Submitted URL: https://nationwideinvestigation.com/
Effective URL: https://www.nationwideinvestigation.com/
Submission: On May 31 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 28 HTTP transactions. The main IP is 34.253.101.190, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.nationwideinvestigation.com.
TLS certificate: Issued by R3 on May 31st 2023. Valid for: 3 months.
This is the only time www.nationwideinvestigation.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 75.2.70.75 16509 (AMAZON-02)
1 34.253.101.190 16509 (AMAZON-02)
12 108.138.36.62 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.222.232.39 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
28 7
Apex Domain
Subdomains
Transfer
12 webflow.com
uploads-ssl.webflow.com — Cisco Umbrella Rank: 10823
413 KB
9 gstatic.com
fonts.gstatic.com
383 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 320
fonts.googleapis.com — Cisco Umbrella Rank: 35
8 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 199
107 KB
2 nationwideinvestigation.com
nationwideinvestigation.com
www.nationwideinvestigation.com
10 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
30 KB
28 6
Domain Requested by
12 uploads-ssl.webflow.com www.nationwideinvestigation.com
uploads-ssl.webflow.com
9 fonts.gstatic.com fonts.googleapis.com
2 cdnjs.cloudflare.com www.nationwideinvestigation.com
2 fonts.googleapis.com www.nationwideinvestigation.com
ajax.googleapis.com
1 d3e54v103j8qbb.cloudfront.net www.nationwideinvestigation.com
1 ajax.googleapis.com www.nationwideinvestigation.com
1 www.nationwideinvestigation.com
1 nationwideinvestigation.com 1 redirects
28 8

This site contains links to these domains. Also see Links.

Domain
wearedeadpixel.com
Subject Issuer Validity Valid
www.nationwideinvestigation.com
R3
2023-05-31 -
2023-08-29
3 months crt.sh
uploads-ssl.webflow.com
Amazon RSA 2048 M01
2023-02-22 -
2023-09-26
7 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.nationwideinvestigation.com/
Frame ID: 4F0E635173BBC0024654A096A129E564
Requests: 28 HTTP requests in this frame

Screenshot

Page Title

Nationwide Investigation Agency

Page URL History Show full URLs

  1. https://nationwideinvestigation.com/ HTTP 301
    https://www.nationwideinvestigation.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • three(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

951 kB
Transfer

1612 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nationwideinvestigation.com/ HTTP 301
    https://www.nationwideinvestigation.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.nationwideinvestigation.com/
Redirect Chain
  • https://nationwideinvestigation.com/
  • https://www.nationwideinvestigation.com/
37 KB
10 KB
Document
General
Full URL
https://www.nationwideinvestigation.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.253.101.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-101-190.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f9ac8a262b7eba782e69a4a8d0daa80b17296d95296f7c5b0adcb471ce076f69

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
content-encoding
gzip
content-length
10208
content-type
text/html
date
Wed, 31 May 2023 14:54:02 GMT
vary
Accept-Encoding,x-wf-forwarded-proto
x-cache
MISS, HIT
x-cache-hits
0, 1
x-cluster-name
eu-west-1-prod-edge-blue
x-served-by
cache-iad-kcgs7200091-IAD, cache-dub4336-DUB
x-timer
S1685544843.912878,VS0,VE0

Redirect headers

content-length
166
content-type
text/html
date
Wed, 31 May 2023 14:54:02 GMT
location
https://www.nationwideinvestigation.com/
dp-nia.webflow.cd6853e40.min.css
uploads-ssl.webflow.com/64235655593f2010acee28df/css/
60 KB
14 KB
Stylesheet
General
Full URL
https://uploads-ssl.webflow.com/64235655593f2010acee28df/css/dp-nia.webflow.cd6853e40.min.css
Requested by
Host: www.nationwideinvestigation.com
URL: https://www.nationwideinvestigation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-62.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ff2559c8e36149d99489f2d939664f30cfa190ded6c127ef0fc62c8ee95aa6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nationwideinvestigation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:54:01 GMT
content-encoding
gzip
via
1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-version-id
i1J2wBYJmp2XFGlq0I0VGcNI7Pu0Armk
age
3
x-amz-cf-pop
MUC50-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
13494
last-modified
Wed, 31 May 2023 14:50:57 GMT
server
AmazonS3
etag
"716b59751141edac8966b4e740882d3a"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
6FsFVme3uaY3hrDWY46f0HO5zIN65oI7lj9GeMvHiWJkUrt7rouEGw==
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/
13 KB
6 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: www.nationwideinvestigation.com
URL: https://www.nationwideinvestigation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nationwideinvestigation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 16:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 May 2024 16:04:13 GMT
css2
fonts.googleapis.com/
696 B
873 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,400,0,0
Requested by
Host: www.nationwideinvestigation.com
URL: https://www.nationwideinvestigation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1cb33f8a129178f92672bac301ea2494f3395f7bba8d5380fc787c92f77b9fda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nationwideinvestigation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 May 2023 14:54:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 May 2023 14:54:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 May 2023 14:54:03 GMT
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/
2 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.min.js
Requested by
Host: www.nationwideinvestigation.com
URL: https://www.nationwideinvestigation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nationwideinvestigation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:54:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
13612023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
701
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-653"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQYV%2F9ez4UC3t9OXQhjtY3LaMuX5CAK2mdsb8f2gdoZx28n7sU%2Bp07Lv6nyw8a%2BLCuL3LlWy7uZl8XdCo6fdWOCCAXJ6nWfStKEZh1hRJCEO6e6GsJmdV6osKeQIx%2BC4%2FC2B53pvKW%2F2eR8MrYI8H4EO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d000cc4bfc903e0-FRA
expires
Mon, 20 May 2024 14:54:03 GMT
three.min.js
cdnjs.cloudflare.com/ajax/libs/three.js/88/
508 KB
106 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/three.js/88/three.min.js
Requested by
Host: www.nationwideinvestigation.com
URL: https://www.nationwideinvestigation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9f866e3cd6e63d735e76a8658856013b29bcda0a3e568c28b704622965e7f61
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nationwideinvestigation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:54:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6234873
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
107657
last-modified
Mon, 04 May 2020 16:17:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffc-7f0c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BDblYOSvhzP2urf0LDKSqEHM%2BPysxtk%2FvBeW5ZFmnhQKZGa5Zpkw3jEw4vvNuHBnjF0lvTCoQcmhKlF5a0deLkyHtZjHWw%2BfbkZuUdFyCdE4oS3ZGf2DHR0UV098C6E2%2BGkvb0Sl2lpUEWyF0YwXDwa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d000cc4bfce03e0-FRA
expires
Mon, 20 May 2024 14:54:03 GMT
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/
87 KB
30 KB
Script
General
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64235655593f2010acee28df
Requested by
Host: www.nationwideinvestigation.com
URL: https://www.nationwideinvestigation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-39.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://www.nationwideinvestigation.com/
Origin
https://www.nationwideinvestigation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 22:35:06 GMT
content-encoding
br
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
age
58741
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
DNQNO9NRZ7KqNgsC_BW7X1A3ITe5_86ieYbA4okLtfEn28MjD7DNVQ==
webflow.91550cfe3.js
uploads-ssl.webflow.com/64235655593f2010acee28df/js/
178 KB
64 KB
Script
General
Full URL
https://uploads-ssl.webflow.com/64235655593f2010acee28df/js/webflow.91550cfe3.js
Requested by
Host: www.nationwideinvestigation.com
URL: https://www.nationwideinvestigation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-62.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b1c96bb7a692cb16b1fea75da922b7226914b8f44cd881bd9ab69b188d8a95a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nationwideinvestigation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:54:01 GMT
content-encoding
gzip
via
1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-version-id
nuPkWqrRMS17hhFSHChQE1tEzxtvTIN8
age
3
x-amz-cf-pop
MUC50-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
64805
last-modified
Wed, 31 May 2023 14:50:57 GMT
server
AmazonS3
etag
"36854520ee2e329b87822d61a1de825b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
3eUmDkVaP3mNBhN9uI2Ba0FooZjx-JFlNdXcITRqXjHeT7yfOay9Ww==
css
fonts.googleapis.com/
14 KB
928 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Merriweather:300,300italic,400,400italic,700,700italic,900,900italic
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c8d84e5f7331df6880e01edcbfa87d40477161eed961e4f84558129ecfcb1b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nationwideinvestigation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 May 2023 14:54:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 May 2023 14:54:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 May 2023 14:54:03 GMT
6425478f07707d1e760991c5_nia-logo.png
uploads-ssl.webflow.com/64235655593f2010acee28df/
8 KB
8 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/64235655593f2010acee28df/6425478f07707d1e760991c5_nia-logo.png
Requested by
Host: www.nationwideinvestigation.com
URL: https://www.nationwideinvestigation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-62.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edcae4f3b1717a41dc6940cd8cceb2e4a08bd5a3e48b0060fc79e2e3d68bad93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nationwideinvestigation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:54:02 GMT
x-amz-version-id
qvycw23IrsSXf.PFHNIzNsw8U9xF2cI6
via
1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
age
2
x-amz-cf-pop
MUC50-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
7787
last-modified
Thu, 30 Mar 2023 08:25:52 GMT
server
AmazonS3
etag
"29dead3dbd6ad589aa0ce28482f4ea1b"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
S5DihFZgUMSJnoFJilM8TRGD18AkY9tH5GqQm3bnXX2rU3TJ1e1tVg==
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/
19 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300italic,400,400italic,700,700italic,900,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nationwideinvestigation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 15:10:30 GMT
x-content-type-options
nosniff
age
344613
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 May 2024 15:10:30 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300italic,400,400italic,700,700italic,900,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nationwideinvestigation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:52:15 GMT
x-content-type-options
nosniff
age
46908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 May 2024 01:52:15 GMT
64253e55943fc8cd02dd059e_nia-learn-more-lines.png
uploads-ssl.webflow.com/64235655593f2010acee28df/
6 KB
6 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/64235655593f2010acee28df/64253e55943fc8cd02dd059e_nia-learn-more-lines.png
Requested by
Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/64235655593f2010acee28df/css/dp-nia.webflow.cd6853e40.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-62.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b24c6b0ea68077937631a1928d35de26875ee8a7ac73fad4e0c8fd49500bd07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uploads-ssl.webflow.com/64235655593f2010acee28df/css/dp-nia.webflow.cd6853e40.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:54:02 GMT
x-amz-version-id
vo1VTxV_OHZ5N5UIQFG2_SYyoKgGLBlQ
via
1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
age
2
x-amz-cf-pop
MUC50-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
5786
last-modified
Thu, 30 Mar 2023 07:46:31 GMT
server
AmazonS3
etag
"743c6728328a5bdcb7d8a422a6e0c6ad"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
wij7Dnl4CmPboXBgjI_WdQVtShTvB5As34HShJHzjq4GFF9PrGNa7g==
kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1n-q_4MrImHCIJIZrDCvHOej.woff2
fonts.gstatic.com/s/materialsymbolsoutlined/v114/
227 KB
227 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialsymbolsoutlined/v114/kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1n-q_4MrImHCIJIZrDCvHOej.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,400,0,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e59a8624b358a52dd48e489b7f671ad0dfcadc7cf38b01378b51b3bc29b94338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nationwideinvestigation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 07:31:33 GMT
x-content-type-options
nosniff
age
112950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
232636
x-xss-protection
0
last-modified
Mon, 22 May 2023 22:45:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 May 2024 07:31:33 GMT
64254188a0534b5cf5366b47_nia-surveillance-services.jpg
uploads-ssl.webflow.com/64235655593f2010acee28df/
75 KB
75 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/64235655593f2010acee28df/64254188a0534b5cf5366b47_nia-surveillance-services.jpg
Requested by
Host: www.nationwideinvestigation.com
URL: https://www.nationwideinvestigation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-62.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f549e36ec72a61549ca45e65f7181a2ac7801722151a327b31d59dc47b10d036

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nationwideinvestigation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:54:02 GMT
x-amz-version-id
k6pYrDcHbVE5H_P_jopBvslnvwPLbKYn
via
1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
age
2
x-amz-cf-pop
MUC50-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
76720
last-modified
Thu, 30 Mar 2023 08:00:10 GMT
server
AmazonS3
etag
"9dd8e297ca729c32ba6affa6ba993b51"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
B3SxhGiDTfSJ5WixY_Er3U7PHJhdmx_0xsezGf4BqdJiXwOaVnYFig==
64353e323e27f618146d16a2_thomas-lefebvre-gp8BLyaTaA0-unsplash-p-500.jpg
uploads-ssl.webflow.com/64235655593f2010acee28df/
13 KB
14 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/64235655593f2010acee28df/64353e323e27f618146d16a2_thomas-lefebvre-gp8BLyaTaA0-unsplash-p-500.jpg
Requested by
Host: www.nationwideinvestigation.com
URL: https://www.nationwideinvestigation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-62.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e75c4a6364975c5811a525d195dce0734256ffa61de6d69f09b341b1e7bcd7d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nationwideinvestigation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:54:02 GMT
x-amz-version-id
I3yDt8fCLIdMW0.4N_T5I6pVOeZ7fcWX
via
1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
age
2
x-amz-cf-pop
MUC50-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
13567
last-modified
Tue, 11 Apr 2023 11:02:12 GMT
server
AmazonS3
etag
"d5feddf094e1c8ab049d930120c413c6"
content-type
image/jpg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
2rxfYYQLyYWqt8xIa5XfjTZ54E4BeJc6mIH396oDP_5ZksazkS0asg==
64353ef7f1e50615e6b207bd_agence-olloweb-d9ILr-dbEdg-unsplash-p-500.jpg
uploads-ssl.webflow.com/64235655593f2010acee28df/
19 KB
19 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/64235655593f2010acee28df/64353ef7f1e50615e6b207bd_agence-olloweb-d9ILr-dbEdg-unsplash-p-500.jpg
Requested by
Host: www.nationwideinvestigation.com
URL: https://www.nationwideinvestigation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-62.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
300d4757fa45723f643aedd68a7d69ac16414edd720ed84698db045f35a6be06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nationwideinvestigation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:54:02 GMT
x-amz-version-id
KKtjg4wXHkpnFbqUc.ZjnDAcR.PZfB3_
via
1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
age
2
x-amz-cf-pop
MUC50-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
19307
last-modified
Tue, 11 Apr 2023 11:05:29 GMT
server
AmazonS3
etag
"b80fcb1621b27456d7f98775bf8cbb08"
content-type
image/jpg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
s5NPai_VSh_kJXHYmkYeuq8M2BkEj-50aY1lAU_NLO-AqXw4yxaZeA==
64354057ccb1e560f502e007_getty-images-8gzxhU80lAI-unsplash-p-500.jpg
uploads-ssl.webflow.com/64235655593f2010acee28df/
31 KB
31 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/64235655593f2010acee28df/64354057ccb1e560f502e007_getty-images-8gzxhU80lAI-unsplash-p-500.jpg
Requested by
Host: www.nationwideinvestigation.com
URL: https://www.nationwideinvestigation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-62.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56b6aba732ee326db85bb25bb9b5124574c5c944dc02a73e59a578b0a4ad9c99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nationwideinvestigation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:54:02 GMT
x-amz-version-id
7uZlxipnn3lZuiCYkFnWHtahNpDfDpVA
via
1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
age
2
x-amz-cf-pop
MUC50-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31422
last-modified
Tue, 11 Apr 2023 11:11:22 GMT
server
AmazonS3
etag
"f3605f2c6552d29d82755c1151302fa2"
content-type
image/jpg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
NhlkYEXZ_d00gaY8_b9B7hrRn8SpndpqqBQ1NAoRNJebjTfdYLinfg==
643540990476b92f3531fb53_volodymyr-hryshchenko-ZT9gjcJog6U-unsplash-p-500.jpg
uploads-ssl.webflow.com/64235655593f2010acee28df/
31 KB
31 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/64235655593f2010acee28df/643540990476b92f3531fb53_volodymyr-hryshchenko-ZT9gjcJog6U-unsplash-p-500.jpg
Requested by
Host: www.nationwideinvestigation.com
URL: https://www.nationwideinvestigation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-62.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
26f675d6ecd7c81024757b936f8bff35c038d5e19c76b02fdd0cf08475ee27eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nationwideinvestigation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:54:02 GMT
x-amz-version-id
Gvf_QO2Gqtqf7jhwgg2XIX2uJbcMQ7vI
via
1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
age
2
x-amz-cf-pop
MUC50-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31676
last-modified
Tue, 11 Apr 2023 11:12:27 GMT
server
AmazonS3
etag
"841c411a099911c7eabd592fc8769f74"
content-type
image/jpg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
7yo8WTkMQr3Dn-UcOfgTcmGU0qXpE9xDPzxMqeY5t-EFqZEumx3OBg==
643541db7de4e081c29e9bef_andriyko-podilnyk-GFXRH3uN6SE-unsplash-p-500.jpg
uploads-ssl.webflow.com/64235655593f2010acee28df/
17 KB
17 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/64235655593f2010acee28df/643541db7de4e081c29e9bef_andriyko-podilnyk-GFXRH3uN6SE-unsplash-p-500.jpg
Requested by
Host: www.nationwideinvestigation.com
URL: https://www.nationwideinvestigation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-62.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9ff5db2242e98604881a13c95ee2841edef4435fb23009483f13a3974577a1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nationwideinvestigation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:54:02 GMT
x-amz-version-id
VgClZUXBBtppxiwt4pPcECOQ9RPtgBWA
via
1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
age
2
x-amz-cf-pop
MUC50-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
17305
last-modified
Tue, 11 Apr 2023 11:17:49 GMT
server
AmazonS3
etag
"5959a40ead345ab2f2c31bd95c222cd0"
content-type
image/jpg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
iQjjI_zvpEpyy_Fs8xnYMc5OOnu9Gk0WdMLWHOl326UgeZEhzpC0vw==
643548c9a93f5523d9f57b07_image000000-p-800.jpg
uploads-ssl.webflow.com/64235655593f2010acee28df/
130 KB
130 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/64235655593f2010acee28df/643548c9a93f5523d9f57b07_image000000-p-800.jpg
Requested by
Host: www.nationwideinvestigation.com
URL: https://www.nationwideinvestigation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-62.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98d0dbd1cb0135468043397248e9f6ca2ae9c26708483ee9f08fdc5ee6b65294

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nationwideinvestigation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:54:02 GMT
x-amz-version-id
vCSd1zSgq3NC823sUYSSa1kZWs5qwQER
via
1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
age
2
x-amz-cf-pop
MUC50-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
132989
last-modified
Tue, 11 Apr 2023 11:47:23 GMT
server
AmazonS3
etag
"a5bd793afa9a2751cb81bc5ad1c865c8"
content-type
image/jpg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
yKcz2hU2jw_tPQSQ-qX-BwZztxQEF78NkGzMeOBMzWqEb1hw5_o_FA==
643016d949388828d9d60f85_headshot-lines.png
uploads-ssl.webflow.com/64235655593f2010acee28df/
2 KB
2 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/64235655593f2010acee28df/643016d949388828d9d60f85_headshot-lines.png
Requested by
Host: www.nationwideinvestigation.com
URL: https://www.nationwideinvestigation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-62.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
739571992b058ba92e806f7936dd33ce2c8dbf4cf005f3d220d2c9a37f6adbc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nationwideinvestigation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:54:02 GMT
x-amz-version-id
5BmsjA5HBWYtKsT7KiK6Qjj1XbtZcKkh
via
1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
age
2
x-amz-cf-pop
MUC50-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1970
last-modified
Fri, 07 Apr 2023 13:12:58 GMT
server
AmazonS3
etag
"20cfb97ebcd596f1a4a761b7b7eb7923"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
xJxCj7q80Z4dM1XBz7hhB90bLfQaacF0-1tyChYtJTTSKbsOLgmdaQ==
u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300italic,400,400italic,700,700italic,900,900italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nationwideinvestigation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 14:59:12 GMT
x-content-type-options
nosniff
age
345291
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19752
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:46:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 May 2024 14:59:12 GMT
u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300italic,400,400italic,700,700italic,900,900italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nationwideinvestigation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 21:40:27 GMT
x-content-type-options
nosniff
age
62016
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19720
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:47:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 May 2024 21:40:27 GMT
u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v30/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300italic,400,400italic,700,700italic,900,900italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nationwideinvestigation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:20:53 GMT
x-content-type-options
nosniff
age
415990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19780
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 May 2024 19:20:53 GMT
u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300italic,400,400italic,700,700italic,900,900italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nationwideinvestigation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 16:39:09 GMT
x-content-type-options
nosniff
age
339294
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19900
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:46:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 May 2024 16:39:09 GMT
u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300italic,400,400italic,700,700italic,900,900italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nationwideinvestigation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:27:19 GMT
x-content-type-options
nosniff
age
329204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19816
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:08:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 May 2024 19:27:19 GMT
u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300italic,400,400italic,700,700italic,900,900italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0418dffa2bed9a6300fed9d918f688e7f195b08f4c6f016a07f62ae48fe9609e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nationwideinvestigation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 23:42:48 GMT
x-content-type-options
nosniff
age
313875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19844
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 May 2024 23:42:48 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| WebFont function| Cookies object| THREE object| camera object| scene object| renderer object| geometry object| material object| muesum function| updateCameraProjection function| init function| onWindowResize function| animate function| $ function| jQuery function| tram object| Webflow

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
nationwideinvestigation.com
uploads-ssl.webflow.com
www.nationwideinvestigation.com
108.138.36.62
2606:4700::6811:180e
2a00:1450:4001:800::200a
2a00:1450:4001:806::2003
2a00:1450:4001:812::200a
34.253.101.190
52.222.232.39
75.2.70.75
0418dffa2bed9a6300fed9d918f688e7f195b08f4c6f016a07f62ae48fe9609e
1cb33f8a129178f92672bac301ea2494f3395f7bba8d5380fc787c92f77b9fda
26f675d6ecd7c81024757b936f8bff35c038d5e19c76b02fdd0cf08475ee27eb
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
300d4757fa45723f643aedd68a7d69ac16414edd720ed84698db045f35a6be06
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
4ff2559c8e36149d99489f2d939664f30cfa190ded6c127ef0fc62c8ee95aa6d
56b6aba732ee326db85bb25bb9b5124574c5c944dc02a73e59a578b0a4ad9c99
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
6b24c6b0ea68077937631a1928d35de26875ee8a7ac73fad4e0c8fd49500bd07
739571992b058ba92e806f7936dd33ce2c8dbf4cf005f3d220d2c9a37f6adbc0
75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8c8d84e5f7331df6880e01edcbfa87d40477161eed961e4f84558129ecfcb1b7
98d0dbd1cb0135468043397248e9f6ca2ae9c26708483ee9f08fdc5ee6b65294
9b1c96bb7a692cb16b1fea75da922b7226914b8f44cd881bd9ab69b188d8a95a
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
e59a8624b358a52dd48e489b7f671ad0dfcadc7cf38b01378b51b3bc29b94338
e75c4a6364975c5811a525d195dce0734256ffa61de6d69f09b341b1e7bcd7d9
e9f866e3cd6e63d735e76a8658856013b29bcda0a3e568c28b704622965e7f61
e9ff5db2242e98604881a13c95ee2841edef4435fb23009483f13a3974577a1f
edcae4f3b1717a41dc6940cd8cceb2e4a08bd5a3e48b0060fc79e2e3d68bad93
f549e36ec72a61549ca45e65f7181a2ac7801722151a327b31d59dc47b10d036
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9ac8a262b7eba782e69a4a8d0daa80b17296d95296f7c5b0adcb471ce076f69