgOFA4A5h%2FryuC%2BF3T2dGX8TxILwQIt5jI67LUqn4Z4WATJqVGpkDiP4bSalpRxt6tmllTTTEtgkbACBxEDBL32iZ2wBjU%2B0%2FmO%2Fbn%2FSdnLjXq1knMZHMNnYzy5sfaxg%2B4LkGoE4HJWvQejIqIo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d456052cbb06e0b-YUL
date
Fri, 18 Oct 2024 03:17:35 GMT
content-type
image/x-icon
last-modified
Sun, 10 Mar 2024 13:07:55 GMT
vary
Accept-Encoding
server
cloudflare
sodar2.js
tpc.googlesyndication.com/sodar/
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 03:17:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 03:17:36 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 437B
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.naturecaptions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
10
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 03:17:26 GMT
expires
Fri, 18 Oct 2024 04:07:26 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 902A
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f103.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9x97l2WCzbdIcnpUIkio4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.naturecaptions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-9x97l2WCzbdIcnpUIkio4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 03:17:36 GMT
expires
Fri, 18 Oct 2024 03:17:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
video1.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/
318 KB
318 KB
XHR
General
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video1.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/8.10.0/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-894 /
Resource Hash
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver
354
date
Fri, 18 Oct 2024 03:17:36 GMT
cdn-storageserver
NY-267
content-type
video/mp2t
last-modified
Fri, 09 Dec 2022 05:43:15 GMT
cdn-cachedat
10/12/2024 22:06:40
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
206
cache-control
public, max-age=43200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
a957544a312ab54228169644629c3593
cdn-pullzone
829957
cdn-proxyver
1.04
accept-ranges
bytes
access-control-allow-origin
*
content-length
325240
cdn-edgestorageid
845
server
BunnyCDN-IL1-894
cdn-requestcountrycode
CA
video2.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/
391 KB
392 KB
XHR
General
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video2.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/8.10.0/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-894 /
Resource Hash
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver
353
date
Fri, 18 Oct 2024 03:17:36 GMT
cdn-storageserver
NY-427
content-type
video/mp2t
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
cdn-cachedat
10/31/2023 18:59:57
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
206
cache-control
public, max-age=43200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
e2af9999fefa616bfedfa556d81739be
cdn-pullzone
829957
cdn-proxyver
1.04
accept-ranges
bytes
access-control-allow-origin
*
content-length
400064
cdn-edgestorageid
1068
server
BunnyCDN-IL1-894
cdn-requestcountrycode
CA
video3.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/
320 KB
321 KB
XHR
General
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video3.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/8.10.0/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-894 /
Resource Hash
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver
427
date
Fri, 18 Oct 2024 03:17:36 GMT
cdn-storageserver
NY-346
content-type
video/mp2t
last-modified
Fri, 09 Dec 2022 05:43:15 GMT
cdn-cachedat
09/25/2024 19:59:54
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
206
cache-control
public, max-age=43200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
bcac82f2f5578da27bd0e356d9d22bb4
cdn-pullzone
829957
cdn-proxyver
1.04
accept-ranges
bytes
access-control-allow-origin
*
content-length
327308
cdn-edgestorageid
1068
server
BunnyCDN-IL1-894
cdn-requestcountrycode
CA
collect
k.clarity.ms/
0
286 B
XHR
General
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.48/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.naturecaptions.com/

Response headers

Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin
https://www.naturecaptions.com
Date
Fri, 18 Oct 2024 03:17:36 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
video4.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/
333 KB
334 KB
XHR
General
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video4.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/8.10.0/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-894 /
Resource Hash
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver
268
date
Fri, 18 Oct 2024 03:17:36 GMT
cdn-storageserver
NY-346
content-type
video/mp2t
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
cdn-cachedat
10/31/2023 18:51:57
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
206
cache-control
public, max-age=43200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
0357be744eb45b316f077e65c9f121d1
cdn-pullzone
829957
cdn-proxyver
1.04
accept-ranges
bytes
access-control-allow-origin
*
content-length
341032
cdn-edgestorageid
845
server
BunnyCDN-IL1-894
cdn-requestcountrycode
CA
video5.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/
349 KB
350 KB
XHR
General
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video5.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/8.10.0/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-894 /
Resource Hash
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver
427
date
Fri, 18 Oct 2024 03:17:36 GMT
cdn-storageserver
NY-346
content-type
video/mp2t
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
cdn-cachedat
09/26/2024 11:36:28
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
206
cache-control
public, max-age=43200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
44f60005855b05438662334b4a4f3acc
cdn-pullzone
829957
cdn-proxyver
1.04
accept-ranges
bytes
access-control-allow-origin
*
content-length
357576
cdn-edgestorageid
941
server
BunnyCDN-IL1-894
cdn-requestcountrycode
CA
video6.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/
366 KB
367 KB
XHR
General
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video6.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/8.10.0/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-894 /
Resource Hash
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver
427
date
Fri, 18 Oct 2024 03:17:36 GMT
cdn-storageserver
NY-427
content-type
video/mp2t
last-modified
Fri, 09 Dec 2022 05:43:15 GMT
cdn-cachedat
10/03/2024 21:50:04
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
206
cache-control
public, max-age=43200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
10b3f19ec6c86fc36d500d6991773469
cdn-pullzone
829957
cdn-proxyver
1.04
accept-ranges
bytes
access-control-allow-origin
*
content-length
374496
cdn-edgestorageid
871
server
BunnyCDN-IL1-894
cdn-requestcountrycode
CA
sodar
pagead2.googlesyndication.com/pagead/
0
0

video7.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/
374 KB
375 KB
XHR
General
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video7.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/8.10.0/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-894 /
Resource Hash
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver
353
date
Fri, 18 Oct 2024 03:17:37 GMT
cdn-storageserver
NY-346
content-type
video/mp2t
last-modified
Fri, 09 Dec 2022 05:43:15 GMT
cdn-cachedat
09/29/2024 00:43:16
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
206
cache-control
public, max-age=43200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
ad38526f05ab22f91ebbd698c066752e
cdn-pullzone
829957
cdn-proxyver
1.04
accept-ranges
bytes
access-control-allow-origin
*
content-length
382956
cdn-edgestorageid
940
server
BunnyCDN-IL1-894
cdn-requestcountrycode
CA
video8.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/
330 KB
331 KB
XHR
General
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video8.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/8.10.0/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-894 /
Resource Hash
4566667750e0f69a6e00802b4c1e70eeb7f673be8f98ffff189a652c4dbad2fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver
426
date
Fri, 18 Oct 2024 03:17:37 GMT
cdn-storageserver
NY-353
content-type
video/mp2t
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
cdn-cachedat
08/28/2024 05:00:35
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
206
cache-control
public, max-age=43200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
92ce85117cf7ad80acb7149471098e0d
cdn-pullzone
829957
cdn-proxyver
1.04
accept-ranges
bytes
access-control-allow-origin
*
content-length
338212
cdn-edgestorageid
718
server
BunnyCDN-IL1-894
cdn-requestcountrycode
CA
collect
k.clarity.ms/
0
286 B
XHR
General
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.48/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.naturecaptions.com/

Response headers

Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin
https://www.naturecaptions.com
Date
Fri, 18 Oct 2024 03:17:38 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
video9.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/
339 KB
340 KB
XHR
General
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video9.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/8.10.0/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-894 /
Resource Hash
7aa95df1ffc63e213d6db88e7dcc4b7eff7cad0a0687ddedebbbfa4ef7be8952

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.naturecaptions.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver
426
date
Fri, 18 Oct 2024 03:17:39 GMT
cdn-storageserver
NY-267
content-type
video/mp2t
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
cdn-cachedat
10/31/2023 18:49:09
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
206
cache-control
public, max-age=43200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestid
c71e732586970373e4c75b58e52e4b92
cdn-pullzone
829957
cdn-proxyver
1.04
accept-ranges
bytes
access-control-allow-origin
*
content-length
347236
cdn-edgestorageid
718
server
BunnyCDN-IL1-894
cdn-requestcountrycode
CA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.naturecaptions.com
URL
blob:https://www.naturecaptions.com/0b2901b4-e634-4dae-8956-1327c913ef3f
Domain
www.naturecaptions.com
URL
blob:https://www.naturecaptions.com/95b40d46-5348-4e59-af84-20e6438e791b
Domain
www.naturecaptions.com
URL
blob:https://www.naturecaptions.com/ba7dc1fb-257b-4cbe-8b5f-9b6eae999ce3
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202410140101&jk=2221548414081545&bg=!o6CloO_NAAaUWUsktFk7ADQBe5WfOH_iiJmnYu60bkEnDFh_t7TlhH6EqzXGMZLkMd7Et0xVkhTfg3x2lslkfK3QHr7hAgAAAFJSAAAABWgBB34ANul_MbTIecZxI7dHvxUBQV_R6J-xxizZTA24Syzfu2BmhBNNu9B_Xw6n0xvdQ-wZvaosm0WzrgoAfKmT4rM2W8o7A-FAElX8n6K3s6vHQO43g7x5-RMowHbdNcebsvQM15wVnayZazvSVB_0K24hV4uQ_vHmJnbi07BCtYqqIgIi0RW9uvTWm1Bc02ChCftRLBtjRsdTUsNFxZBCrZ0FjFMfcBnMd8uZwG37nD6bnHkNlxS1BUuZAqApPNmsa3_-mQj6fMgxzIH6k5GIztP3FezwxFnnvqD5rfontLrCo47aYc9QT1snQqsuv9PlITM9fjFqyEPaCakLSJ81LKpfi2fjDW_yrvyTdGN1aBlKnukF7aQGz7ZVk8IoeLRs-aCwqLMQ--qKsisZxthWNEo2QRis-1TEZaYLiLQby7FlIXmcg0gkTjxZKzyqCnfhdQnn5q0CXtj4Izz3LogVpUOnHtdLSUhA0uivlGY_d7uLUBkK25622pJPiubCIO3cE3L-VZJn32IShbkz-YgejEzRqav0Yy5nas_DFCV9K2nvXg1-aU5jldCeXoX6CHEHJ7fKgRpaO5AMxabQe44WbrG2bqLmShNEZvzoUohg6A4Q5MZOXcEgub_EtTId_rEKlX1jyf69zUy9_VRwFRU0tErOenO2h1QBV1h9kFXcalgDlu2zp1JMiFgq3RWdw_oBoxAQRkl7ox8OM3B5isPi0-bHyT3VNpW9rGxF43t7t7pTV4S10uMdOsWGAycD46d0NiW11XZOfmDFymejqi4-aQDPV4CvzUlfD05H0ymg08ZyTnY8mzQaKT7cM5WSTXaUbp-TwGughdnXSCTNcgXVZF1wF3BuS5YADYuM17AuYtJloRZWDW8xbY1AIkVP-EC5bIYZmrkD4rpGcjMYCk8iUdXnGnBHy3zJYlHjkFsNI9G3uxqotBoLZL9lUuEPtq963kI_fgiKSYAy9hme4ly6z0UtYbdUWpYmBiZ3drs-uVtfvAAdwm5CeTYeFbv2khjr8Ur0FDZDe_HIzyyhDUaABzO8n7A4jhbc6LoyDUJTpZfz7bKNXbyKT_AgFvMSoMoiSm8tdnFA2pJlPk9aWuOYVAcw49HrIT07Ktip0782hRyRYZMXLNFGDrIvIpc

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| $ function| jQuery object| unibots object| unibotshb object| _hmt object| responsiqhb function| runCMDHB function| ubHB function| startFuncHB function| setGeoCode function| loadDynamicScripts object| regeneratorRuntime object| mvPlayer function| reactSiteCheck string| clientActualDomain string| clientDomain boolean| playerRun string| previousUrl function| runCMD function| unibotsLog function| insertRequriredJsToDom function| checkBlocked function| getGeoInfo function| fetchJsonData function| fetchJsonData_new function| scritpTestLevel function| switchScript function| runOutstreamPlyer function| processExcludeIncludedClientsData function| unibotsPlayer function| initMVPlayer function| startFunc function| movedivtotargetLocation function| checkPlDivs object| cd object| dataLayer function| gtag function| initFunctionHB object| geoData function| checkFrameandInitStartFun function| processData object| google_tag_manager object| google_tag_data object| gaGlobal object| ubpbjsChunk object| ubpbjs object| _ubpbjsGlobals string| nobidVersion object| nobid object| googletag object| ggeac object| google_js_reporting_queue object| ub_excludeCategory object| ub_excludeHomepage object| ub_includeCategory object| ub_includeHomepage object| ub_categoryExcludeChecked object| ub_categoryIncludeChecked string| key object| google_reactive_ads_global_state object| defaultKv function| io object| adArray function| loadStyles function| initFunction function| runPlayer function| shouldPlayerRun object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| Njc2NzVlMjIzNWZkZjg2OGxvYWRlcl9qcw== string| Njc2NzVlMjIzNWZkZjg2OGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_tag_topics_state number| google_unique_id boolean| _bdhm_loaded_e5e377ae8ee4f612dbba993fb11f25b6 object| __id5_finalization_registry object| ox_esp object| pbjs object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_159 object| Criteo object| Criteo_identitytag_159 object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| __uid2SecureSignalProvider object| __uid2 object| vttjs function| WebVTT function| videojs function| videojsPlaylist object| $jscomp object| canAutoplay function| videojsIma function| videojsContribAds function| isValidVideo string| myPlayerGabywa object| oldScript object| attr function| clarity object| closure_lm_870106 object| closure_lm_651857 boolean| 4e45a386-d3f1-45f4-bfe7-ef699ab1623e number| __google_lidar_ function| __google_lidar_radf_ object| GoogleGcLKhOms function| prepareAdRequest object| vastSplit object| google_image_requests

29 Cookies

Domain/Path Name / Value
www.naturecaptions.com/ Name: PHPSESSID
Value: v944ri71nbd9gtal19bqcqg2p7
.www.naturecaptions.com/ Name: lrgarden_lang
Value: en
www.naturecaptions.com/ Name: protocol_country_code
Value: CA
.naturecaptions.com/ Name: _ga_MMPZX2GT12
Value: GS1.1.1729221454.1.0.1729221454.0.0.0
.naturecaptions.com/ Name: _ga
Value: GA1.1.136849250.1729221454
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 7888424A68938538
.naturecaptions.com/ Name: Hm_lvt_e5e377ae8ee4f612dbba993fb11f25b6
Value: 1729221455
.naturecaptions.com/ Name: Hm_lpvt_e5e377ae8ee4f612dbba993fb11f25b6
Value: 1729221455
.naturecaptions.com/ Name: HMACCOUNT
Value: 7888424A68938538
.criteo.com/ Name: uid
Value: f6c2f8c2-8e6e-42ef-83d1-79548273279e
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.naturecaptions.com/ Name: cto_bundle
Value: Ls2L3V9HSmZFckx1WnpXbUwzd21ZdXBpbE9tekpDOGYwUEx4YWw5UVNrOThoNiUyRmZJemRIJTJGQlBUak5xZTVYY3BNenVWZVE1MlowUlZSUFJMbzNmNE11VFV1bHYyaWJoSjRBQWloZzVIQ2F4NlI2dlFFTHhlOUlvendsVTJkU1laekpmU1hHcmpDMDElMkZrNTZ4SEhBSTZlejhCMGFCd250d016ZExBS1BnakRqVVBod28lM0Q
.id5-sync.com/ Name: id5
Value: 4814c7d8-76c9-7010-8963-c321cdf9f04b#1729221454718#2
.naturecaptions.com/ Name: __gads
Value: ID=1381ffec3d4b904b:T=1729221454:RT=1729221454:S=ALNI_MZOPaRm5m1Kv_Z_BRisw7S93HLOyw
.naturecaptions.com/ Name: __gpi
Value: UID=00000f2b5fdd0e5f:T=1729221454:RT=1729221454:S=ALNI_Mb7gojXGCt6snBdDpkryzcsf7-XAg
.naturecaptions.com/ Name: __eoi
Value: ID=3c0440d7d3983bf3:T=1729221454:RT=1729221454:S=AA-AfjYSvVro5dZRX7rO-1uoeptr
.naturecaptions.com/ Name: _ga_7R5B678L79
Value: GS1.1.1729221455.1.0.1729221455.0.0.0
www.clarity.ms/ Name: CLID
Value: 8449a7f4f3424b69803aba863ae69ce8.20241018.20251018
.naturecaptions.com/ Name: _clck
Value: 1qhm57y%7C2%7Cfq4%7C0%7C1752
.naturecaptions.com/ Name: FCNEC
Value: %5B%5B%22AKsRol9l7umsOArtEBSFRYEGQX3dN6AVxYoXgVjsWL3YYXN_XajcXvPw69VDstChul_h_5SWeVhergkxi_hE1NT9bi9zTtlAlpPORLnXltLhGGB28jCxnitstXjmgeG3lsApQdGf4t4AwSP2_ExisY-WXm551RFjOA%3D%3D%22%5D%5D
.naturecaptions.com/ Name: _clsk
Value: ayo5fn%7C1729221455908%7C1%7C1%7Ck.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 0EB871AE2DCC60A82D2064B22CF761A7
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 0EB871AE2DCC60A82D2064B22CF761A7
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0EB871AE2DCC60A82D2064B22CF761A7
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUnlrZJb1MxxjV28fF-hO0wp27Hw47--_UpBTsMMF9nbVaotvqAMPD5hld7AhBc

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5b597851d729d09037d2d8b6516d324f.safeframe.googlesyndication.com
c.bing.com
c.clarity.ms
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.socket.io
cdn.unibots.in
cdn.unibotscdn.com
cdnjs.cloudflare.com
fundingchoicesmessages.google.com
gimg.yx247.com
gum.criteo.com
hm.baidu.com
id5-sync.com
imasdk.googleapis.com
k.clarity.ms
lb.eu-1-id5-sync.com
oa.openxcdn.net
pagead2.googlesyndication.com
playerapi.b-cdn.net
pro.ip-api.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
stream.unibotscdn.com
tpc.googlesyndication.com
unibots.b-cdn.net
vjs.zencdn.net
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.naturecaptions.com
pagead2.googlesyndication.com
www.naturecaptions.com
162.19.138.118
172.175.38.6
173.194.175.155
173.194.175.156
173.194.68.103
183.240.98.228
20.110.205.119
208.95.112.2
209.85.201.113
209.85.201.154
2400:52e0:1a00::1069:1
2400:52e0:1a00::718:1
2400:52e0:1a00::894:1
2400:52e0:1a00::941:1
2600:9000:2043:9800:a:e047:754:afe1
2606:4700:10::6816:3556
2606:4700:10::ac43:2bb0
2606:4700:20::681a:761
2606:4700::6811:180e
2607:f8b0:400d:c00::94
2607:f8b0:400d:c01::84
2607:f8b0:400d:c03::61
2607:f8b0:400d:c03::8b
2607:f8b0:400d:c09::5f
2607:f8b0:400d:c09::64
2607:f8b0:400d:c0d::84
2620:100:a00b::12
2620:100:a00b::4
2620:1ec:bdf::40
2620:1ec:c11::237
2a04:4e42:200::485
2a04:4e42:400::729
3.162.103.64
34.102.146.192
016e288491a21b26e08af68daed5da701a2ae9bc8d7713fbf76e11870019e106
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
061d6de4eee25bc1316b2a528846942e4bf5d169c8cbaf0bfcbb2ee0c9f994fb
0957d68a4f0298bad4d37b150b48cbb022f62ac9b660df7056dd6194f69e4dc0
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024
1a3cba3a57e7b6bd578bfd37c841b6fa2e2b0f332e83b86848e1183d2a6b5e70
20a782f938606dfd7ba9aa008221a2136c48cbe0345476eec6eeee45c944e235
2700c69458511762f8bdd51c6ac3f01e048994ab9ff65ef9b094e7bce30e367a
29ce531591bb191ea0f69f31ddd2f09631de8ddece5e76d33628efc22d009ff2
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5
36b4b4c6757a5d380d22a491759f8a72f54b16791387c3826e69d2546208d4f4
377e5f2d7c79bb81577fad2c51fb4e45be1b92d31d059e08da00b7fdef61187d
3a282f19c0680096900409e869270446e9512b14bf7127e6eae73fa0f11e1071
3dc08ba0926a27201a08b086e65c71b0bdd7da1bb1b2ba4e65b08fce0675886c
4105baac3e20135eb0187c3f410b073fcd8a4d5cd791a6c3019a3474cff1b29c
429c09ef872b45d80fa51a8ed156e581ed31fd094c179e4d6dd1d3f1bf18f20b
42bac0fe5518d41c72ff1c0a2b8ffdf5dd58ead5cf725de43a07f1f1b11e3f32
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd
4566667750e0f69a6e00802b4c1e70eeb7f673be8f98ffff189a652c4dbad2fc
4735c4e647a5fbf02419108212b4a35c4462430a862cc3d30577eb2e6eb7d9d9
49dd50369fd4ca5dbdf086ee36fef1df4d1c3186b41b7a9c9ff33a07a21862b7
4ec02a3e3f4255648f8bf783799c47629c4060725d8be25eaed7a27bbebea887
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
562d37e07410df9cfb46c2408a669a8f67bbcaf9ec201b49f793a5a893465621
56da8c229bc6cb6156a0a3eb4a87bc2ddd0016a27225cdf39c8399ae390e4eec
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b
66b40bdf6e1c0849db5379eaa81418452ace082f4dcc002c0f6b8f663e3a747b
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde
6b350278900adf143c1325bb2287a0946bf75c623ad41025b0903f63f993f0a6
6b6bdb341440c662d46a4fe200f47772ede3040d2ce52ecfcab8f017f4fa2738
6c378960545b5264679aba05d2277578fcc45d47c642b544c7c4b5f6add020b0
6e41ab8387a55b89f067cd405b86bcf78a8c4d8ef07bb4fe0f7e3eac2c417a4c
745816f08b428caef13ef272379496f04f8e3d6727562404b0db74c755ca1569
755634f30bba153f4db6f2680e87d930386ca5bc09a8da8c4c10e1a4e9881d81
75eaff1b0db3d278028ca29165d0e696ab4fe9d0ecf694b1ee84623c1f9a2d73
77c7d7e876f32d48da13e1071a662f2dc4de7fb626919e3130bcb25b255a4887
7aa95df1ffc63e213d6db88e7dcc4b7eff7cad0a0687ddedebbbfa4ef7be8952
7bce591c64fa77d087fc8822356887f46d19650fe5ff30112f48c1c8f5413971
7ec2b29096b119e0d33066f109b86bd25438f02717af7003af528941f932b8b2
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
8a114725ea768b5c7ec4245d865daf3ee81a0341ce40d0a76d2ecdf5b634f502
8d55c95249c5a1d2647a2e20523c92efa8ea5b0446b2d6cd07ac88573c62f143
8f9635b2f06eeb1599c6c2028366aae6ef5815c3f62a73ac594fd432ea5236d3
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d
94c49175acef1de393bbaf693f7eb11b0e964de82194af9713e3e696ba532f28
982a7906f47251bd67679711f4ab13eb5c8afe9b0f5f1ec61970d14c9265e93c
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a2086a2f0c85f8dfebfcb345e940036ac9f0df204757aa450cea5c2581f840c9
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
ab5ff8c06e076b6e5293abba892095446248aa4a83a60e73cbdda9842f739a5a
ac4b34114e7d551859bc3d3bed82eef9b915d3b84d490592febaf24b8957a633
ad2d77b2cd7915291574050a8dc0cbadaf09f260ff6467fba39a3018fcf382c0
ae33c40aa889646f2c2b3383d8be2cb2a29f4c84e27cc856536bf576dcd82f33
b496f7e8a2b68df851e26639b2f7e1890837b8e9fa5c708e355df39b870a34b1
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766
c4c1a9ec5d0205eef5ce26dc81689e83882d32aead392258c07a29332a234b90
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879
cba5221543932f28168669a09cf4d00c8bbaf408b9e38e904caa3f9760f1e312
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1721b3c2d61f2ebb5888e3306c0b76d98c1301f2f0e1f35128cc636cdff1832
d2d7d79997129f8b8b18c91d24a0262e204f168951878425fe3100c517f03517
d40ed650c401cf6f01da6396053aada03b2ea59003ab1198a61765314c59962d
d6d5bdb2770eb308f31b0d6b623a0f7c16354d5f3cd3a2dfe381e7283a5e2d97
d8b3728382b845361033501fe23647be51a0565ecbd1eecf8a6fe447061cbbc9
da611f546f30b554ff4a8353f33ee48beced08076f5ec858d3c12f7310f1af66
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f
e267aae381fb53cc12f08c4a3e159362833dbb06dde256946c014916e040c3ba
e39455ed43f16f415b6ec773b3cd467d7fdd83255bd9d92fbf3d981201e99fa3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e475fbbe82e258fb7fe2010ea797ad1a66d88091aeb435efe1cb1a3f177a66d5
e6319442692dd4fc73547a3c23c0cf533ccffff8e14f9a6743bb3ebddb499313
e695ae6914d5fd0659923eefbdf985481172bbcc320155513bfc750a690de730
e79abd320a6d0cf9a73dcc9ceaeea24da80f265f904e0faf894bb778248818b5
ed60b1c798422f0dbc569ade7ff13d06bc0cb17120cebf86e69742f2df78954f
eded1498ff4cb5d806f045bb3f877c154f9b4154ee473a3f87ee2a68971a43f5
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
f408deedaaa8000776b1e95c0088ebadfb04579740d030e6730e91aa88f022c5
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9
fd0b0fe6fea75eb6267b4a924b6312dcdcd14430378ac8ec29995a3c82cf59f2
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99