www.ncp.co.uk Open in urlscan Pro
2606:4700:10::6814:947 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Effective URL:
https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Submission: On January 06 via api (January 6th 2020, 11:47:01 am UTC) from BE

Summary HTTP 107 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 33 domains to perform 107 HTTP transactions. The main IP is 2606:4700:10::6814:947, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.ncp.co.uk.
TLS certificate: Issued by GeoTrust RSA CA 2018 on March 28th 2019. Valid for: 2 years.

This is the only time www.ncp.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	104.25.94.5 104.25.94.5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 37	2606:4700:10:... 2606:4700:10::6814:947	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	134.213.127.80 134.213.127.80	15395 (RACKSPACE...) (RACKSPACE-LON)
5	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 5	23.210.248.216 23.210.248.216	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 2	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	216.58.205.230 216.58.205.230	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.84.181 147.75.84.181	54825 (PACKET) (PACKET - Packet Host)
1	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	91.228.74.219 91.228.74.219	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
9	99.80.83.176 99.80.83.176	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.225.78.117 13.225.78.117	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:215... 2600:9000:2156:ea00:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.85.119 147.75.85.119	54825 (PACKET) (PACKET - Packet Host)
16 19	3.248.28.111 3.248.28.111	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:20e... 2600:9000:20eb:e200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	147.75.32.75 147.75.32.75	54825 (PACKET) (PACKET - Packet Host)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	13.225.84.59 13.225.84.59	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	151.101.112.233 151.101.112.233	54113 (FASTLY) (FASTLY - Fastly)
1 4	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY - Fastly)
2 2	35.157.249.39 35.157.249.39	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	18.185.225.206 18.185.225.206	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	69.173.144.136 69.173.144.136	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1 1	2a00:1288:110... 2a00:1288:110:c305::9000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	35.158.208.192 35.158.208.192	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	52.29.126.123 52.29.126.123	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	185.33.223.100 185.33.223.100	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	35.190.72.21 35.190.72.21	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.194.21.100 54.194.21.100	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.215.111.116 52.215.111.116	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	143.204.98.68 143.204.98.68	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
107	39

2 104.25.94.5 (United States) 2 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ncp.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2606:4700:10::6814:947 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.ncp.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 134.213.127.80 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)

ncpgw.whoson.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.210.248.216 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-216.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.34 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.205.230 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f230.1e100.net

8464069.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.181 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.219 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 99.80.83.176 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-99-80-83-176.eu-west-1.compute.amazonaws.com

app.yieldify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.117 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-117.fra2.r.cloudfront.net

uwxkugei.micpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:ea00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.119 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-2

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 3.248.28.111 (Dublin, Ireland) 16 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:e200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.32.75 (Amsterdam, Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-1

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.59 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-84-59.fra2.r.cloudfront.net

d33wq5gej88ld6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.112.233 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

td.yieldify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
custom.yieldify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.14.2 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY - Fastly, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.249.39 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-249-39.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.225.206 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-225-206.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.164 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.136 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::9000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.208.192 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-158-208-192.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.126.123 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-126-123.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.100 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 21.72.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.21.100 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-194-21-100.eu-west-1.compute.amazonaws.com

dc.yieldify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.111.116 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-215-111-116.eu-west-1.compute.amazonaws.com

geo.yieldify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.68 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-68.fra50.r.cloudfront.net

dwmvwp56lzq5t.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	ncp.co.uk 3 redirects ncp.co.uk www.ncp.co.uk	810 KB
23	adroll.com 16 redirects s.adroll.com d.adroll.com	28 KB
13	yieldify.com app.yieldify.com td.yieldify.com custom.yieldify.com dc.yieldify.com geo.yieldify.com	108 KB
5	doubleclick.net 3 redirects 8464069.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	3 KB
5	googleapis.com maps.googleapis.com ajax.googleapis.com	152 KB
5	whoson.com ncpgw.whoson.com	9 KB
4	facebook.com www.facebook.com	751 B
3	yahoo.com 2 redirects ups.analytics.yahoo.com ads.yahoo.com	2 KB
3	facebook.net connect.facebook.net	256 KB
3	taboola.com cdn.taboola.com trc.taboola.com	14 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	72 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	openx.net 1 redirects us-u.openx.net	480 B
2	bidswitch.net 1 redirects x.bidswitch.net	906 B
2	3lift.com 1 redirects eb2.3lift.com	694 B
2	outbrain.com 1 redirects sync.outbrain.com	721 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	785 B
2	cloudfront.net d33wq5gej88ld6.cloudfront.net dwmvwp56lzq5t.cloudfront.net	88 KB
2	google.de www.google.de	219 B
2	google.com 1 redirects www.google.com	312 B
2	bing.com bat.bing.com	8 KB
1	rlcdn.com idsync.rlcdn.com	62 B
1	adnxs.com ib.adnxs.com	875 B
1	pubmatic.com simage2.pubmatic.com	986 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	quantcount.com rules.quantcount.com	2 KB
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	136 B
1	dwin1.com www.dwin1.com	6 KB
1	micpn.com uwxkugei.micpn.com	14 KB
1	quantserve.com secure.quantserve.com	6 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
107	33

	Domain	Requested by
37	www.ncp.co.uk	1 redirects www.ncp.co.uk ajax.googleapis.com
18	d.adroll.com	15 redirects
9	app.yieldify.com	www.ncp.co.uk d33wq5gej88ld6.cloudfront.net
5	s.adroll.com	1 redirects www.googletagmanager.com s.adroll.com
5	ncpgw.whoson.com	www.ncp.co.uk ncpgw.whoson.com
4	www.facebook.com
4	maps.googleapis.com	www.ncp.co.uk maps.googleapis.com
3	connect.facebook.net	www.ncp.co.uk connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	us-u.openx.net	1 redirects
2	x.bidswitch.net	1 redirects
2	eb2.3lift.com	1 redirects
2	sync.outbrain.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	pixel.advertising.com	2 redirects
2	trc.taboola.com
2	www.google.de
2	www.google.com	1 redirects
2	bat.bing.com	www.ncp.co.uk
2	8464069.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	ncp.co.uk	2 redirects
1	dwmvwp56lzq5t.cloudfront.net	d33wq5gej88ld6.cloudfront.net
1	geo.yieldify.com	d33wq5gej88ld6.cloudfront.net
1	dc.yieldify.com
1	custom.yieldify.com	td.yieldify.com
1	cm.g.doubleclick.net	1 redirects
1	idsync.rlcdn.com
1	ib.adnxs.com
1	ads.yahoo.com	1 redirects
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	td.yieldify.com	app.yieldify.com
1	d33wq5gej88ld6.cloudfront.net	app.yieldify.com
1	vars.hotjar.com	static.hotjar.com
1	rules.quantcount.com	secure.quantserve.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	d.adroll.mgr.consensu.org	1 redirects
1	script.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	1 redirects
1	www.dwin1.com	www.googletagmanager.com
1	uwxkugei.micpn.com	www.ncp.co.uk
1	secure.quantserve.com	www.ncp.co.uk
1	cdn.taboola.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	www.ncp.co.uk
1	ajax.googleapis.com	www.ncp.co.uk
107	48

This site contains links to these domains. Also see Links.

Domain
ncp.whoson.com
parkpass.ncp.co.uk
parkpasscard.ncp.co.uk
seasonticket.ncp.co.uk
www.gateway.ncp.co.uk
www.ncpsolutions.co.uk
pre-book.ncp.co.uk

Subject Issuer	Validity	Valid
*.ncp.co.uk GeoTrust RSA CA 2018	`2019-03-28` - `2021-04-12`	2 years	crt.sh
*.whoson.com RapidSSL RSA CA 2018	`2018-02-27` - `2020-05-28`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2018-12-19` - `2020-03-19`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2019-12-05` - `2020-03-04`	3 months	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-30` - `2020-07-25`	a year	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-12-06` - `2020-03-05`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
*.yieldify.com Amazon	`2019-11-15` - `2020-12-15`	a year	crt.sh
*.micpn.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-18` - `2020-06-15`	a year	crt.sh
*.dwin1.com Amazon	`2020-01-01` - `2021-02-01`	a year	crt.sh
www.google.de GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2019-12-05` - `2020-03-04`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2019-11-06` - `2020-12-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2019-12-05` - `2020-03-04`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
m.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-24` - `2020-07-24`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-10-30` - `2020-04-27`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2019-04-17` - `2020-05-04`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.yieldify-production.com Amazon	`2019-04-10` - `2020-05-10`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Frame ID: 02DA38C706152C1CE320BF000C5ECF5C
Requests: 98 HTTP requests in this frame

Frame: https://8464069.fls.doubleclick.net/activityi;dc_pre=CIvGjrbz7uYCFRCVdwod09IOkQ;src=8464069;type=counter;cat=ncp0;ord=8457581416420;gtm=2wgc61;auiddc=721132311.1578311206;u1=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp;~oref=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp
Frame ID: 29ED30E335971E142351CC6B98A6FEC2
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Frame ID: 5ED21B7AF9E988F55AB76B2F9D42B201
Requests: 1 HTTP requests in this frame

Frame: https://app.yieldify.com/yieldify/campaign_overlay?campaign_id=140478&referrer=&url=https%3A//www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Frame ID: 99D774375BE6561AB92FB707E31519A8
Requests: 1 HTTP requests in this frame

Frame: https://app.yieldify.com/yieldify/campaign_overlay?campaign_id=140476&referrer=&url=https%3A//www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Frame ID: 7FA37C4A1B2431B5852A358879150A59
Requests: 1 HTTP requests in this frame

Frame: https://app.yieldify.com/yieldify/campaign_overlay?campaign_id=140425&referrer=&url=https%3A//www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Frame ID: 4C05B30DF1F01AEBE650550F4F9C1FCC
Requests: 1 HTTP requests in this frame

Frame: https://app.yieldify.com/yieldify/campaign_overlay?campaign_id=140419&referrer=&url=https%3A//www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Frame ID: DDB20F3169939CA5BF0A29E66C98182B
Requests: 1 HTTP requests in this frame

Frame: https://app.yieldify.com/yieldify/campaign_overlay?campaign_id=140421&referrer=&url=https%3A//www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Frame ID: 57FD66830CD9E461491C08645064C9F1
Requests: 1 HTTP requests in this frame

Frame: https://app.yieldify.com/yieldify/campaign_overlay?campaign_id=140423&referrer=&url=https%3A//www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Frame ID: E535716DFC72E7FC29F1D180E741FE10
Requests: 1 HTTP requests in this frame

Frame: https://app.yieldify.com/yieldify/campaign_overlay?campaign_id=134785&referrer=&url=https%3A//www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Frame ID: EFD9AA4BF2F5732DDF97873EE2279075
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp HTTP 301
https://ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp HTTP 301
http://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp HTTP 301
https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

script /\/\/maps\.googleapis\.com\/maps\/api\/js/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Page Statistics

107
Requests

100 %
HTTPS

33 %
IPv6

33
Domains

48
Subdomains

39
IPs

6
Countries

1635 kB
Transfer

4747 kB
Size

10
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://ncp.whoson.com/newchat/chat.aspx?domain=www.ncp.co.uk
Title: Online chat

Search URL Search Domain Scan URL

URL: https://parkpass.ncp.co.uk/Account/Login?ReturnUrl=%2f
Title: My app account

Search URL Search Domain Scan URL

URL: https://parkpasscard.ncp.co.uk/public/flow.htm
Title: My card account

Search URL Search Domain Scan URL

URL: https://seasonticket.ncp.co.uk/Pages/LogOn.aspx
Title: Go to my account

Search URL Search Domain Scan URL

URL: https://www.gateway.ncp.co.uk/Secure/Login.aspx
Title: Go to my account

Search URL Search Domain Scan URL

URL: https://seasonticket.ncp.co.uk/Pages/LogOn.aspx/
Title: Buy now

Search URL Search Domain Scan URL

URL: https://parkpass.ncp.co.uk/Account/Login?ReturnUrl=%2f/
Title: Register for the App

Search URL Search Domain Scan URL

URL: https://www.ncpsolutions.co.uk/
Title: NCPSolutions.co.uk

Search URL Search Domain Scan URL

URL: http://www.ncpsolutions.co.uk/

Search URL Search Domain Scan URL

URL: https://pre-book.ncp.co.uk/en/management/login
Title: Agent login

Search URL Search Domain Scan URL

URL: https://www.ncpsolutions.co.uk/our-services/commercial-partnerships/
Title: Affiliates

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp HTTP 301
https://ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp HTTP 301
http://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp HTTP 301
https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://8464069.fls.doubleclick.net/activityi;src=8464069;type=counter;cat=ncp0;ord=8457581416420;gtm=2wgc61;auiddc=721132311.1578311206;u1=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp;~oref=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp HTTP 302
https://8464069.fls.doubleclick.net/activityi;dc_pre=CIvGjrbz7uYCFRCVdwod09IOkQ;src=8464069;type=counter;cat=ncp0;ord=8457581416420;gtm=2wgc61;auiddc=721132311.1578311206;u1=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp;~oref=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp

Request Chain 56

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-5297825-2&cid=927297683.1578311206&jid=402902383&gjid=336682091&_gid=941280621.1578311206&_u=aGBAgAAL~&z=1795916237 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5297825-2&cid=927297683.1578311206&jid=402902383&_v=j79&z=1795916237 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5297825-2&cid=927297683.1578311206&jid=402902383&_v=j79&z=1795916237&slf_rd=1&random=545880399

Request Chain 59

https://s.adroll.com/j/exp/I2QN4FA4D5FLLON6B7SOOP/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 60

https://d.adroll.mgr.consensu.org/consent/iabcheck/I2QN4FA4D5FLLON6B7SOOP?_s=199f4faff5c494a423ae245e92431c4a&_b=2 HTTP 302
https://d.adroll.com/consent/check/I2QN4FA4D5FLLON6B7SOOP/?_s=199f4faff5c494a423ae245e92431c4a&_b=2

Request Chain 69

https://d.adroll.com/pixel/I2QN4FA4D5FLLON6B7SOOP/5Y2Y2LQYTRD7NIYA4MM7RE?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&pv=30038576626.068546&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp HTTP 302
https://s.adroll.com/pixel/I2QN4FA4D5FLLON6B7SOOP/5Y2Y2LQYTRD7NIYA4MM7RE/7QOFZOMZLNCLNKZHVIGNSQ.js

Request Chain 73

https://d.adroll.com/cm/aol/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP3759b279-307a-11ea-ba2e-0215b0451c90 HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP3759b279-307a-11ea-ba2e-0215b0451c90&verify=true

Request Chain 74

https://d.adroll.com/cm/index/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&expiration=1609847206 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&expiration=1609847206&C=1

Request Chain 75

https://d.adroll.com/cm/n/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&expires=365

Request Chain 76

https://d.adroll.com/cm/outbrain/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&rdrctExp=true

Request Chain 77

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 78

https://d.adroll.com/cm/r/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 79

https://d.adroll.com/cm/taboola/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP HTTP 302
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg

Request Chain 80

https://d.adroll.com/cm/triplelift/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&dongle=c85e&gdpr=1&cmp_cs=

Request Chain 81

https://d.adroll.com/fb/tr/?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&id=198801900499280&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[application_id]=321379434608647&cd[product_catalog_id]=1768135750093680 HTTP 302
https://www.facebook.com/tr/?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&id=198801900499280&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[application_id]=321379434608647&cd[product_catalog_id]=1768135750093680&cd[external_id]=n6XLM8sMOhjPumZjM6wnGA

Request Chain 82

https://d.adroll.com/cm/b/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg

Request Chain 83

https://d.adroll.com/cm/x/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg

Request Chain 84

https://d.adroll.com/cm/l/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=9fa5cb33cb0c3a18cfba666333ac2718

Request Chain 85

https://d.adroll.com/cm/o/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=9fa5cb33cb0c3a18cfba666333ac2718 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9fa5cb33cb0c3a18cfba666333ac2718

Request Chain 86

https://d.adroll.com/cm/g/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=n6XLM8sMOhjPumZjM6wnGA HTTP 302
https://d.adroll.com/cm/g/in

107 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request antisp Show response
www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/
Redirect Chain

http://ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
https://ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
http://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

96 KB
12 KB

296ms
271ms

Document
text/html

2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1270e4f60d4c9e113dcb1b2fecf2f0a519c6cc50874f8620ea33f31493172206

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.ncp.co.uk
:scheme: https
:path: /utlisant.rogarques.rallumage/Djakarta/juments/antisp
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
cookie: __cfduid=dd2e91b469811665f57ff2089512661591578311204
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 404
date: Mon, 06 Jan 2020 11:46:45 GMT
content-type: text/html
set-cookie: PHPSESSID=h861bprj0h4qp1r190vh574g80; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15768000
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 550d7407e8c0d6e1-FRA
content-encoding: gzip

Redirect headers

Date: Mon, 06 Jan 2020 11:46:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 06 Jan 2020 12:46:45 GMT
Location: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 550d7407a8aa975a-FRA

GET
H2 200 main.css
www.ncp.co.uk/css/ 339 KB
56 KB 27ms
26ms Stylesheet
text/css 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncp.co.uk/css/main.css?v=1573659319

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a63f64a95c05c0ca61d100e0edfb79f02ff1e642fd68268b449b70301401c15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4538
status: 200
strict-transport-security: max-age=15768000
content-length: 56972
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Nov 2019 15:35:19 GMT
server: cloudflare
etag: "54c0b-5973c1cb4dbc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a181dd6e1-FRA

GET
H2 200 temp.css
www.ncp.co.uk/css/ 24 KB
6 KB 32ms
31ms Stylesheet
text/css 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncp.co.uk/css/temp.css?v=1574935505

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

34356dc0cf8dc2eb62fffb99088216417af900fb7592840b4e0bd70d1b1e0f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4538
status: 200
strict-transport-security: max-age=15768000
content-length: 5591
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Nov 2019 10:05:05 GMT
server: cloudflare
etag: "6035-598653f51d640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a1821d6e1-FRA

GET
H2 200 modernizr-2.6.2-respond-1.1.0.min.js Show response
www.ncp.co.uk/js/vendor/ 16 KB
7 KB 32ms
31ms Script
application/javascript 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncp.co.uk/js/vendor/modernizr-2.6.2-respond-1.1.0.min.js

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

05ae7c503571b53dc180a7a3f51f3d33dffa72c14f44fd40287ec5cb66113f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4538
status: 200
strict-transport-security: max-age=15768000
content-length: 6605
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 23 Aug 2013 14:43:58 GMT
server: cloudflare
etag: "3f21-4e49e6fc52780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a188bd6e1-FRA

GET
H2 200 logo.png
www.ncp.co.uk/graphics/ 13 KB
13 KB 32ms
31ms Image
image/png 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/graphics/logo.png

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

27137c8d743f4d506170a5918ec60c6a427251e7cca47840707824b0df011d8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3573
status: 200
vary: Accept-Encoding
content-length: 13100
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Jan 2018 10:03:52 GMT
server: cloudflare
etag: "332c-561c837425200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a188ed6e1-FRA

GET
H/1.1 200
OK include.js Show response
ncpgw.whoson.com/ 4 KB
2 KB 124ms
30ms Script
application/javascript 134.213.127.80
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://ncpgw.whoson.com/include.js?domain=www.ncp.co.uk
Requested by: Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 134.213.127.80 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: / ARR/3.0, ASP.NET
Resource Hash: f71f8513a463753871e9718262b40ebfb98aeb07f32b6ced57ef04264ed4b682

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 06 Jan 2020 11:46:45 GMT
Content-Encoding: gzip
X-Powered-By: ARR/3.0, ASP.NET
Vary: Accept-Encoding
X-Content-Encoding-Over-Network: gzip
Content-Type: application/javascript
Cache-Control: max-age=0
Content-Length: 1996

GET
H2 200 book.png
www.ncp.co.uk/graphics/ 5 KB
5 KB 14ms
13ms Image
image/png 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/graphics/book.png

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f127cea189a3e5640a888755ead6623f87d9d6f409b666f7b1ba10a773adac8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3572
status: 200
vary: Accept-Encoding
content-length: 4944
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 20 Mar 2019 11:00:31 GMT
server: cloudflare
etag: "1350-5848487b6b1c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a6950d6e1-FRA

GET
H2 200 login-parkpass.png
www.ncp.co.uk/graphics/ 804 B
934 B 16ms
15ms Image
image/png 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/graphics/login-parkpass.png

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff2f1c5b4190039add4561e1443f4caffe7f1b0e2f00e33c874d4e012b841083

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3572
status: 200
vary: Accept-Encoding
content-length: 804
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Nov 2018 15:08:31 GMT
server: cloudflare
etag: "324-57a7912f179c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a6954d6e1-FRA

GET
H2 200 season-ticket.png
www.ncp.co.uk/graphics/ 4 KB
4 KB 17ms
16ms Image
image/png 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/graphics/season-ticket.png

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ff9cd96a9f2f11ea176a52f9666f61d2191355f63cfc11ff3ef4274b5e748d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3572
status: 200
vary: Accept-Encoding
content-length: 4338
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 20 Mar 2019 11:00:31 GMT
server: cloudflare
etag: "10f2-5848487b6b1c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a6956d6e1-FRA

GET
H2 200 gateway.png
www.ncp.co.uk/graphics/ 4 KB
4 KB 14ms
12ms Image
image/png 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/graphics/gateway.png

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0cd2ab7853df3e98f678998ec22d2934f6168d4be614c71a6d5409ec96477ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3572
status: 200
vary: Accept-Encoding
content-length: 4412
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 20 Mar 2019 11:00:31 GMT
server: cloudflare
etag: "113c-5848487b6b1c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a6958d6e1-FRA

GET
H2 200 mega_nav_menu_map_image.jpg
www.ncp.co.uk/graphics/ 32 KB
32 KB 24ms
23ms Image
image/jpeg 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/graphics/mega_nav_menu_map_image.jpg

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6841034671e188e474143fdf82849ce99dcb7a691a87c089e4f72d17ad75af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3572
status: 200
vary: Accept-Encoding
content-length: 32841
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Oct 2017 11:37:16 GMT
server: cloudflare
etag: "8049-55be4c72f7300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a695bd6e1-FRA

GET
H2 200 2093.jpg
www.ncp.co.uk/uploads/images/small/ 19 KB
19 KB 16ms
15ms Image
image/jpeg 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/uploads/images/small/2093.jpg

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc2ce0dc4385c25b7f345d0bcae055d6708b201f17e4e839b476f9340a5168ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3572
status: 200
vary: Accept-Encoding
content-length: 19313
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Sep 2019 11:27:42 GMT
server: cloudflare
etag: "4b71-592d2200c0780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a695cd6e1-FRA

GET
H2 200 2058.jpg
www.ncp.co.uk/uploads/images/small/ 19 KB
19 KB 17ms
16ms Image
image/jpeg 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/uploads/images/small/2058.jpg

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5532fa30d9a2ee065aa83faa1d25f778af6dfc9050ee915498d74aa9a56ff198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3572
status: 200
vary: Accept-Encoding
content-length: 18986
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Mar 2019 15:09:27 GMT
server: cloudflare
etag: "4a2a-584236cc317c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a695ed6e1-FRA

GET
H2 200 1588.jpg
www.ncp.co.uk/uploads/images/small/ 12 KB
13 KB 17ms
16ms Image
image/jpeg 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/uploads/images/small/1588.jpg

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b02d9cc8c7d5e00af62a765c55e72c024f554977f933a292fc48fb599880e78b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3572
status: 200
vary: Accept-Encoding
content-length: 12781
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2017 11:28:30 GMT
server: cloudflare
etag: "31ed-55e03cd8c7380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a695fd6e1-FRA

GET
H2 200 1587.jpg
www.ncp.co.uk/uploads/images/small/ 11 KB
11 KB 16ms
15ms Image
image/jpeg 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/uploads/images/small/1587.jpg

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3145be4ba174698eee08144a1da748c32a1780db1c71eeaddbbb9bbce4c67c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3572
status: 200
vary: Accept-Encoding
content-length: 10898
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2017 11:16:55 GMT
server: cloudflare
etag: "2a92-55e03a41f97c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a6961d6e1-FRA

GET
H2 200 1544.png
www.ncp.co.uk/uploads/images/originals/ 185 KB
185 KB 18ms
17ms Image
image/png 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/uploads/images/originals/1544.png

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8b0cae8865b4fb637f12ae3b6ecd4e36c237a2e3a38282c936637245c1e1daf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3572
status: 200
vary: Accept-Encoding
content-length: 189474
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 20 Oct 2017 10:38:09 GMT
server: cloudflare
etag: "2e422-55bf8119be640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a6963d6e1-FRA

GET
H2 200 national-car-parks.svg
www.ncp.co.uk/graphics/footer/ 7 KB
2 KB 20ms
19ms Image
image/svg+xml 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/graphics/footer/national-car-parks.svg

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fe7e0f40547a950bbe6f4a592be764f2d443ab95ef38c2bd155ca6c54fdd44e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3572
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Nov 2018 12:57:04 GMT
server: cloudflare
etag: W/"1aad-57ab3965d8800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/svg+xml
cache-control: max-age=3600
cf-ray: 550d740a6964d6e1-FRA

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 119 KB
38 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:819::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyB5QxukvRQRw8nR2c9QKg3jOZrsjpCaPO0

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

mafe /

Resource Hash

0d38940721122c9f6d98f439eaea461ad36a4545952b73f0b7b0256f4495d939

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
vary: Accept-Language
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=11
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 39249
x-xss-protection: 0
expires: Mon, 06 Jan 2020 12:16:45 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.1/ 91 KB
32 KB 6ms
4ms Script
text/javascript 2a00:1450:4001:819::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf150f6b29d6c9337de6c945a8f63c929b203442040688878bc2753fe13e007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 21 Nov 2019 07:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3991022
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 32984
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Nov 2020 07:09:43 GMT

GET
H2 200 jquery.geocomplete.js Show response
www.ncp.co.uk/js/ 19 KB
6 KB 14ms
12ms Script
application/javascript 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncp.co.uk/js/jquery.geocomplete.js

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

906194a2cff4c0248f38f1745cf565b6df47aa3da80d33c0ad39bbf0006f852b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2804
status: 200
strict-transport-security: max-age=15768000
content-length: 5707
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 17 Feb 2016 12:54:19 GMT
server: cloudflare
etag: "4d9e-52bf6bf8a14c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a694ad6e1-FRA

GET
H2 200 plugins.js Show response
www.ncp.co.uk/js/ 351 KB
99 KB 11ms
10ms Script
application/javascript 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncp.co.uk/js/plugins.js?v=1526556678

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c27cf1c57df2b689b41e7ac0c569b8e8057203bb29e3f98c8d2de7995c53e21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2804
status: 200
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 17 May 2018 11:31:18 GMT
server: cloudflare
etag: "57ae3-56c652c858d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 550d740a694bd6e1-FRA

GET
H2 200 main.js Show response
www.ncp.co.uk/js/ 57 KB
13 KB 14ms
13ms Script
application/javascript 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncp.co.uk/js/main.js?v=1568293822

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d741c9864efb0283f4d4bff91a0d7e2fdf21fc2731f38de2b86c84860be3f6b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2804
status: 200
strict-transport-security: max-age=15768000
content-length: 12943
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 Sep 2019 13:10:22 GMT
server: cloudflare
etag: "e266-5925adc29eb80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a694cd6e1-FRA

GET
H2 200 christmas.js Show response
www.ncp.co.uk/js/ 9 KB
3 KB 18ms
17ms Script
application/javascript 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncp.co.uk/js/christmas.js?v=1454923403

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee0f2215f62f0b0c8eb309bf407b1332a54cebddc041b35dd8770a818384a272

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2804
status: 200
strict-transport-security: max-age=15768000
content-length: 2830
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Feb 2016 09:23:23 GMT
server: cloudflare
etag: "2446-52b3ec09c78c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a694dd6e1-FRA

GET
H2 200 prebook.js Show response
www.ncp.co.uk/js/ 59 KB
11 KB 15ms
13ms Script
application/javascript 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncp.co.uk/js/prebook.js?v=1561022539

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

010b5d530d1433fd344fe3df9c7309b68e6862eb017938c8dcf4a9cad96efd14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2804
status: 200
strict-transport-security: max-age=15768000
content-length: 11148
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Jun 2019 09:22:19 GMT
server: cloudflare
etag: "ec9a-58bbde1ec68c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a694ed6e1-FRA

GET
H2 200 prebook.checkout.js Show response
www.ncp.co.uk/js/ 2 KB
929 B 17ms
15ms Script
application/javascript 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncp.co.uk/js/prebook.checkout.js?v=1457541755

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6068550d0b87d47eef5f2be3192cfbe36cea318cb1671dc5b96938606bfa4972

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2804
status: 200
strict-transport-security: max-age=15768000
content-length: 728
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Mar 2016 16:42:35 GMT
server: cloudflare
etag: "9c2-52da0628d54c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a694fd6e1-FRA

GET
H2 200 icon-set.png
www.ncp.co.uk/graphics/ 48 KB
49 KB 17ms
17ms Image
image/png 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/graphics/icon-set.png

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b80157edb477ffb8dd1ba3f016e945e6a4e6ef1aa4ce5531b20245279642f55f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/css/main.css?v=1573659319
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6869
status: 200
vary: Accept-Encoding
content-length: 49551
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Jun 2016 15:47:04 GMT
server: cloudflare
etag: "c18f-535dfd958ae00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a6968d6e1-FRA

GET
H2 200 fontawesome-webfont.woff2
www.ncp.co.uk/fonts/ 63 KB
63 KB 17ms
16ms Font
text/plain 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncp.co.uk/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.ncp.co.uk/css/main.css?v=1573659319
Origin: https://www.ncp.co.uk

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6317
status: 200
vary: Accept-Encoding
content-length: 64464
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Feb 2016 15:19:41 GMT
server: cloudflare
etag: "fbd0-52b6bf6859d40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740a6965d6e1-FRA

GET
H/1.1 200
OK invite.js Show response
ncpgw.whoson.com/ 6 KB
3 KB 28ms
28ms Script
application/javascript 134.213.127.80
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://ncpgw.whoson.com/invite.js?domain=www.ncp.co.uk
Requested by: Host: ncpgw.whoson.com
URL: https://ncpgw.whoson.com/include.js?domain=www.ncp.co.uk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 134.213.127.80 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: / ARR/3.0, ASP.NET
Resource Hash: d09f119c804529f68719fa435ad759088fa23c41881f20d4e81df67bce75d07c

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 06 Jan 2020 11:46:45 GMT
Content-Encoding: gzip
X-Powered-By: ARR/3.0, ASP.NET
Vary: Accept-Encoding
X-Content-Encoding-Over-Network: gzip
Content-Type: application/javascript
Cache-Control: max-age=0
Content-Length: 2812

GET
H/1.1 200
OK /
ncpgw.whoson.com/ 3 KB
3 KB 58ms
30ms Image
image/gif 134.213.127.80
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ncpgw.whoson.com/?u=349-1578311205578&d=www.ncp.co.uk&p=%27https%3A//www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp%27&r=%27%27
Requested by: Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 134.213.127.80 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: / ARR/3.0, ASP.NET
Resource Hash: 1aa019b48f0df152bf1ea3a2d5b0394f97c03b2f94016112d928ed772fbd5021

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 06 Jan 2020 11:46:45 GMT
Cache-Control: no-cache
X-Powered-By: ARR/3.0, ASP.NET
Content-Length: 2959
Content-Type: image/gif

GET
H2 200 leftbg.jpg
www.ncp.co.uk/graphics/footer/ 112 KB
112 KB 12ms
11ms Image
image/jpeg 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/graphics/footer/leftbg.jpg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cda0d957f9d65e4da810f313b24999a3d69447a457e1feb47e30a21550106e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6867
status: 200
vary: Accept-Encoding
content-length: 114507
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 31 Jul 2018 09:02:50 GMT
server: cloudflare
etag: "1bf4b-57247d7a96280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740b0b5dd6e1-FRA

GET
H2 200 pre-book-home.svg
www.ncp.co.uk/graphics/footer/ 1 KB
877 B 10ms
9ms Image
image/svg+xml 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/graphics/footer/pre-book-home.svg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90be89be3d4730c743b4cf9440da0c081993a30b07934fb581d5bf442e1d7f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/css/temp.css?v=1574935505
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4536
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Aug 2018 13:53:37 GMT
server: cloudflare
etag: W/"5ec-57365895cba40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/svg+xml
cache-control: max-age=3600
cf-ray: 550d740b0b5ed6e1-FRA

GET
H2 200 parkpass-home.svg
www.ncp.co.uk/graphics/footer/ 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/graphics/footer/parkpass-home.svg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

49010ec553a3e8c8020b97a6967afeac8ed2c390882bf7b6667d475dd9c4da6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/css/temp.css?v=1574935505
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4536
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Nov 2018 15:08:31 GMT
server: cloudflare
etag: W/"8a3-57a7912f179c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/svg+xml
cache-control: max-age=3600
cf-ray: 550d740b0b61d6e1-FRA

GET
H2 200 season-home.svg
www.ncp.co.uk/graphics/footer/ 1 KB
654 B 14ms
13ms Image
image/svg+xml 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/graphics/footer/season-home.svg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e69bbf1be22253983729287f2ae4bb6196ec4c4876d0d85356ddd45d2e3fd4c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/css/temp.css?v=1574935505
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4536
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Aug 2018 13:53:37 GMT
server: cloudflare
etag: W/"419-57365895cba40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/svg+xml
cache-control: max-age=3600
cf-ray: 550d740b0b63d6e1-FRA

GET
H2 200 gateway-home.svg
www.ncp.co.uk/graphics/footer/ 2 KB
891 B 12ms
12ms Image
image/svg+xml 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/graphics/footer/gateway-home.svg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bacffc1e968e719467ccd98fb160c2d5f6bb1156eec59096b116441ed673664b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/css/temp.css?v=1574935505
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4536
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Aug 2018 13:53:37 GMT
server: cloudflare
etag: W/"635-57365895cba40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/svg+xml
cache-control: max-age=3600
cf-ray: 550d740b0b66d6e1-FRA

GET
H2 200 rightbg.jpg
www.ncp.co.uk/graphics/footer/ 52 KB
52 KB 13ms
12ms Image
image/jpeg 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/graphics/footer/rightbg.jpg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c75a9c9657926b8a8ef13589951b968f706ab61bc40eb61c3726f0c2e6203bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6868
status: 200
vary: Accept-Encoding
content-length: 53429
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 31 Jul 2018 09:02:50 GMT
server: cloudflare
etag: "d0b5-57247d7a96280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740b0b6ad6e1-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 144 KB
36 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:821::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PCNM4S

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b51d4bcfcde3ea54d94d06a962443f4e0ce0d0d180fb581d9153a227fa6df76

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: br
last-modified: Mon, 06 Jan 2020 09:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 36802
x-xss-protection: 0
expires: Mon, 06 Jan 2020 11:46:45 GMT

GET
H2 200 iconmap.png
www.ncp.co.uk/graphics/tabbed/ 2 KB
2 KB 15ms
15ms Image
image/png 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/graphics/tabbed/iconmap.png

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9aea3093618b27548c057f4f6db62f89e098e065d078f5be793cdf441c1297a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/css/main.css?v=1573659319
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6867
status: 200
vary: Accept-Encoding
content-length: 1556
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 04 Nov 2016 16:49:19 GMT
server: cloudflare
etag: "614-5407c748be1c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740b2bcbd6e1-FRA

GET
H2 200 iconsearch.png
www.ncp.co.uk/graphics/tabbed/ 1 KB
1 KB 16ms
16ms Image
image/png 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/graphics/tabbed/iconsearch.png

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d041534c5d43a8e092ba6714157e669b559012d43ebc90a3adb560de42ffa76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/css/main.css?v=1573659319
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6867
status: 200
vary: Accept-Encoding
content-length: 1210
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 04 Nov 2016 16:49:19 GMT
server: cloudflare
etag: "4ba-5407c748be1c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740b2bcdd6e1-FRA

GET
H2 200 iconairport.png
www.ncp.co.uk/graphics/tabbed/ 1 KB
1 KB 17ms
17ms Image
image/png 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/graphics/tabbed/iconairport.png

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

993a01a274524dba50c7b07aef4f50dcd303f264c2f77f9392d813bb0d161dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/css/main.css?v=1573659319
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6867
status: 200
vary: Accept-Encoding
content-length: 1206
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 04 Nov 2016 16:49:19 GMT
server: cloudflare
etag: "4b6-5407c748be1c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740b2bced6e1-FRA

GET
H2 200 iconcity.png
www.ncp.co.uk/graphics/tabbed/ 1 KB
1 KB 11ms
10ms Image
image/png 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/graphics/tabbed/iconcity.png

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

587e6d7678604f110c2418b6e334ac71525d1d60ced6c08335b54b937b29bf83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/css/main.css?v=1573659319
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6867
status: 200
vary: Accept-Encoding
content-length: 1201
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 04 Nov 2016 16:49:19 GMT
server: cloudflare
etag: "4b1-5407c748be1c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740b2bcfd6e1-FRA

GET
H2 200 iconrail.png
www.ncp.co.uk/graphics/tabbed/ 1 KB
1 KB 11ms
10ms Image
image/png 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/graphics/tabbed/iconrail.png

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

324e8f04f0298c27437da5c37e207f3e229b1450a3d9aefe303a4fc29b790176

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/css/main.css?v=1573659319
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6867
status: 200
vary: Accept-Encoding
content-length: 1284
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 04 Nov 2016 16:49:19 GMT
server: cloudflare
etag: "504-5407c748be1c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740b2bd1d6e1-FRA

GET
H2 200 iconstar.jpg
www.ncp.co.uk/graphics/tabbed/ 2 KB
2 KB 11ms
11ms Image
image/jpeg 2606:4700:10::6814:947
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncp.co.uk/graphics/tabbed/iconstar.jpg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:947 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

35561b89d9158eb97d580d2350a6a52ea0128c42f309aeb291525c3a15f545ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/css/main.css?v=1573659319
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6867
status: 200
vary: Accept-Encoding
content-length: 2222
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 20 Oct 2017 14:20:31 GMT
server: cloudflare
etag: "8ae-55bfb2cdaa9c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 550d740b2bd3d6e1-FRA

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 35 KB
12 KB 77ms
26ms Script
text/javascript 23.210.248.216
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCNM4S
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 10bdeb0242f97e5483f914eb5b752df183725a366af8f0c9ba8bb645586006ff

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id: _IkEf6DskU5rqggn.I2sIuaN0nx2cwvp
Content-Encoding: gzip
x-amz-request-id: F9D0DA43F8A7D2E7
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Mon, 06 Jan 2020 11:46:45 GMT
Connection: keep-alive
Content-Length: 11267
x-amz-id-2: kYq/HvQE2in2V0OJHqAxqYPYGdFqWIY5daBAJ8M6lbP+uFyBfe2MEB4kG/n5piNS5k7o+rxgLSo=
Last-Modified: Tue, 17 Dec 2019 22:01:13 GMT
Server: AmazonS3
ETag: "94890c8a120a76710f8edb7ac61589bf"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 77ms
32ms Script
text/javascript 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCNM4S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

77ce0ec2a02b410eee12285bd7487b2599970ac39b6ff58c0b748b6e2df36f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9933
x-xss-protection: 0
server: cafe
etag: 9795501548502167919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 06 Jan 2020 11:46:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCNM4S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 511
date: Mon, 06 Jan 2020 11:38:14 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 06 Jan 2020 13:38:14 GMT

GET
H2

200

activityi;dc_pre=CIvGjrbz7uYCFRCVdwod09IOkQ;src=8464069;type=counter;cat=ncp0;ord=8457581416420;gtm=2wgc61;auiddc=721132311.1578311206;u1=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%...
8464069.fls.doubleclick.net/ Frame 29ED
Redirect Chain

https://8464069.fls.doubleclick.net/activityi;src=8464069;type=counter;cat=ncp0;ord=8457581416420;gtm=2wgc61;auiddc=721132311.1578311206;u1=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumag...
https://8464069.fls.doubleclick.net/activityi;dc_pre=CIvGjrbz7uYCFRCVdwod09IOkQ;src=8464069;type=counter;cat=ncp0;ord=8457581416420;gtm=2wgc61;auiddc=721132311.1578311206;u1=https%3A%2F%2Fwww.ncp.c...

0
0

38ms
38ms

Document
text/html

216.58.205.230
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://8464069.fls.doubleclick.net/activityi;dc_pre=CIvGjrbz7uYCFRCVdwod09IOkQ;src=8464069;type=counter;cat=ncp0;ord=8457581416420;gtm=2wgc61;auiddc=721132311.1578311206;u1=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp;~oref=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCNM4S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f230.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8464069.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIvGjrbz7uYCFRCVdwod09IOkQ;src=8464069;type=counter;cat=ncp0;ord=8457581416420;gtm=2wgc61;auiddc=721132311.1578311206;u1=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp;~oref=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Mon, 06 Jan 2020 11:46:45 GMT
expires: Mon, 06 Jan 2020 11:46:45 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 521
x-xss-protection: 0
set-cookie: IDE=AHWqTUl6DT6STPMMtV5EclegANpH5vb6AwJyO9AT8NiYWqPvDA5Ui57YtzDiV2g9; expires=Sat, 30-Jan-2021 11:46:45 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Mon, 06 Jan 2020 11:46:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8464069.fls.doubleclick.net/activityi;dc_pre=CIvGjrbz7uYCFRCVdwod09IOkQ;src=8464069;type=counter;cat=ncp0;ord=8457581416420;gtm=2wgc61;auiddc=721132311.1578311206;u1=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp;~oref=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 06-Jan-2020 12:01:45 GMT; path=/; domain=.doubleclick.net
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 hotjar-1510626.js Show response
static.hotjar.com/c/ 3 KB
2 KB 60ms
22ms Script
application/javascript 147.75.84.181
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1510626.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCNM4S

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.84.181 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

Software

openresty /

Resource Hash

f245a7ea277d8a0ae01ff88ea21b968db402d9ef309bc18b217187d7e82f19a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 37
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 1737
x-cache-hit: 1
server: openresty
x-frame-options: SAMEORIGIN
etag: W/0d4b7766c46ef695e46394d5cc63bd34
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.076
accept-ranges: bytes
section-io-id: 9b9747d063c83345472b450f21a5c072

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/ncp-sc/ 42 KB
14 KB 225ms
181ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/ncp-sc/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCNM4S
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4afa0955d559b4fbb502950e16c2066f19ca5c2a8cf48ce5daa2c97134d0f46

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id: du8SHL8crbRc0viGFicZ92mmC_3cxZ3w
content-encoding: gzip
age: 55
x-cache: HIT
status: 200
date: Mon, 06 Jan 2020 11:46:45 GMT
x-amz-replication-status: COMPLETED
content-length: 13629
fastly-restarts: 1
x-amz-id-2: 6c27TOc4m+4N9FPwrhv8hwnzbHAOPDbGd3lzuVeY9f5ZWTFpcVktsHXIAvU22wAJKtTuutS8dbA=
x-served-by: cache-hhn4064-HHN
last-modified: Sun, 05 Jan 2020 12:49:15 GMT
server: AmazonS3
x-timer: S1578311206.729639,VS0,VE162
etag: "b5ef3ae49d62884f31b948c78a07a768"
vary: Accept-Encoding
x-amz-request-id: CBFE7F46AD4F9F51
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 71
x-cache-hits: 11500

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 41ms
29ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref: Ref A: 7E51EA5FF2294BD28A58D048F5BCAF26 Ref B: FRAEDGE0106 Ref C: 2020-01-06T11:46:45Z
access-control-allow-origin: *
etag: "09c5197968d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7148

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30426
x-xss-protection: 0
pragma: public
x-fb-debug: I2wmGyWvi3fHGkPZah1k0OX0C2tXnByzFIarMMyEhxvUVorxcenIuYgEclKR1492GNv2SrkCgHwpQdpRvuNtYw==
x-fb-trip-id: 1850256238
date: Mon, 06 Jan 2020 11:46:45 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK aquant.js Show response
secure.quantserve.com/ 13 KB
6 KB 100ms
25ms Script
application/x-javascript 91.228.74.219
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/aquant.js?a=p-f8Jc9HZP9pROk
Requested by: Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.219 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 06 Jan 2020 11:46:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06-Jan-2020 11:46:45 GMT
Server: QS
ETag: M0-56c8c653
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5651
Expires: Mon, 13 Jan 2020 11:46:45 GMT

GET
H/1.1 200
OK code.js Show response
app.yieldify.com/yieldify/ 91 KB
14 KB 189ms
39ms Script
application/javascript 99.80.83.176
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://app.yieldify.com/yieldify/code.js?w_uuid=13a64deb-aed9-47f9-854d-cae861eb90de&loca=https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Requested by

Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.83.176 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-99-80-83-176.eu-west-1.compute.amazonaws.com

Software

nginx/1.8.1 + Phusion Passenger 4.0.60 / Phusion Passenger 4.0.60

Resource Hash

40bf8e0a52ed72002aeebbb2903417d76754359a7b946654b09c5d19f08b9a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 06 Jan 2020 11:46:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.8.1 + Phusion Passenger 4.0.60
X-Powered-By: Phusion Passenger 4.0.60
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Status: 200 OK
transfer-encoding: chunked
Connection: keep-alive

GET
H2 200 1.js Show response
uwxkugei.micpn.com/p/js/ 41 KB
14 KB 177ms
114ms Script
text/javascript 13.225.78.117
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://uwxkugei.micpn.com/p/js/1.js
Requested by: Host: www.ncp.co.uk
URL: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.117 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-117.fra2.r.cloudfront.net
Software: /
Resource Hash: a6f2b1d1f755da20d765edb29b364078f0f64bb706c5b0ff27120c9c514acbdf

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://movableink.com/w3c/p3p.xml", CP="DEVa PSAa PSDa IVAa IVDa OUR IND DSP NON COR NAV UNI"
status: 200
cache-control: no-cache max-age=0
content-type: text/javascript
x-amz-cf-id: qQdDXvO1rQlQfdV3N3nrE40wFCb6bdqsNoRSo0n71PRhRVj-zXsfOw==
via: 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
x-uuid: b3d5677b-8f31-4cea-8e74-94955cb36ecc
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 15332.js Show response
www.dwin1.com/ 11 KB
6 KB 19ms
7ms Script
application/javascript 2600:9000:2156:ea00:f:8ce2:fb80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/15332.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCNM4S
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:ea00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 189e67452cbe6bed01f2828692083cacad9a7c8bca3bcf34bb06b0ca280991be

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 05 Jan 2020 12:36:44 GMT
content-encoding: gzip
age: 2687
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Tue, 17 Sep 2019 14:01:59 GMT
server: AmazonS3
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
x-amz-version-id: l1NqGTLsxPuInQjRIkZmrd4GmB2FNpkN
access-control-allow-origin: *
cache-control: max-age=3600,s-maxage=3600
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: 9PYvwudmHODmEWHLpIcZ4MPuix7ZPG7m8CP6qOO2ToLi8ddtc5TuMw==

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 10:54:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3110
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Mon, 06 Jan 2020 11:54:55 GMT

GET
H2 200 153374258352993 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 67ms
67ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/153374258352993?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

bfa2821b901c011b6150bf4ebb75cf09f5f207af596e79be9e67f71720361fce

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: +U8RArKM5V3t3D+dnOJLbc2J+b2wgP4mr+xo7yZ/c8CwJeY4SPixErxOI2FyBKh8kmvXGtTmO9RblLCwVBQbXg==
x-fb-trip-id: 1850256238
date: Mon, 06 Jan 2020 11:46:45 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 6ms
6ms Image
image/gif 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=371614771&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp&ul=en-us&de=UTF-8&dt=Page%20not%20found&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAgAAL~&jid=402902383&gjid=336682091&cid=927297683.1578311206&tid=UA-5297825-2&_gid=941280621.1578311206&gtm=2wgc61PCNM4S&z=955930255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 01:35:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3924697
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-5297825-2&cid=927297683.1578311206&jid=402902383&gjid=336682091&_gid=941280621.1578311206&_u=aGBAgAAL~&z=1795916237
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5297825-2&cid=927297683.1578311206&jid=402902383&_v=j79&z=1795916237
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5297825-2&cid=927297683.1578311206&jid=402902383&_v=j79&z=1795916237&slf_rd=1&random=545880399

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5297825-2&cid=927297683.1578311206&jid=402902383&_v=j79&z=1795916237&slf_rd=1&random=545880399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5297825-2&cid=927297683.1578311206&jid=402902383&_v=j79&z=1795916237&slf_rd=1&random=545880399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 28ms
28ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5219260&Ver=2&mid=7f104034-db8e-ee67-5b22-612344998a91&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Page%20not%20found&p=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp&r=&lt=899&evt=pageLoad&msclkid=N&rn=264079
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Mon, 06 Jan 2020 11:46:45 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: FDFCF2DF215B435391E1915136358305 Ref B: FRAEDGE0106 Ref C: 2020-01-06T11:46:45Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.297b225e0b92ebb96f25.js Show response
script.hotjar.com/ 399 KB
70 KB 55ms
20ms Script
application/javascript 147.75.85.119
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.297b225e0b92ebb96f25.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1510626.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.85.119 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-2
Software: /
Resource Hash: 22c9a8794bf1aaa708de201b175d9646730455c0c1d93ee6aaccfc107c1c931b

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: br
content-type: application/javascript
age: 1459533
status: 200
section-io-cache: Hit
content-length: 71091
last-modified: Fri, 20 Dec 2019 14:18:08 GMT
etag: "7931ada42a878715cd638bda9c462ac3"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.023
accept-ranges: bytes
section-io-id: c61fbb391555ade88bfcc68158908d88

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/I2QN4FA4D5FLLON6B7SOOP/index.js
https://s.adroll.com/j/exp/index.js

28 B
680 B

50ms
25ms

Script
application/javascript

23.210.248.216
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id: hlHgKZNwBkHzMk1Lpt_4WU4bIRikD0xb
x-amz-request-id: B3E79C8BAA902D2E
x-amz-server-side-encryption: AES256
Date: Mon, 06 Jan 2020 11:46:45 GMT
Connection: keep-alive
Content-Length: 28
x-amz-id-2: ndfEzten1N64dw5NfENogd8mSR0b0PUwYfTgVI5WQuEPATil0hPTBI6J/BFyg/IQkj2M1U/eRoA=
Last-Modified: Fri, 03 Jan 2020 20:26:00 GMT
Server: AmazonS3
ETag: "5816cced8568d223aa09d889f300692b"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Mon, 06 Jan 2020 11:46:45 GMT
Server: AkamaiGHost
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H2

200

/ Show response
d.adroll.com/consent/check/I2QN4FA4D5FLLON6B7SOOP/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/I2QN4FA4D5FLLON6B7SOOP?_s=199f4faff5c494a423ae245e92431c4a&_b=2
https://d.adroll.com/consent/check/I2QN4FA4D5FLLON6B7SOOP/?_s=199f4faff5c494a423ae245e92431c4a&_b=2

115 B
583 B

38ms
37ms

Script
application/javascript

3.248.28.111
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/I2QN4FA4D5FLLON6B7SOOP/?_s=199f4faff5c494a423ae245e92431c4a&_b=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 109e5f2cbc13170e29725217a5a3ae3b18eb295d12f35b95c6c6c40737c046b8

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jan 2020 11:46:45 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: application/javascript
content-length: 115

Redirect headers

status: 302
date: Mon, 06 Jan 2020 11:46:45 GMT
server: nginx/1.16.1
content-length: 105
location: https://d.adroll.com/consent/check/I2QN4FA4D5FLLON6B7SOOP/?_s=199f4faff5c494a423ae245e92431c4a&_b=2

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1062125773/ 2 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1062125773/?random=1578311205753&cv=9&fst=1578311205753&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp&tiba=Page%20not%20found&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ac2f15fe0f57a252be62b03e0df05429b77748e2838968e3a61c2b5d84264062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jan 2020 11:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1026
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1062125773/ 42 B
122 B 20ms
20ms Image
image/gif 2a00:1450:4001:81d::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1062125773/?random=1578311205753&cv=9&fst=1578308400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp&tiba=Page%20not%20found&async=1&fmt=3&is_vtc=1&random=215796332&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1062125773/ 42 B
110 B 25ms
25ms Image
image/gif 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1062125773/?random=1578311205753&cv=9&fst=1578308400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp&tiba=Page%20not%20found&async=1&fmt=3&is_vtc=1&random=215796332&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jan 2020 11:46:45 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-f8Jc9HZP9pROk.js Show response
rules.quantcount.com/ 7 KB
2 KB 358ms
358ms Script
application/x-javascript 2600:9000:20eb:e200:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-f8Jc9HZP9pROk.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/aquant.js?a=p-f8Jc9HZP9pROk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:e200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef088e33bc409e6710cb0a1408fd68c9a0f5843c483d3790e764fb43af5eefae

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 08:26:48 GMT
content-encoding: gzip
last-modified: Tue, 21 Nov 2017 09:58:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-id: aUFpmrIvKX1SB_Xc0kyrvsxf-7CsBCMBPnt4IqBCqUpI_lMU065SXw==
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)

GET
H2 200 box-b736908ce6b0e933fad3a2e45df61b38.html
vars.hotjar.com/ Frame 5ED2 0
0 57ms
17ms Document
text/html 147.75.32.75
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1510626.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.32.75 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-1
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-b736908ce6b0e933fad3a2e45df61b38.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Response headers

status: 200
date: Mon, 06 Jan 2020 11:46:45 GMT
content-type: text/html
content-length: 808
last-modified: Tue, 17 Dec 2019 11:49:59 GMT
etag: "ed7551919779fd07dbfe6d776c643379"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.025
age: 1641334
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: bcfe0cbc51a07d006b0bd3fc7c35e88f

GET
H2 200 /
www.facebook.com/tr/ 44 B
359 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=153374258352993&ev=PageView&dl=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp&rl=&if=false&ts=1578311205798&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.2.1578311205797.1250945448&it=1578311205707&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Mon, 06 Jan 2020 11:46:45 GMT

GET
H/1.1 200
OK yieldify_1509471019.js Show response
d33wq5gej88ld6.cloudfront.net/code_revisions/000/000/123/original/ 276 KB
86 KB 91ms
24ms Script
application/javascript 13.225.84.59
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d33wq5gej88ld6.cloudfront.net/code_revisions/000/000/123/original/yieldify_1509471019.js?1509471024
Requested by: Host: app.yieldify.com
URL: https://app.yieldify.com/yieldify/code.js?w_uuid=13a64deb-aed9-47f9-854d-cae861eb90de&loca=https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.84.59 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-84-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d26dcb87d74aa1d63d1d3a0dfe97d556078e9ab7d282e100205913af0a42c08b

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 12 Jul 2019 20:31:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 31 Oct 2017 17:30:25 GMT
Server: AmazonS3
Age: 17777
ETag: "c16addd19b8b90c4e266dd94548c8408"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87772
X-Amz-Cf-Id: JN4d-s2z-IVUVRhM6-sYJ9_qlZbPhaKyN8zTLjrDcyIehgy32y2EkA==

GET
H/1.1 200
OK code.js Show response
td.yieldify.com/yieldify/ 420 KB
65 KB 79ms
19ms Script
text/javascript 151.101.112.233
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://td.yieldify.com/yieldify/code.js?w_uuid=13a64deb-aed9-47f9-854d-cae861eb90de&k=1&loca=https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Requested by

Host: app.yieldify.com
URL: https://app.yieldify.com/yieldify/code.js?w_uuid=13a64deb-aed9-47f9-854d-cae861eb90de&loca=https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.233 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

99d4a64da66e2bf7bdb4e9b815d694b85464be7309461971c6795103ebc81389

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
x-amzn-Remapped-content-length: 429736
Age: 1850
x-amz-server-side-encryption: AES256
X-Cache: HIT
X-Amzn-Trace-Id: Root=1-5e1316eb-e2e9a594a72f3e303013fd9c;Sampled=0
Content-Length: 65652
Connection: keep-alive
x-amz-apigw-id: F4CEwE71joEF1PA=
x-amz-request-id: 853F6E76D5EE158D
x-amz-id-2: OASTe0qbE3x0u+JqURarN629ZaqawF5bsSBV2Zle1GixeFMotbHQ1ZQRBkOvrk+p9rZBw+MOjro=
X-Served-By: cache-hhn4032-HHN
x-amzn-RequestId: fab49c1b-e0a6-4a52-999f-1b5810d89095
last-modified: Mon, 06 Jan 2020 11:15:50 GMT
X-Timer: S1578311206.961937,VS0,VE0
x-amzn-Remapped-server: AmazonS3
Date: Mon, 06 Jan 2020 11:46:45 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Via: 1.1 varnish
X-XSS-Protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
etag: "2a90751e5875126ee75ab1a3ceedce77"
Accept-Ranges: bytes
x-amzn-Remapped-date: Mon, 06 Jan 2020 11:15:56 GMT
x-amzn-Remapped-connection: close
X-Cache-Hits: 2

GET
H/1.1

200
OK

7QOFZOMZLNCLNKZHVIGNSQ.js Show response
s.adroll.com/pixel/I2QN4FA4D5FLLON6B7SOOP/5Y2Y2LQYTRD7NIYA4MM7RE/
Redirect Chain

https://d.adroll.com/pixel/I2QN4FA4D5FLLON6B7SOOP/5Y2Y2LQYTRD7NIYA4MM7RE?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&pv=30038576626.068546&cookie=&adroll_s_ref=&keyw=&arrfrr=...
https://s.adroll.com/pixel/I2QN4FA4D5FLLON6B7SOOP/5Y2Y2LQYTRD7NIYA4MM7RE/7QOFZOMZLNCLNKZHVIGNSQ.js

7 KB
3 KB

36ms
25ms

Script
text/javascript

23.210.248.216
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/I2QN4FA4D5FLLON6B7SOOP/5Y2Y2LQYTRD7NIYA4MM7RE/7QOFZOMZLNCLNKZHVIGNSQ.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1851e18c847cb9e643d1e0b99ec00de67f643c2ed1c0a60d3f43ea93e03fd9f8

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id: 8VDFevlR0uyyODnHLI4HlYH_FVh4NZ_1
Content-Encoding: gzip
x-amz-request-id: 6554CBA555FA2BE9
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Mon, 06 Jan 2020 11:46:45 GMT
Connection: keep-alive
Content-Length: 2296
x-amz-id-2: Zvl7gmrWQNU66vh5h/3WbvCII8M61CDd+wKWqaP5tpe840r+gzJpXFeFZuoS0XWm4erEntpJG+w=
Last-Modified: Thu, 12 Dec 2019 19:28:56 GMT
Server: AmazonS3
ETag: "9f93337e31987ffbb7f2370a65a1599a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

date: Mon, 06 Jan 2020 11:46:45 GMT
x-segment-display-name
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
content-length: 0
pragma: no-cache
x-conversion-value: 0.0
server: nginx/1.16.1
x-rule: *
x-segment-eid: 7QOFZOMZLNCLNKZHVIGNSQ
location: https://s.adroll.com/pixel/I2QN4FA4D5FLLON6B7SOOP/5Y2Y2LQYTRD7NIYA4MM7RE/7QOFZOMZLNCLNKZHVIGNSQ.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: 5Y2Y2LQYTRD7NIYA4MM7RE
x-segment-name: *
x-advertisable-eid: I2QN4FA4D5FLLON6B7SOOP
x-conversion-currency: GBP

GET
H2 204 mark
trc.taboola.com/ncp-sc/log/3/ 0
445 B 76ms
30ms Image
image/gif 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/ncp-sc/log/3/mark?tim=12%3A46%3A45.912&item-url=https%3A//www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp&marking-type=retargeting
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Mon, 06 Jan 2020 11:46:45 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-fra19172-FRA
pragma: no-cache
server: nginx
x-timer: S1578311206.964994,VS0,VE9
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 9 KB
3 KB 31ms
24ms Script
text/javascript 23.210.248.216
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/pixel/I2QN4FA4D5FLLON6B7SOOP/5Y2Y2LQYTRD7NIYA4MM7RE/7QOFZOMZLNCLNKZHVIGNSQ.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id: YWF67j5pF9q6SkyswC7vAoPjAu0aQ3B8
Content-Encoding: gzip
x-amz-request-id: C47777B8149E5E76
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Mon, 06 Jan 2020 11:46:46 GMT
Connection: keep-alive
Content-Length: 2039
x-amz-id-2: 8UpWPUIeVQKZzFqblz9wIUKZ8QeyTj7KI4DtRvtcie9K6XAmw9BlwwEAwH5IwK3OdnbVGAZ+v1g=
Last-Modified: Thu, 19 Dec 2019 18:38:00 GMT
Server: AmazonS3
ETag: "15441b08d0c4f93b1dd5f533cd361cd8"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 198801900499280 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/198801900499280?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

740a072c010b3b9efb0ce44377ae76f5c0870d4e3b34270c5c5a4db5bca47695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 114918
x-xss-protection: 0
pragma: private
x-fb-debug: cEXDcWiVk2m/qACW7N3pjVlXwA4biqreNcsIihD4ia5JeqvKzA4BgX9B0GRo08ZkoN+6SfYUkcT7Vl4wX+2joQ==
x-fb-trip-id: 1850256238
date: Mon, 06 Jan 2020 11:46:45 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/aol/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP
https://pixel.advertising.com/ups/55980/sync?uid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP3759b279-307a-11ea-ba2e-02...
https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP3759b279-307a-11ea-ba2e-02...

0
504 B

22ms
22ms

Image
text/plain

18.185.225.206
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP3759b279-307a-11ea-ba2e-0215b0451c90&verify=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.185.225.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-18-185-225-206.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 204
date: Mon, 06 Jan 2020 11:46:46 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Mon, 06 Jan 2020 11:46:46 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP3759b279-307a-11ea-ba2e-0215b0451c90&verify=true
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&expiration=1609847206
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&expiration=1609847206&C=1

43 B
896 B

66ms
66ms

Image
image/gif

23.210.249.164
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&expiration=1609847206&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Jan 2020 11:46:46 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 06 Jan 2020 11:46:46 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Jan 2020 11:46:46 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&expiration=1609847206&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Mon, 06 Jan 2020 11:46:46 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&expires=365

0
239 B

104ms
28ms

Image
image/gif

69.173.144.136
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 06 Jan 2020 11:46:46 GMT
server: nginx/1.16.1
location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&expires=365
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 124

GET
H2

200

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP
https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg
https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&rdrctExp=true

0
357 B

140ms
139ms

Image
text/plain

151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&rdrctExp=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:46 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, FRA, Europe2
x-traceid: 77dea2e80dd105ef71774ff2fdbb3637
x-timer: S1578311206.178535,VS0,VE119
x-cache: MISS, MISS
status: 200
backend-ip: 157.52.75.78
x-cache-hits: 0, 0
accept-ranges: bytes, bytes
content-length: 0
x-served-by: cache-mdw17378-MDW, cache-fra19172-FRA

Redirect headers

date: Mon, 06 Jan 2020 11:46:46 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, FRA, Europe2
x-traceid: 46723992d9a56cb17955ef194cde993c
x-timer: S1578311206.055924,VS0,VE101
location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&rdrctExp=true
x-cache: MISS, MISS
status: 302
backend-ip: 157.52.75.69
x-cache-hits: 0, 0
accept-ranges: bytes, bytes
content-length: 0
x-served-by: cache-mdw17369-MDW, cache-fra19172-FRA

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
986 B

73ms
18ms

Image
text/html

185.64.189.110
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Jan 2020 11:46:46 GMT
X-lat: Pug22007:0:593
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Cache-Control: no-store, no-cache, private
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection: close
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Mon, 06 Jan 2020 11:46:46 GMT
server: nginx/1.16.1
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 220

GET
H2

200

in
d.adroll.com/cm/r/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

42 B
500 B

41ms
40ms

Image
image/gif

3.248.28.111
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jan 2020 11:46:46 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42

Redirect headers

Date: Mon, 06 Jan 2020 11:46:46 GMT
X-Content-Type-Options: nosniff
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

204

/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg

0
169 B

31ms
31ms

Image
text/plain

151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Mon, 06 Jan 2020 11:46:46 GMT
via: 1.1 varnish
server: nginx
x-timer: S1578311206.164288,VS0,VE9
x-served-by: cache-fra19172-FRA
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Mon, 06 Jan 2020 11:46:46 GMT
server: nginx/1.16.1
location: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 111

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP
https://eb2.3lift.com/xuid?mid=4714&xuid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&dongle=c85e&gdpr=1&cmp_cs=

37 B
335 B

21ms
21ms

Image
image/gif

35.158.208.192
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&dongle=c85e&gdpr=1&cmp_cs=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.208.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-158-208-192.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Mon, 06 Jan 2020 11:46:46 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 37
content-type: image/gif

Redirect headers

status: 302
date: Mon, 06 Jan 2020 11:46:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: /xuid?ld=1&mid=4714&xuid=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg&dongle=c85e&gdpr=1&cmp_cs=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
www.facebook.com/tr/
Redirect Chain

https://d.adroll.com/fb/tr/?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&id=198801900499280&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[ap...
https://www.facebook.com/tr/?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&id=198801900499280&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[a...

44 B
100 B

6ms
6ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&id=198801900499280&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[application_id]=321379434608647&cd[product_catalog_id]=1768135750093680&cd[external_id]=n6XLM8sMOhjPumZjM6wnGA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Mon, 06 Jan 2020 11:46:46 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Jan 2020 11:46:46 GMT
server: nginx/1.16.1
location: https://www.facebook.com/tr/?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&id=198801900499280&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[application_id]=321379434608647&cd[product_catalog_id]=1768135750093680&cd[external_id]=n6XLM8sMOhjPumZjM6wnGA
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 313

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP
https://x.bidswitch.net/sync?dsp_id=44&user_id=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg

43 B
378 B

22ms
22ms

Image
image/gif

52.29.126.123
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.126.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-29-126-123.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Mon, 06 Jan 2020 11:46:46 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

status: 302
date: Mon, 06 Jan 2020 11:46:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP
https://ib.adnxs.com/setuid?entity=172&code=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg

43 B
875 B

54ms
17ms

Image
image/gif

185.33.223.100
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=172&code=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Jan 2020 11:46:48 GMT
AN-X-Request-Uuid: 330d7c0c-c46f-44be-afd6-e7d213cd30d1
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.102.19.133; 82.102.19.133; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.137:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Jan 2020 11:46:46 GMT
server: nginx/1.16.1
location: https://ib.adnxs.com/setuid?entity=172&code=OWZhNWNiMzNjYjBjM2ExOGNmYmE2NjYzMzNhYzI3MTg
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 93

GET
H2

204

377928.gif
idsync.rlcdn.com/
Redirect Chain

https://d.adroll.com/cm/l/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP
https://idsync.rlcdn.com/377928.gif?partner_uid=9fa5cb33cb0c3a18cfba666333ac2718

0
62 B

155ms
119ms

Image
text/plain

35.190.72.21
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=9fa5cb33cb0c3a18cfba666333ac2718
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 21.72.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 204
date: Mon, 06 Jan 2020 11:46:46 GMT
via: 1.1 google
alt-svc: clear

Redirect headers

pragma: no-cache
date: Mon, 06 Jan 2020 11:46:46 GMT
server: nginx/1.16.1
location: https://idsync.rlcdn.com/377928.gif?partner_uid=9fa5cb33cb0c3a18cfba666333ac2718
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 86

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP
https://us-u.openx.net/w/1.0/sd?id=537103138&val=9fa5cb33cb0c3a18cfba666333ac2718
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9fa5cb33cb0c3a18cfba666333ac2718

43 B
183 B

32ms
32ms

Image
image/gif

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9fa5cb33cb0c3a18cfba666333ac2718
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.173.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jan 2020 11:46:46 GMT
via: 1.1 google
server: OXGW/16.173.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 06 Jan 2020 11:46:46 GMT
via: 1.1 google
server: OXGW/16.173.0
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9fa5cb33cb0c3a18cfba666333ac2718
p3p: CP="CUR ADM OUR NOR STA NID"
status: 302
alt-svc: clear
content-length: 0

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=c366bb5bfd7843a84feba7b6d0305fe6-1578311205907&xid_ch=f&advertisable=I2QN4FA4D5FLLON6B7SOOP&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=n6XLM8sMOhjPumZjM6wnGA
https://d.adroll.com/cm/g/in

42 B
536 B

37ms
37ms

Image
image/gif

3.248.28.111
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jan 2020 11:46:46 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Mon, 06 Jan 2020 11:46:46 GMT
server: HTTP server (unknown)
location: https://d.adroll.com/cm/g/in
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bundle.js Show response
custom.yieldify.com/v1/457/602/717488110e/ 94 KB
25 KB 84ms
20ms Script
application/javascript 151.101.112.233
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://custom.yieldify.com/v1/457/602/717488110e/bundle.js

Requested by

Host: td.yieldify.com
URL: https://td.yieldify.com/yieldify/code.js?w_uuid=13a64deb-aed9-47f9-854d-cae861eb90de&k=1&loca=https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.233 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6a733a64b21983ad9473e98f1dfefeb3523775bb2eb9a0c92f401616dc47d477

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 2129
X-Cache: HIT
Connection: keep-alive
Content-Length: 25058
x-amz-id-2: VRXhbjjmwyPd7XZg2Rc+r9JpvgMLxE1JNMGHfoknR2jPvPb+wDeUaoxhneErD+EsFN/oeiiompU=
X-Served-By: cache-hhn4056-HHN
Last-Modified: Mon, 06 Jan 2020 11:04:19 GMT
Server: AmazonS3
X-Timer: S1578311206.111744,VS0,VE1
Date: Mon, 06 Jan 2020 11:46:46 GMT
Vary: Accept-Encoding
x-amz-request-id: B8BC7C3DEE319BF3
Via: 1.1 varnish
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=86400, public
ETag: "37ddb88d0d7c1108ef105bc77d14fc0c"
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 1

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=198801900499280&ev=PageView&dl=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp&rl=&if=false&ts=1578311206049&cd[segment_eid]=7QOFZOMZLNCLNKZHVIGNSQ&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=29&fbp=fb.2.1578311205797.1250945448&it=1578311205707&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Mon, 06 Jan 2020 11:46:46 GMT

GET
H/1.1 200
OK campaigns.json Show response
app.yieldify.com/yieldify/ 19 KB
3 KB 76ms
76ms Script
application/javascript 99.80.83.176
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://app.yieldify.com/yieldify/campaigns.json?visit=1&yi_sign_out_class=&yi_sign_out_class_text=&yi_session_counter=1&visited_pages=&swidth=1600&sheight=1200&callback=yiel.initializeCampaigns&yi_shopping_value=-1&basket=-1&user_agent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&yieldify_id=3901&vt=-1&loca=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp&referrer=&original_referrer=&combined_referrer=null

Requested by

Host: d33wq5gej88ld6.cloudfront.net
URL: https://d33wq5gej88ld6.cloudfront.net/code_revisions/000/000/123/original/yieldify_1509471019.js?1509471024

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.83.176 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-99-80-83-176.eu-west-1.compute.amazonaws.com

Software

nginx/1.8.1 + Phusion Passenger 4.0.60 / Phusion Passenger 4.0.60

Resource Hash

6759ef315368431c95435111e258ff5e36168c82c24fdeaa17217a6e909f4b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 06 Jan 2020 11:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.8.1 + Phusion Passenger 4.0.60
X-Powered-By: Phusion Passenger 4.0.60
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Status: 200 OK
transfer-encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK i
dc.yieldify.com/ 43 B
383 B 195ms
38ms Image
image/gif 54.194.21.100
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dc.yieldify.com/i?stm=1578311206574&e=ue&ue_px=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy91bnN0cnVjdF9ldmVudC9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJkYXRhIjp7ImV0IjoiUGFnZVZpZXcifX19&tv=1-0.0.0&tna=primary&aid=3901&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=62e9514e-7f3a-4da8-b271-24e72ced90e1&dtm=1578311206573&vp=1600x1200&ds=1585x1705&vid=1&sid=f2183163-293a-4c5a-b3b5-f00744f3fd14&duid=1e9be3a8-5c63-4c4e-a3a1-9aa642dbcf0d&url=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0xIiwiZGF0YSI6W119
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.21.100 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-194-21-100.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 06 Jan 2020 11:46:46 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Vary: Origin
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H/1.1 200
OK poll.gif
ncpgw.whoson.com/ 43 B
215 B 28ms
27ms Image
image/gif 134.213.127.80
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ncpgw.whoson.com/poll.gif?d=www.ncp.co.uk&stamp=1578311206650&u=349-1578311205578
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 134.213.127.80 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: / ARR/3.0, ASP.NET
Resource Hash: 902d323be237aab49171c7c57c503d3aab2368736d357d39291cfed319fffce9

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 06 Jan 2020 11:46:46 GMT
Cache-Control: no-cache
X-Powered-By: ARR/3.0, ASP.NET
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK geolocation.json Show response
geo.yieldify.com/ 124 B
561 B 176ms
37ms XHR
application/json 52.215.111.116
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yieldify.com/geolocation.json

Requested by

Host: d33wq5gej88ld6.cloudfront.net
URL: https://d33wq5gej88ld6.cloudfront.net/code_revisions/000/000/123/original/yieldify_1509471019.js?1509471024

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.111.116 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-215-111-116.eu-west-1.compute.amazonaws.com

Software

nginx/1.12.1 / Express

Resource Hash

77ec7b4db9a3bc6dc792586d090e1c46746624b8ada299c92a2d0d8c65de3dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Origin: https://www.ncp.co.uk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Jan 2020 11:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.12.1
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 127
ETag: W/"7c-2MQlNMg/0iGkkyJ52uAp/YAJ7S4"
Expires: Sat, 01 Jan 1972 00:00:00 GMT

GET
H/1.1 200
OK campaign_overlay
app.yieldify.com/yieldify/ Frame 99D7 0
0 41ms
40ms Document
text/html 99.80.83.176
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://app.yieldify.com/yieldify/campaign_overlay?campaign_id=140478&referrer=&url=https%3A//www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Requested by

Host: d33wq5gej88ld6.cloudfront.net
URL: https://d33wq5gej88ld6.cloudfront.net/code_revisions/000/000/123/original/yieldify_1509471019.js?1509471024

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.83.176 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-99-80-83-176.eu-west-1.compute.amazonaws.com

Software

nginx/1.8.1 + Phusion Passenger 4.0.60 / Phusion Passenger 4.0.60

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: app.yieldify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Response headers

Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 06 Jan 2020 11:46:46 GMT
Server: nginx/1.8.1 + Phusion Passenger 4.0.60
Status: 200 OK
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger 4.0.60
X-XSS-Protection: 1; mode=block
transfer-encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK campaign_overlay
app.yieldify.com/yieldify/ Frame 7FA3 0
0 77ms
40ms Document
text/html 99.80.83.176
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://app.yieldify.com/yieldify/campaign_overlay?campaign_id=140476&referrer=&url=https%3A//www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Requested by

Host: d33wq5gej88ld6.cloudfront.net
URL: https://d33wq5gej88ld6.cloudfront.net/code_revisions/000/000/123/original/yieldify_1509471019.js?1509471024

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.83.176 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-99-80-83-176.eu-west-1.compute.amazonaws.com

Software

nginx/1.8.1 + Phusion Passenger 4.0.60 / Phusion Passenger 4.0.60

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: app.yieldify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Response headers

Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 06 Jan 2020 11:46:46 GMT
Server: nginx/1.8.1 + Phusion Passenger 4.0.60
Status: 200 OK
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger 4.0.60
X-XSS-Protection: 1; mode=block
transfer-encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK campaign_overlay
app.yieldify.com/yieldify/ Frame 4C05 0
0 109ms
39ms Document
text/html 99.80.83.176
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://app.yieldify.com/yieldify/campaign_overlay?campaign_id=140425&referrer=&url=https%3A//www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Requested by

Host: d33wq5gej88ld6.cloudfront.net
URL: https://d33wq5gej88ld6.cloudfront.net/code_revisions/000/000/123/original/yieldify_1509471019.js?1509471024

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.83.176 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-99-80-83-176.eu-west-1.compute.amazonaws.com

Software

nginx/1.8.1 + Phusion Passenger 4.0.60 / Phusion Passenger 4.0.60

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: app.yieldify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Response headers

Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 06 Jan 2020 11:46:46 GMT
Server: nginx/1.8.1 + Phusion Passenger 4.0.60
Status: 200 OK
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger 4.0.60
X-XSS-Protection: 1; mode=block
transfer-encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK campaign_overlay
app.yieldify.com/yieldify/ Frame DDB2 0
0 109ms
42ms Document
text/html 99.80.83.176
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://app.yieldify.com/yieldify/campaign_overlay?campaign_id=140419&referrer=&url=https%3A//www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Requested by

Host: d33wq5gej88ld6.cloudfront.net
URL: https://d33wq5gej88ld6.cloudfront.net/code_revisions/000/000/123/original/yieldify_1509471019.js?1509471024

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.83.176 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-99-80-83-176.eu-west-1.compute.amazonaws.com

Software

nginx/1.8.1 + Phusion Passenger 4.0.60 / Phusion Passenger 4.0.60

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: app.yieldify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Response headers

Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 06 Jan 2020 11:46:46 GMT
Server: nginx/1.8.1 + Phusion Passenger 4.0.60
Status: 200 OK
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger 4.0.60
X-XSS-Protection: 1; mode=block
Content-Length: 977
Connection: keep-alive

GET
H/1.1 200
OK campaign_overlay
app.yieldify.com/yieldify/ Frame 57FD 0
0 107ms
40ms Document
text/html 99.80.83.176
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://app.yieldify.com/yieldify/campaign_overlay?campaign_id=140421&referrer=&url=https%3A//www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Requested by

Host: d33wq5gej88ld6.cloudfront.net
URL: https://d33wq5gej88ld6.cloudfront.net/code_revisions/000/000/123/original/yieldify_1509471019.js?1509471024

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.83.176 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-99-80-83-176.eu-west-1.compute.amazonaws.com

Software

nginx/1.8.1 + Phusion Passenger 4.0.60 / Phusion Passenger 4.0.60

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: app.yieldify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Response headers

Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 06 Jan 2020 11:46:46 GMT
Server: nginx/1.8.1 + Phusion Passenger 4.0.60
Status: 200 OK
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger 4.0.60
X-XSS-Protection: 1; mode=block
Content-Length: 977
Connection: keep-alive

GET
H/1.1 200
OK campaign_overlay
app.yieldify.com/yieldify/ Frame E535 0
0 105ms
39ms Document
text/html 99.80.83.176
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://app.yieldify.com/yieldify/campaign_overlay?campaign_id=140423&referrer=&url=https%3A//www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Requested by

Host: d33wq5gej88ld6.cloudfront.net
URL: https://d33wq5gej88ld6.cloudfront.net/code_revisions/000/000/123/original/yieldify_1509471019.js?1509471024

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.83.176 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-99-80-83-176.eu-west-1.compute.amazonaws.com

Software

nginx/1.8.1 + Phusion Passenger 4.0.60 / Phusion Passenger 4.0.60

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: app.yieldify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Response headers

Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 06 Jan 2020 11:46:46 GMT
Server: nginx/1.8.1 + Phusion Passenger 4.0.60
Status: 200 OK
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger 4.0.60
X-XSS-Protection: 1; mode=block
transfer-encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK campaign_overlay
app.yieldify.com/yieldify/ Frame EFD9 0
0 102ms
39ms Document
text/html 99.80.83.176
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://app.yieldify.com/yieldify/campaign_overlay?campaign_id=134785&referrer=&url=https%3A//www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Requested by

Host: d33wq5gej88ld6.cloudfront.net
URL: https://d33wq5gej88ld6.cloudfront.net/code_revisions/000/000/123/original/yieldify_1509471019.js?1509471024

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.83.176 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-99-80-83-176.eu-west-1.compute.amazonaws.com

Software

nginx/1.8.1 + Phusion Passenger 4.0.60 / Phusion Passenger 4.0.60

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: app.yieldify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp

Response headers

Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 06 Jan 2020 11:46:46 GMT
Server: nginx/1.8.1 + Phusion Passenger 4.0.60
Status: 200 OK
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger 4.0.60
X-XSS-Protection: 1; mode=block
transfer-encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK yieldify-styles-min.css
dwmvwp56lzq5t.cloudfront.net/ 1 KB
2 KB 98ms
20ms Stylesheet
text/css 143.204.98.68
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dwmvwp56lzq5t.cloudfront.net/yieldify-styles-min.css
Requested by: Host: d33wq5gej88ld6.cloudfront.net
URL: https://d33wq5gej88ld6.cloudfront.net/code_revisions/000/000/123/original/yieldify_1509471019.js?1509471024
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.68 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-68.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 981971b7e6166d423d14fb3781cc8217630ae5155f075c22c76a54097f2e9828

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 23:40:37 GMT
Via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
Age: 1166729
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1072
Last-Modified: Thu, 10 May 2018 16:35:33 GMT
Server: AmazonS3
ETag: "29857cb26b85c5ef1661bad3f0c648e2"
x-amz-version-id: ycI6M7IoIE7B5wdvw_GeKCNGbaX8wVXc
Cache-Control: public,max-age=2592000
x-amz-meta-version-id: O4rt2QxcETW__8W7_zV_RswavfwbAikC
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Type: text/css
X-Amz-Cf-Id: xuzC9fK5kPJgTd0spcpgwJKc9Jj5bpYCQbM_4FK56q9UKhPdlrHDZw==

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=153374258352993&ev=Microdata&dl=https%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp&rl=&if=false&ts=1578311207300&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Page%20not%20found%22%2C%22meta%3Adescription%22%3A%22NCP%20default%20meta%20description%20text%20set%20in%20ImaginetDefault%20class%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.2.1578311205797.1250945448&it=1578311205707&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 11:46:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Mon, 06 Jan 2020 11:46:47 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/39/5/ 77 KB
28 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:819::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/39/5/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyB5QxukvRQRw8nR2c9QKg3jOZrsjpCaPO0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8b19611e1ec0389a4d528aa5ebc8d8487287305f3dafb08c3e3d6e2e2c21c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 05:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Dec 2019 19:34:41 GMT
server: sffe
age: 24189
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28649
x-xss-protection: 0
expires: Tue, 05 Jan 2021 05:03:41 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/39/5/ 144 KB
53 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:819::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/39/5/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyB5QxukvRQRw8nR2c9QKg3jOZrsjpCaPO0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d52781eab70c4852c5c946f8c0fa83af83217a44a009e73192c27708c9c9178b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 06 Jan 2020 05:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Dec 2019 19:34:41 GMT
server: sffe
age: 24189
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 54363
x-xss-protection: 0
expires: Tue, 05 Jan 2021 05:03:41 GMT

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
148 B 44ms
43ms Script
text/javascript 2a00:1450:4001:819::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.ncp.co.uk%2Futlisant.rogarques.rallumage%2FDjakarta%2Fjuments%2Fantisp&4sAIzaSyB5QxukvRQRw8nR2c9QKg3jOZrsjpCaPO0&callback=_xdc_._zazirt&key=AIzaSyB5QxukvRQRw8nR2c9QKg3jOZrsjpCaPO0&token=76486

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/39/5/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

mafe /

Resource Hash

085adc516f50758df69b7c83454b3e7610922bbd90b7132ec1f107a41b2971cd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jan 2020 11:46:50 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=6
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK poll.gif
ncpgw.whoson.com/ 43 B
215 B 27ms
27ms Image
image/gif 134.213.127.80
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ncpgw.whoson.com/poll.gif?d=www.ncp.co.uk&stamp=1578311212650&u=349-1578311205578
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 134.213.127.80 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: / ARR/3.0, ASP.NET
Resource Hash: 902d323be237aab49171c7c57c503d3aab2368736d357d39291cfed319fffce9

Request headers

Referer: https://www.ncp.co.uk/utlisant.rogarques.rallumage/Djakarta/juments/antisp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 06 Jan 2020 11:46:52 GMT
Cache-Control: no-cache
X-Powered-By: ARR/3.0, ASP.NET
Content-Length: 43
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 15:46:47	Name: IDE Value: AHWqTUl6DT6STPMMtV5EclegANpH5vb6AwJyO9AT8NiYWqPvDA5Ui57YtzDiV2g9
.ncp.co.uk/	1970-01-19 14:57:49	Name: _hjid Value: 796c90b5-f689-4218-91a8-0169cb04f557
.ncp.co.uk/	1970-01-19 06:25:11	Name: _dc_gtm_UA-5297825-2 Value: 1
.ncp.co.uk/	1970-01-19 06:26:37	Name: _gid Value: GA1.3.941280621.1578311206
.ncp.co.uk/	1970-01-19 23:56:23	Name: _ga Value: GA1.3.927297683.1578311206
.ncp.co.uk/	1970-01-19 08:34:47	Name: _gcl_au Value: 1.1.721132311.1578311206
.ncp.co.uk/	1970-01-19 08:34:47	Name: _fbp Value: fb.2.1578311205797.1250945448
www.ncp.co.uk/	1970-01-19 15:02:52	Name: whoson Value: 349-1578311205578
www.ncp.co.uk/	1969-12-31 23:59:59	Name: PHPSESSID Value: h861bprj0h4qp1r190vh574g80
.ncp.co.uk/	1970-01-19 07:08:23	Name: __cfduid Value: dd2e91b469811665f57ff2089512661591578311204

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.ncp.co.uk/js/main.js?v=1568293822(Line 1723) Message: document.getElementById('chatSrcMobile').href https://ncp.whoson.com/newchat/chat.aspx?domain=www.ncp.co.uk

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8464069.fls.doubleclick.net
ads.yahoo.com
ajax.googleapis.com
app.yieldify.com
bat.bing.com
cdn.taboola.com
cm.g.doubleclick.net
connect.facebook.net
custom.yieldify.com
d.adroll.com
d.adroll.mgr.consensu.org
d33wq5gej88ld6.cloudfront.net
dc.yieldify.com
dsum-sec.casalemedia.com
dwmvwp56lzq5t.cloudfront.net
eb2.3lift.com
geo.yieldify.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
maps.googleapis.com
ncp.co.uk
ncpgw.whoson.com
pixel.advertising.com
pixel.rubiconproject.com
rules.quantcount.com
s.adroll.com
script.hotjar.com
secure.quantserve.com
simage2.pubmatic.com
static.hotjar.com
stats.g.doubleclick.net
sync.outbrain.com
td.yieldify.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
uwxkugei.micpn.com
vars.hotjar.com
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.ncp.co.uk
x.bidswitch.net
104.25.94.5
13.225.78.117
13.225.84.59
134.213.127.80
143.204.98.68
147.75.32.75
147.75.84.181
147.75.85.119
151.101.112.233
151.101.114.2
151.101.14.2
172.217.22.34
18.185.225.206
185.33.223.100
185.64.189.110
216.58.205.230
23.210.248.216
23.210.249.164
2600:9000:20eb:e200:6:44e3:f8c0:93a1
2600:9000:2156:ea00:f:8ce2:fb80:93a1
2606:4700:10::6814:947
2620:1ec:c11::200
2a00:1288:110:c305::9000
2a00:1450:4001:800::2002
2a00:1450:4001:819::200a
2a00:1450:4001:81d::2004
2a00:1450:4001:821::2008
2a00:1450:4001:821::200e
2a00:1450:4001:825::2003
2a00:1450:400c:c04::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.248.28.111
34.95.120.147
35.157.249.39
35.158.208.192
35.190.72.21
52.215.111.116
52.29.126.123
54.194.21.100
69.173.144.136
91.228.74.219
99.80.83.176
010b5d530d1433fd344fe3df9c7309b68e6862eb017938c8dcf4a9cad96efd14
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05ae7c503571b53dc180a7a3f51f3d33dffa72c14f44fd40287ec5cb66113f43
085adc516f50758df69b7c83454b3e7610922bbd90b7132ec1f107a41b2971cd
0d38940721122c9f6d98f439eaea461ad36a4545952b73f0b7b0256f4495d939
109e5f2cbc13170e29725217a5a3ae3b18eb295d12f35b95c6c6c40737c046b8
10bdeb0242f97e5483f914eb5b752df183725a366af8f0c9ba8bb645586006ff
10d8b19611e1ec0389a4d528aa5ebc8d8487287305f3dafb08c3e3d6e2e2c21c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1270e4f60d4c9e113dcb1b2fecf2f0a519c6cc50874f8620ea33f31493172206
1851e18c847cb9e643d1e0b99ec00de67f643c2ed1c0a60d3f43ea93e03fd9f8
189e67452cbe6bed01f2828692083cacad9a7c8bca3bcf34bb06b0ca280991be
1aa019b48f0df152bf1ea3a2d5b0394f97c03b2f94016112d928ed772fbd5021
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d
22c9a8794bf1aaa708de201b175d9646730455c0c1d93ee6aaccfc107c1c931b
27137c8d743f4d506170a5918ec60c6a427251e7cca47840707824b0df011d8b
2c27cf1c57df2b689b41e7ac0c569b8e8057203bb29e3f98c8d2de7995c53e21
3145be4ba174698eee08144a1da748c32a1780db1c71eeaddbbb9bbce4c67c41
324e8f04f0298c27437da5c37e207f3e229b1450a3d9aefe303a4fc29b790176
34356dc0cf8dc2eb62fffb99088216417af900fb7592840b4e0bd70d1b1e0f65
35561b89d9158eb97d580d2350a6a52ea0128c42f309aeb291525c3a15f545ba
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3cda0d957f9d65e4da810f313b24999a3d69447a457e1feb47e30a21550106e1
40bf8e0a52ed72002aeebbb2903417d76754359a7b946654b09c5d19f08b9a22
49010ec553a3e8c8020b97a6967afeac8ed2c390882bf7b6667d475dd9c4da6d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c75a9c9657926b8a8ef13589951b968f706ab61bc40eb61c3726f0c2e6203bc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5532fa30d9a2ee065aa83faa1d25f778af6dfc9050ee915498d74aa9a56ff198
587e6d7678604f110c2418b6e334ac71525d1d60ced6c08335b54b937b29bf83
5b51d4bcfcde3ea54d94d06a962443f4e0ce0d0d180fb581d9153a227fa6df76
6068550d0b87d47eef5f2be3192cfbe36cea318cb1671dc5b96938606bfa4972
6759ef315368431c95435111e258ff5e36168c82c24fdeaa17217a6e909f4b65
6a733a64b21983ad9473e98f1dfefeb3523775bb2eb9a0c92f401616dc47d477
6d041534c5d43a8e092ba6714157e669b559012d43ebc90a3adb560de42ffa76
740a072c010b3b9efb0ce44377ae76f5c0870d4e3b34270c5c5a4db5bca47695
77ce0ec2a02b410eee12285bd7487b2599970ac39b6ff58c0b748b6e2df36f3c
77ec7b4db9a3bc6dc792586d090e1c46746624b8ada299c92a2d0d8c65de3dfe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8bf150f6b29d6c9337de6c945a8f63c929b203442040688878bc2753fe13e007
902d323be237aab49171c7c57c503d3aab2368736d357d39291cfed319fffce9
906194a2cff4c0248f38f1745cf565b6df47aa3da80d33c0ad39bbf0006f852b
981971b7e6166d423d14fb3781cc8217630ae5155f075c22c76a54097f2e9828
993a01a274524dba50c7b07aef4f50dcd303f264c2f77f9392d813bb0d161dc4
99d4a64da66e2bf7bdb4e9b815d694b85464be7309461971c6795103ebc81389
9aea3093618b27548c057f4f6db62f89e098e065d078f5be793cdf441c1297a4
9fe7e0f40547a950bbe6f4a592be764f2d443ab95ef38c2bd155ca6c54fdd44e
9ff9cd96a9f2f11ea176a52f9666f61d2191355f63cfc11ff3ef4274b5e748d5
a0cd2ab7853df3e98f678998ec22d2934f6168d4be614c71a6d5409ec96477ac
a63f64a95c05c0ca61d100e0edfb79f02ff1e642fd68268b449b70301401c15f
a6f2b1d1f755da20d765edb29b364078f0f64bb706c5b0ff27120c9c514acbdf
ac2f15fe0f57a252be62b03e0df05429b77748e2838968e3a61c2b5d84264062
b02d9cc8c7d5e00af62a765c55e72c024f554977f933a292fc48fb599880e78b
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6841034671e188e474143fdf82849ce99dcb7a691a87c089e4f72d17ad75af0
b80157edb477ffb8dd1ba3f016e945e6a4e6ef1aa4ce5531b20245279642f55f
bacffc1e968e719467ccd98fb160c2d5f6bb1156eec59096b116441ed673664b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc2ce0dc4385c25b7f345d0bcae055d6708b201f17e4e839b476f9340a5168ca
bfa2821b901c011b6150bf4ebb75cf09f5f207af596e79be9e67f71720361fce
c4afa0955d559b4fbb502950e16c2066f19ca5c2a8cf48ce5daa2c97134d0f46
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d09f119c804529f68719fa435ad759088fa23c41881f20d4e81df67bce75d07c
d26dcb87d74aa1d63d1d3a0dfe97d556078e9ab7d282e100205913af0a42c08b
d52781eab70c4852c5c946f8c0fa83af83217a44a009e73192c27708c9c9178b
d741c9864efb0283f4d4bff91a0d7e2fdf21fc2731f38de2b86c84860be3f6b7
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69bbf1be22253983729287f2ae4bb6196ec4c4876d0d85356ddd45d2e3fd4c2
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
ee0f2215f62f0b0c8eb309bf407b1332a54cebddc041b35dd8770a818384a272
ef088e33bc409e6710cb0a1408fd68c9a0f5843c483d3790e764fb43af5eefae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f127cea189a3e5640a888755ead6623f87d9d6f409b666f7b1ba10a773adac8b
f245a7ea277d8a0ae01ff88ea21b968db402d9ef309bc18b217187d7e82f19a0
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f71f8513a463753871e9718262b40ebfb98aeb07f32b6ced57ef04264ed4b682
f8b0cae8865b4fb637f12ae3b6ecd4e36c237a2e3a38282c936637245c1e1daf
f90be89be3d4730c743b4cf9440da0c081993a30b07934fb581d5bf442e1d7f6
ff2f1c5b4190039add4561e1443f4caffe7f1b0e2f00e33c874d4e012b841083

www.ncp.co.uk Open in urlscan Pro 2606:4700:10::6814:947 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

100 %HTTPS

33 %IPv6

33 Domains

48 Subdomains

39 IPs

6 Countries

1635 kBTransfer

4747 kBSize

10 Cookies

11 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ncp.co.uk Open in urlscan Pro
2606:4700:10::6814:947 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

100 %
HTTPS

33 %
IPv6

33
Domains

48
Subdomains

39
IPs

6
Countries

1635 kB
Transfer

4747 kB
Size

10
Cookies

107 HTTP transactions
0 data transactions