nhradiv3.com Open in urlscan Pro
2606:4700:3036::6815:1b50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nhradiv3.com/
Effective URL:
https://nhradiv3.com/
Submission: On June 01 via manual (June 1st 2023, 1:10:01 am UTC) from US — Scanned from DE

Summary HTTP 257 Redirects Behaviour Indicators

Summary

This website contacted 66 IPs in 8 countries across 52 domains to perform 257 HTTP transactions. The main IP is 2606:4700:3036::6815:1b50, located in United States and belongs to CLOUDFLARENET, US. The main domain is nhradiv3.com.
TLS certificate: Issued by GTS CA 1P5 on May 27th 2023. Valid for: 3 months.

This is the only time nhradiv3.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	2606:4700:303... 2606:4700:3036::6815:1b50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	13.225.78.109 13.225.78.109	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	52.175.198.241 52.175.198.241	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
31	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
11	172.66.41.9 172.66.41.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
3	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.55 13.225.78.55	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:5400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	34.90.79.92 34.90.79.92	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	23.36.237.138 23.36.237.138	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.66.42.247 172.66.42.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	52.218.178.107 52.218.178.107	16509 (AMAZON-02) (AMAZON-02)
20	52.48.129.37 52.48.129.37	16509 (AMAZON-02) (AMAZON-02)
8	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
1 2	147.154.0.190 147.154.0.190	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
12	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	104.18.10.47 104.18.10.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.254.151.120 104.254.151.120	29990 (ASN-APPNEX) (ASN-APPNEX)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
4 4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 1	193.135.9.124 193.135.9.124	48314 (IP-PROJECTS) (IP-PROJECTS)
1 1	193.135.9.135 193.135.9.135	48314 (IP-PROJECTS) (IP-PROJECTS)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 2	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	104.18.24.185 104.18.24.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	213.19.147.43 213.19.147.43	26120 (RHYTHMONE) (RHYTHMONE)
2	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	185.83.142.19 185.83.142.19	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.126.223.209 3.126.223.209	16509 (AMAZON-02) (AMAZON-02)
1	69.166.1.14 69.166.1.14	27630 (AS-XFERNET) (AS-XFERNET)
2	52.29.115.187 52.29.115.187	16509 (AMAZON-02) (AMAZON-02)
2	34.236.219.103 34.236.219.103	14618 (AMAZON-AES) (AMAZON-AES)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f17b:187:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 5	2600:9000:206... 2600:9000:206f:8600:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
18 23	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:ab07:9ca5:134e:3ac3	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	3.74.9.235 3.74.9.235	16509 (AMAZON-02) (AMAZON-02)
1 1	3.124.42.161 3.124.42.161	16509 (AMAZON-02) (AMAZON-02)
1	52.222.214.59 52.222.214.59	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	54.226.177.30 54.226.177.30	14618 (AMAZON-AES) (AMAZON-AES)
1	104.111.217.14 104.111.217.14	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.72.29.236 54.72.29.236	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.39 216.52.2.39	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:3d91:3936:bb0d:1155	16509 (AMAZON-02) (AMAZON-02)
2	52.92.241.168 52.92.241.168	16509 (AMAZON-02) (AMAZON-02)
4	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
2	104.79.25.60 104.79.25.60	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.120.124.247 3.120.124.247	16509 (AMAZON-02) (AMAZON-02)
257	66

32 2606:4700:3036::6815:1b50 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nhradiv3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-109.fra2.r.cloudfront.net

c.jsrdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.175.198.241 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.nhra.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt3003.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-55.fra2.r.cloudfront.net

s.jsrdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:5400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.90.79.92 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 92.79.90.34.bc.googleusercontent.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.237.138 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-237-138.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)

rt3003.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

c5x8i7c7.ssl.hwcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.178.107 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

distroscale.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 52.48.129.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com

i.jsrdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

a.jsrdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.154.0.190 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

t.nhra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.254.151.120 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

lax1-ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.135.9.124 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.135.9.135 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.101 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

ad.sxp.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.43 (Amsterdam, Netherlands)

ASN26120 (RHYTHMONE, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.83.142.19 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.223.209 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-223-209.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.14 (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.115.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-115-187.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.236.219.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-219-103.compute-1.amazonaws.com

reachms.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

distroscale-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f17b:187:face:b00c:0:25de (Saint-Denis, France)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:206f:8600:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 35.204.158.49 (Groningen, Netherlands) 18 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:ab07:9ca5:134e:3ac3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.74.9.235 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-9-235.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.42.161 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-42-161.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-59.fra56.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.226.177.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-226-177-30.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.14 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-14.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.29.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-29-236.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:3d91:3936:bb0d:1155 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.92.241.168 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.79.25.60 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-25-60.deploy.static.akamaitechnologies.com

video-ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.124.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-124-247.eu-central-1.compute.amazonaws.com

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	nhradiv3.com 1 redirects nhradiv3.com	373 KB
30	jsrdn.com c.jsrdn.com — Cisco Umbrella Rank: 22747 s.jsrdn.com — Cisco Umbrella Rank: 23655 i.jsrdn.com — Cisco Umbrella Rank: 24442 a.jsrdn.com — Cisco Umbrella Rank: 9886	131 KB
29	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 689 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 357	356 KB
26	googlesyndication.com 774b6703fb4224b49d3572325510a1a1.safeframe.googlesyndication.com Failed tpc.googlesyndication.com — Cisco Umbrella Rank: 157 pagead2.googlesyndication.com — Cisco Umbrella Rank: 123	174 KB
25	simpli.fi 18 redirects i.simpli.fi — Cisco Umbrella Rank: 3865 um.simpli.fi — Cisco Umbrella Rank: 870	14 KB
17	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 221 stats.g.doubleclick.net — Cisco Umbrella Rank: 111 googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 cm.g.doubleclick.net — Cisco Umbrella Rank: 231 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 351	203 KB
12	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 486	2 MB
12	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 7384 router.infolinks.com — Cisco Umbrella Rank: 2983 rt3003.infolinks.com — Cisco Umbrella Rank: 80405	290 KB
7	hwcdn.net c5x8i7c7.ssl.hwcdn.net — Cisco Umbrella Rank: 32266	233 KB
6	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 2565 d.adroll.com — Cisco Umbrella Rank: 1319	25 KB
6	rubiconproject.com prebid-server.rubiconproject.com — Cisco Umbrella Rank: 975 pixel.rubiconproject.com — Cisco Umbrella Rank: 362 video-ads.rubiconproject.com — Cisco Umbrella Rank: 6273 optimized-by.rubiconproject.com — Cisco Umbrella Rank: 4459	23 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 324	144 KB
5	adnxs-simple.com lax1-ib.adnxs-simple.com — Cisco Umbrella Rank: 19027 cdn.adnxs-simple.com — Cisco Umbrella Rank: 15494	31 KB
5	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 103	2 KB
4	casalemedia.com as-sec.casalemedia.com — Cisco Umbrella Rank: 2002 htlb.casalemedia.com — Cisco Umbrella Rank: 597	2 KB
4	gstatic.com csi.gstatic.com Failed	96 B
4	google.de www.google.de — Cisco Umbrella Rank: 5230 adservice.google.de — Cisco Umbrella Rank: 8155	1 KB
3	openx.net distroscale-d.openx.net — Cisco Umbrella Rank: 34291 us-u.openx.net — Cisco Umbrella Rank: 474	671 B
3	bfmio.com reachms.bfmio.com — Cisco Umbrella Rank: 4160 sync.bfmio.com — Cisco Umbrella Rank: 1532	777 B
3	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 239	3 KB
3	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1068 idsync.rlcdn.com — Cisco Umbrella Rank: 419	498 B
3	amazonaws.com distroscale.s3.amazonaws.com — Cisco Umbrella Rank: 313354 s3-us-west-2.amazonaws.com	96 KB
3	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1167 pixel.quantserve.com — Cisco Umbrella Rank: 941	10 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 741	1 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 1523	2 KB
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2549	853 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 517 d.agkn.com — Cisco Umbrella Rank: 722	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 485	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	36 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 592 eb2.3lift.com — Cisco Umbrella Rank: 402	661 B
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 778	160 B
2	smartclip.net 1 redirects ad.sxp.smartclip.net — Cisco Umbrella Rank: 4496	864 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 365	652 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 680	25 KB
2	nhra.com 1 redirects t.nhra.com — Cisco Umbrella Rank: 754156	1005 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	107 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	115 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	89 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 457	17 KB
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 172	564 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 978	311 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 871	266 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 557	444 B
1	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 1219
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6294	175 B
1	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 2122	727 B
1	1rx.io tag.1rx.io — Cisco Umbrella Rank: 3411	160 B
1	adsafety.net 1 redirects cm.adsafety.net — Cisco Umbrella Rank: 19886	1 KB
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 29390	823 B
1	en25.com img.en25.com — Cisco Umbrella Rank: 6972	3 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1118	633 B
1	nhra.net www.nhra.net	17 KB
257	52

	Domain	Requested by
32	nhradiv3.com	1 redirects nhradiv3.com
23	um.simpli.fi	18 redirects
20	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
20	i.jsrdn.com	nhradiv3.com
18	pagead2.googlesyndication.com	imasdk.googleapis.com blank www.googletagservices.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
12	imasdk.googleapis.com	resources.infolinks.com c5x8i7c7.ssl.hwcdn.net imasdk.googleapis.com s3-us-west-2.amazonaws.com
9	scontent.xx.fbcdn.net	www.facebook.com
8	a.jsrdn.com	nhradiv3.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com
7	c5x8i7c7.ssl.hwcdn.net	c.jsrdn.com c5x8i7c7.ssl.hwcdn.net nhradiv3.com
6	s0.2mdn.net	imasdk.googleapis.com blank
6	securepubads.g.doubleclick.net	nhradiv3.com securepubads.g.doubleclick.net www.googletagservices.com
5	s.adroll.com	1 redirects nhradiv3.com s.adroll.com
5	resources.infolinks.com	nhradiv3.com resources.infolinks.com
4	cm.g.doubleclick.net	4 redirects
4	lax1-ib.adnxs-simple.com	blank cdn.adnxs-simple.com
4	csi.gstatic.com	imasdk.googleapis.com
4	rt3003.infolinks.com	resources.infolinks.com nhradiv3.com
4	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com blank pagead2.googlesyndication.com
4	www.google.com	2 redirects nhradiv3.com tpc.googlesyndication.com
3	ib.adnxs.com	1 redirects nhradiv3.com
3	router.infolinks.com	resources.infolinks.com
3	www.google.de	nhradiv3.com
2	video-ads.rubiconproject.com	imasdk.googleapis.com
2	s3-us-west-2.amazonaws.com	c5x8i7c7.ssl.hwcdn.net s3-us-west-2.amazonaws.com
2	sync.search.spotxchange.com	1 redirects
2	loadm.exelator.com	1 redirects
2	idsync.rlcdn.com
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	www.facebook.com	connect.facebook.net static.xx.fbcdn.net
2	distroscale-d.openx.net	nhradiv3.com
2	reachms.bfmio.com	nhradiv3.com
2	prebid-server.rubiconproject.com	nhradiv3.com
2	htlb.casalemedia.com	nhradiv3.com
2	targeting.unrulymedia.com	nhradiv3.com
2	as-sec.casalemedia.com	js-sec.indexww.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	ad.sxp.smartclip.net	1 redirects googleads.g.doubleclick.net
2	match.adsrvr.org	googleads.g.doubleclick.net js-sec.indexww.com
2	js-sec.indexww.com	c5x8i7c7.ssl.hwcdn.net
2	t.nhra.com	1 redirects nhradiv3.com
2	i.simpli.fi	www.googletagmanager.com i.simpli.fi
2	www.googletagservices.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net
2	pixel.quantserve.com	nhradiv3.com
2	www.googletagmanager.com	nhradiv3.com www.googletagmanager.com
2	connect.facebook.net	nhradiv3.com connect.facebook.net
2	ssl.google-analytics.com	1 redirects nhradiv3.com
1	optimized-by.rubiconproject.com	video-ads.rubiconproject.com
1	d.adroll.com	s.adroll.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	www.googleadservices.com	1 redirects
1	ce.lijit.com
1	bcp.crwdcntrl.net
1	stags.bluekai.com
1	sync.bfmio.com
1	sync.intentiq.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	apex.go.sonobi.com	nhradiv3.com
1	tlx.3lift.com	nhradiv3.com
1	tag.1rx.io	nhradiv3.com
1	api.rlcdn.com	js-sec.indexww.com
1	cm.adsafety.net	1 redirects
1	ads.smartstream.tv	1 redirects
1	cdn.adnxs-simple.com	blank
1	distroscale.s3.amazonaws.com	nhradiv3.com
1	img.en25.com	nhradiv3.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	rules.quantcount.com	secure.quantserve.com
1	s.jsrdn.com	c.jsrdn.com
1	secure.quantserve.com	c.jsrdn.com
1	stats.g.doubleclick.net	1 redirects
1	www.nhra.net	nhradiv3.com
1	c.jsrdn.com	nhradiv3.com
0	774b6703fb4224b49d3572325510a1a1.safeframe.googlesyndication.com Failed	securepubads.g.doubleclick.net
257	80

This site contains no links.

Subject Issuer	Validity	Valid
nhradiv3.com GTS CA 1P5	`2023-05-27` - `2023-08-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.jsrdn.com Amazon RSA 2048 M01	`2023-02-22` - `2023-11-14`	9 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
nhra.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-01` - `2023-12-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-10` - `2023-06-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-15` - `2024-05-14`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
quantserve.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.ssl.hwcdn.net Sectigo RSA Domain Validation Secure Server CA	`2022-12-30` - `2024-01-19`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh
a.jsrdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-02` - `2024-03-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.adnxs-simple.com GeoTrust ECC CA 2018	`2023-02-27` - `2024-03-29`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-28` - `2023-07-29`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.bfmio.com Amazon RSA 2048 M02	`2023-03-17` - `2024-04-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2023-02-24` - `2023-08-01`	5 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2023-12-28`	9 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://nhradiv3.com/
Frame ID: 0F678144EA6471AFF189CADC286C402F
Requests: 129 HTTP requests in this frame

Frame: https://774b6703fb4224b49d3572325510a1a1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5B767CCCFC2D7525FD40F78543F41F71
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3DN84IZ_twwMdnkDSbpzJIHozzpgQd0lclz400aBtsf8pDpb4TH7zqCTv6GZJdTC6BBhXzcjVyJ9mOx-Oq4yZQKYo26OV1YBa_QWG-zHiL2pQdt0WGxjOND8UCBT2SdoTlNYF8Opjof8itgJwQZQT1ROIMSL9dcwYcuY-6W2Ul3ykUORTsh8VXMcxAXbDBeFcyWH_MhyMJRo0e9rQLfS9dhr5uCVwefrwyC4-91IbNBtEwwIhs4H9ca4iqYzlt14uh32bQlEiWAUovfAz71sJ-XgrMJZ0HE0a3fTafFWCKEG75tE7wTpZPyuTv0SCVduacglM1RaEjMIw6g&sai=AMfl-YQbSJlUgyKfeR0XiIiv1Of8VdtkbP8rnHZjNPrDc2D2hy2NQbK2aiEw43YR6bzdCD45TgQ5Szrqf11NLQxcV_Dv6XnY5t1zi1E7ZuD29syULU2AOU0PlmVT9t06fizKTLkaAOBY7qht_emFzsvz&sig=Cg0ArKJSzABdO5sQOAK9EAE&uach_m=[UACH]&adurl=
Frame ID: 06B36D83BEE287BE99500DD3B1E85BE5
Requests: 8 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3315867&wsid=12&pdom=nhradiv3.com&purl=https%3A%2F%2Fnhradiv3.com%2F
Frame ID: 482ABC8B21F5B319F3938DF3C93DE3A4
Requests: 1 HTTP requests in this frame

Frame: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ima_html5/index.html
Frame ID: 53CAE2986E84BE9B899F56C7734CC365
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html
Frame ID: BF7E30310DD5A787D52968FE3A2613A3
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: DBE8BA36111198E83A5483F5E5CB4B4A
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIS-ybUDENP37rcDGL7wg-QBMAE&v=APEucNVDgmmstIaK-pcGBMI018FKMvYdeY8hQTWafBU0qe2snvkqMqVxKfqBPZE4sqpjoX5LdQsZu3HPh1g4ry0iEL-czkxP-TcsW7lBWOce2lRcJ_Y9p2wsrIp8YCjAkjBBCSHewF-DSFc51L-71ee_1g3usBzQF5zj3tt8IHpdhXCQOlEFCSObHI8z5y85x6h5vjFp_CCobKJE2cQ7JyWAuoEkJCdyJhMLMAY52V9OzRdrhPl6kSE
Frame ID: 1A8E478CA656E8A5383517809681A77B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A_AwaJpVCCmuMgdFHXtSl-0lizVDkkCLzpFjTC31FIQ1aP1xxw3W79Rwv0yOJRSeXD2RH6jayS5LPbytCPTemul_8SYJccPa8_zEiZOqVOEf8rDgQ
Frame ID: 2B8A260B613644FCA26480162C56C087
Requests: 20 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html
Frame ID: 19A926CA32E431E334A93971059A8A01
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D486E21F5BE267F5917104E360C33111
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12e9f1084b45ac%26domain%3Dnhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnhradiv3.com%252Ff7bde97f93db3%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Frame ID: 0D11E3EDE15180F2138D2857DE6AAEFF
Requests: 33 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B14DD4A39E1204A23F9F41E5820EB317
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4BB20EB210DEC16C5C39305D240D3E59
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 0C3AB8458E9A6FD159A474878FBED0DC
Requests: 10 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html
Frame ID: 9DD3B627F5484B025D80A33851B5322E
Requests: 1 HTTP requests in this frame

Frame: https://s3-us-west-2.amazonaws.com/distroscale-public/vplayer-parallel/20230426_2128/ima_html5/index.html
Frame ID: 7E203D748EF45F97533C69ACF42BB415
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html
Frame ID: 2DC19C20F3401621E3043F4757A1748C
Requests: 4 HTTP requests in this frame

Frame: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ima_html5/index.html
Frame ID: EB67C751C2279D2ADADCC58895EFD124
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html
Frame ID: 7612A0587C0E140F198E4B3E5E94A631
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 2B34A5D5A7DF258D19D57615A241D64C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://nhradiv3.com/ HTTP 301
https://nhradiv3.com/ Page URL

Page Statistics

257
Requests

89 %
HTTPS

33 %
IPv6

52
Domains

80
Subdomains

66
IPs

8
Countries

4403 kB
Transfer

15797 kB
Size

43
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nhradiv3.com/ HTTP 301
https://nhradiv3.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1925802477&utmhn=nhradiv3.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NHRA%20North%20Central%20Division%20web%20site&utmhid=1044553583&utmr=-&utmp=%2F&utmht=1685581792822&utmac=UA-4277380-18&utmcc=__utma%3D195837427.238229904.1685581793.1685581793.1685581793.1%3B%2B__utmz%3D195837427.1685581793.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=980378637&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4277380-18&cid=238229904.1685581793&jid=980378637&_v=5.7.2&z=1925802477 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4277380-18&cid=238229904.1685581793&jid=980378637&_v=5.7.2&z=1925802477 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4277380-18&cid=238229904.1685581793&jid=980378637&_v=5.7.2&z=1925802477&slf_rd=1&random=3910600343

Request Chain 76

https://t.nhra.com/visitor/v200/svrGP?pps=3&siteid=3690781&ref2=elqNone&tzo=0&ms=558&optin=disabled&firstPartyCookieDomain=t.nhra.com HTTP 302
https://t.nhra.com/visitor/v200/svrGP?pps=3&siteid=3690781&ref2=elqNone&tzo=0&ms=558&optin=disabled&elq1pcGUID=20A3D20DC3F04B8CB79EDB5F607786B9

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEAXl81r7Hk4MJvPrRSDBc9A&google_cver=1 HTTP 302
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEAXl81r7Hk4MJvPrRSDBc9A&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=f118a08da99831fb1610bee727ac0aeb&uid=f118a08da99831fb1610bee727ac0aeb&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOMO6WIX7i8Bhz44nhmfbcc&google_cver=1 HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOMO6WIX7i8Bhz44nhmfbcc&google_cver=1&ang_testid=1

Request Chain 152

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=4677494E04904BBB806CDD3054DB0DE2&dongle=yf3

Request Chain 153

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=4677494E04904BBB806CDD3054DB0DE2

Request Chain 154

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=4677494E04904BBB806CDD3054DB0DE2 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=4677494E04904BBB806CDD3054DB0DE2

Request Chain 155

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=4677494E04904BBB806CDD3054DB0DE2 HTTP 302
https://d.agkn.com/pixel/10751/?che=1685581795502&ip=84.19.175.184&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217123104534000058353 HTTP 302
https://um.simpli.fi/aa_px?sk=217123104534000058353 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 156

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4677494E04904BBB806CDD3054DB0DE2

Request Chain 159

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=4677494E04904BBB806CDD3054DB0DE2;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=4677494E04904BBB806CDD3054DB0DE2;mimetype=img;sr HTTP 302
https://idsync.rlcdn.com/400646.gif?partner_uid=5743841820885795562

Request Chain 160

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=4677494E04904BBB806CDD3054DB0DE2&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=4677494E04904BBB806CDD3054DB0DE2&j=0&xl8blockcheck=1

Request Chain 162

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=4677494E04904BBB806CDD3054DB0DE2

Request Chain 163

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=4677494E04904BBB806CDD3054DB0DE2

Request Chain 164

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=4677494E04904BBB806CDD3054DB0DE2

Request Chain 165

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=4677494E04904BBB806CDD3054DB0DE2

Request Chain 166

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=4677494E04904BBB806CDD3054DB0DE2

Request Chain 167

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1685581795261&cv=7&fst=1685581795261&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1763760051&cv=7&fst=1685581795261&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=4-93ZPahFpaH9u8P6_ixqAE&sscte=1&crd=&pscrd=IhMItp-cwfGg_wIVloP9Bx1rfAwV HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1763760051&cv=7&fst=1685581795261&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMItp-cwfGg_wIVloP9Bx1rfAwV&is_vtc=1&ocp_id=4-93ZPahFpaH9u8P6_ixqAE&cid=CAQSKQBygQiDHnw5yp3TYVw3DdJZdgBCSHGOfsEtJRGQOyqTMoLq8EyiaWit&random=2266270777 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1763760051&cv=7&fst=1685581795261&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMItp-cwfGg_wIVloP9Bx1rfAwV&is_vtc=1&ocp_id=4-93ZPahFpaH9u8P6_ixqAE&cid=CAQSKQBygQiDHnw5yp3TYVw3DdJZdgBCSHGOfsEtJRGQOyqTMoLq8EyiaWit&random=2266270777&ipr=y

Request Chain 168

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=4677494E04904BBB806CDD3054DB0DE2 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=4677494E04904BBB806CDD3054DB0DE2&__user_check__=1&sync_id=053b3688-0019-11ee-a8ff-1fd522ee0206

Request Chain 169

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=4677494E04904BBB806CDD3054DB0DE2 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D4677494E04904BBB806CDD3054DB0DE2

Request Chain 170

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4677494E04904BBB806CDD3054DB0DE2&expires=365

Request Chain 171

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=4677494E04904BBB806CDD3054DB0DE2

Request Chain 172

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEMa8L3ICk9ynzmk-z9BdgyA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4677494E04904BBB806CDD3054DB0DE2 HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 176

https://s.adroll.com/j/pre/CUHVY3OLUVBZPJTAWUVLYM/GGGXQ77VW5D5LL7AURJNOI/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

257 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
nhradiv3.com/
Redirect Chain

http://nhradiv3.com/
https://nhradiv3.com/

21 KB
5 KB

386ms
339ms

Document
text/html

2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3979518840b1deefa53a2f7317b5ca3ccb07dc0a5232da5d7758cf431b1a2a52

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private,private
cf-cache-status: DYNAMIC
cf-ray: 7d0392d8385b5ca4-FRA
content-encoding: br
content-type: text/html
date: Thu, 01 Jun 2023 01:09:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wA2z89WjhkVp%2Br7HKJX9lWvVlvYQ5AEsanaezgvQSfuGgVV2DySM%2Fbse%2BRXHA51zODUEgOjqk0hNzaqHP9i%2BCYOSJDHMCNJPcolRV564nzYEyb1WSMwW3iJEW0SATiAE1LoyaUJZ51T5gU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET

Redirect headers

CF-RAY: 7d0392d7aad99bb3-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 01 Jun 2023 01:09:51 GMT
Expires: Thu, 01 Jun 2023 02:09:51 GMT
Location: https://nhradiv3.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jbjy%2B4%2FZhyC1WoXNpUw%2BK7XDKa60TTf7BoE7GZOFdzMQiHuH9dapqths51d1cb9U8VPZW2Az29ryYrNwNBS14dkVBZ%2FWUZigUsHJ21UyTH7Ude9IWFO6o%2FHuvGCvCl3By1v2cyYBb1PTg5I%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 93ms
36ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: nhradiv3.com
URL: https://nhradiv3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f573cd26ecb8e370a782b167638f5cad48dd1fc7fc1f467e738b63efc704b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25191
x-xss-protection: 0
server: cafe
etag: 651 / 19509 / m202305250101 / config-hash: 15571386564161109570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 01:09:52 GMT

GET
H2 200 scripts.js Show response
nhradiv3.com/inc/ 4 KB
2 KB 335ms
334ms Script
application/x-javascript 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nhradiv3.com/inc/scripts.js
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2201858ed70c2c137b991c9ef55e542211a7321c5ab8b9f5e1ef9459aea16bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:52 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 29 Jan 2004 17:55:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"80a4681291e6c31:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VlhM7TFLaiXLeeufmnzreqyu3FIT6hBFzET%2BOiB6%2FRTZLj8P51N%2FdRV%2FvJ8MlNOCVcWCdxGWzV0TBcCHmiDxl1ChY5S8rBLDVSvHZK3s8gZ%2F6Ze0sCqYvmhCg4gJPz5nCFZynHoSwVOKULY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: private,max-age=3600
cf-ray: 7d0392da696f5ca4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css.js Show response
nhradiv3.com/css/ 947 B
640 B 333ms
332ms Script
application/x-javascript 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nhradiv3.com/css/css.js
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 09bfebef3ab9e81e4d60ce233d1c9c5cfd2adb7691c80a683db41cb66ccc03be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:52 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 04 Apr 2002 00:31:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"807a821470dbc11:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NPI%2BlRMyLV4UcMwFMziKfNctm1htvEJXa7o%2FZ0OR6QEWIEoN04G6iOHeMacrlW6iXg6IQwd%2FUmonWU9hFFBLP3TF0%2FKrOVEeGNUzh9G7uqwiXaDFJMLWGRcAb11p18NFtINSUA1Jmmfljc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: private,max-age=3600
cf-ray: 7d0392da69715ca4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 cs.js Show response
c.jsrdn.com/s/ 60 KB
20 KB 106ms
28ms Script
application/javascript 13.225.78.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.jsrdn.com/s/cs.js?p=23066
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-109.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 253e1b537be3002bedc17fd291a3b3e1bbb1f0f3ca23f2f776fb187cb2d6088e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: Nz4Efns90pL05JadHBOq8.iUxpj7mAHm
content-encoding: gzip
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
date: Wed, 31 May 2023 20:58:51 GMT
x-amz-cf-pop: FRA2-C2
age: 15062
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 20193
last-modified: Tue, 30 May 2023 18:36:55 GMT
server: AmazonS3
etag: "ea49628c974c2dbab9899af1f30063ea"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
x-amz-cf-id: 2PaFa826D3rvGUlVk6zQGxD72P0FIrNSwGT_AJePSZId2VT2l5Ukiw==

GET
H3 200 header01.jpg
nhradiv3.com/images/ 21 KB
21 KB 817ms
813ms Image
image/jpeg 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/header01.jpg
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e5be34f84221bc8adcc1429b74b11bb2d2e8034461a6092e0904826ce353f0f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Fri, 09 Dec 2005 16:12:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0a61063dbfcc51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IboqThbMUCeGqyk3aaNM7Dn9XtDMObA9a08wKVrUR%2FoJ0aN6mq141V4LhvgIK9gFcu3Hfig5fQJBm1nmTSYOCnXCCaHvLjvD2KW7XbTgzdslTjtbERW75XjZl%2FAtpViFs9SU8h0GE%2F1ek2o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e1e1963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21090

GET
H3 200 nav01.jpg
nhradiv3.com/images/ 2 KB
2 KB 333ms
330ms Image
image/jpeg 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/nav01.jpg
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 00f3c1fd33c433a3282b8070325a29a69431d377374753fc9ad68d18a2825876

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Fri, 09 Dec 2005 16:12:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0d34164dbfcc51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F00jNNJfelAs%2F6vz2jh08XDbINjxIyLV%2B%2Bn7usyo3VNDzjVXHLdaaF6vln2S7Jf9wtdHBMdxxNeYS1gXmU5QbrXBgxfkuDIhRCI4fU%2FIUED3Z7PQbliF0T6eHIPJhBSzxxVTeUU3dnlWUQo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e1f1963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1702

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 80ms
22ms Script
text/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: nhradiv3.com
URL: https://nhradiv3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 01 Jun 2023 00:10:26 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 3566
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Thu, 01 Jun 2023 02:10:26 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/ 405 KB
125 KB 26ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f9f532d9791610dfcc4f0902dcac54e5274eec29a675eae9612ad25c4512fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 18:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22783
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128027
x-xss-protection: 0
server: cafe
etag: 5295197450709426467
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 30 May 2024 18:50:09 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 91 B
91 B 77ms
33ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nhradiv3.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8eee926e5449d74f66b603828cb148966727652daa41f7cc47a1ed1cdfd7523f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66
x-xss-protection: 0
expires: Thu, 01 Jun 2023 01:09:52 GMT

GET
H3 200 nav02.jpg
nhradiv3.com/images/ 848 B
1 KB 353ms
349ms Image
image/jpeg 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/nav02.jpg
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2c5d5f321e2acc7f8885685ddea6762577cda47a13aa0b3ca07d599681fcec51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Fri, 09 Dec 2005 16:12:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0d34164dbfcc51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cl9RK1M99Jkhh3myJm%2BsQ%2FPy6jzmupR9hKrJxInyXboexQCHQW6Ymg7h2l1LE4IMBB5ULTmfe%2F%2FC0sqC1wsXzKqpLhRe7lv8Y9HvO2QGJoz17x3GsEKHc8ioLGeY74OECEo2zW5KAEzdp%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e201963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 848

GET
H3 200 nav03.jpg
nhradiv3.com/images/ 1 KB
2 KB 337ms
333ms Image
image/jpeg 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/nav03.jpg
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4f6f93edd526b29a826d8b9574ef738479c04fff574ecb9237d4e76f1e045063

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Fri, 09 Dec 2005 16:12:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8069da64dbfcc51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZ5fgxGjYad6gsMDO1vLyyGCHcR7XLjUDD5VrXbEclDezWFLPTFS8Zeu4vQuH4dodGb%2B3GQFKC1nEyOM0HAjlgVwWaY7OkWqVvFMqGZshiTQSozQSdNLEVqHpvzw8kvPhv2c%2F%2FPgiMLgebk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e211963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1256

GET
H3 200 nav04.jpg
nhradiv3.com/images/ 841 B
1 KB 334ms
330ms Image
image/jpeg 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/nav04.jpg
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 568677ea58d16bdebaa76ea6cb62952dbbf4a424f10c8ed71388da50cd067d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Fri, 09 Dec 2005 16:12:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "007365dbfcc51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9aGYLIZbcsT35YoS6DS%2BnJcAXTdoHGd4YTOwUJRsDDNrL%2FeiUVWZWM%2BK5zkQfWlEp18oZG1xeEoLg7nxfPhc4dvkDhALZJhZUhf0IJgrBEL2TU9uis%2BISPQTdLmOe89RB585K3GGL00c3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e231963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 841

GET
H3 200 nav05.jpg
nhradiv3.com/images/ 1 KB
2 KB 351ms
348ms Image
image/jpeg 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/nav05.jpg
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3755aaf2199e97118e0f6d1e1da5cde26628db0349cb7c6b3f861cdea9c15e8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Fri, 09 Dec 2005 16:12:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "007365dbfcc51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6qgywi8yTTLIy3JLDm0WmUm55ZwBxdEFqPvmZ069kKsOxYcvqNBsSSyXpAMN6XBzneuFGOyJKF9yM%2FjEHcx1dSbm3WooCsw58mUj0DHHqMEsTo%2FwexVatyLNT%2B0jSCDCNKRssoacuGWYbM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e241963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1394

GET
H3 200 nav06.jpg
nhradiv3.com/images/ 997 B
1 KB 349ms
346ms Image
image/jpeg 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/nav06.jpg
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 00f8fe54fe21ece4173951889d11b493a50d91704dffb96704099b8a51d302c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Fri, 09 Dec 2005 16:12:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8096b66dbfcc51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGoUyTnzloGmz78QWLKOYfSOABeQeQsBnhkp1ZQQxmZMCNArwWhYE0KvX63ieqYp%2FzCYosg%2B4IHhkGNmM0FYVVxVZRNx5S8Jb%2Fwc%2BU90N%2BBQWWkQWHsUuhPoTXfx8GnPrs77ALsEdwBp8lI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e251963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 997

GET
H3 200 nav07.jpg
nhradiv3.com/images/ 1 KB
2 KB 340ms
336ms Image
image/jpeg 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/nav07.jpg
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fc91d3398d51237f839282c9442a86327679eb2ae3190e191ea84a5079d6db76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Fri, 09 Dec 2005 16:12:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8096b66dbfcc51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0PZKSsUSSg5pgp%2FU1HMyQcqLf4BPf35Lb%2FA6azlUSkWKxQ5cu5gRiHaugKC%2FD%2B6nST%2FjgRL%2FhNNOQObl%2BGimw8JfOxtV88AvFWjkrZhnFvVcFBHSh5uU%2BGMlmI3eBSpS6kh4NKdE6WH6g2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e261963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1305

GET
H3 200 nav08.jpg
nhradiv3.com/images/ 702 B
1 KB 338ms
334ms Image
image/jpeg 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/nav08.jpg
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c2e04b7d8e9504a713345b02df2bfd5cc241b78f53c1f0eb5ef549d83d84cbbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Fri, 09 Dec 2005 16:12:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "02da466dbfcc51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zlHOrU6PrrikYRsEpR3YeONAk2NnHPPYkT9JFdVzbAWQVSAc5AaiwtLX934Yz27c1nLmFQZ7CrEwRRvgtqlt%2FSoeHIpRKuXYz2dTcpy7bwCID%2F%2BS0VQVPImyli0CgnOiW8kNwEwLJhwCLrE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e271963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 702

GET
H3 200 header02.jpg
nhradiv3.com/images/ 2 KB
3 KB 354ms
350ms Image
image/jpeg 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/header02.jpg
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bde72f76a4afcf1381ae8e7bef6a5a916228798a73944c6b0185a5ff67c9c56a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Fri, 09 Dec 2005 16:12:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "803ca963dbfcc51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKVqa9%2FR%2FyAs1Y2agn3NeRbR%2Bae4RJr3St1anMsx7zJFH%2FRedjlHN8bU1x1fsYDoc7Pifcje2%2BFfp03MsUTlKOx9NYA8zmIva0HcaiJtdVIn0AjnjSdsSrL3yL5PdliOYhATIwiehKtuqdw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e281963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2282

GET
H3 200 header03.jpg
nhradiv3.com/images/ 4 KB
5 KB 492ms
489ms Image
image/jpeg 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/header03.jpg
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8ecd6521c5e5e413b55387d23e819743905d72ffbf5a770805b2373976535947

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Fri, 09 Dec 2005 16:12:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "803ca963dbfcc51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtMc5KJrhP35HI4pxmQG0GL%2BsMGm%2FpH4Nar8pQEnL6%2FaWeVfzF5rSXclT37hUuJB%2FGwuKAH%2FSQkHudcrRx2neA%2BpiBx%2B16lE7wvJgOiByaiQ3%2BWLak5x6TUi1JA8%2B%2Fj%2FdsmdDuEwO7MS6IE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e2c1963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4588

GET
H3 200 Twittericon.png
nhradiv3.com/images/ 3 KB
4 KB 483ms
479ms Image
image/png 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/Twittericon.png
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 885da2a870d07585756c1bc62e0b6c9aa45a799cf7e8646c6dd933fd90587b89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Mon, 19 Nov 2012 23:36:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "806456bcaec6cd1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9D%2FbUQmmukwqbbGekJ8WOS40qJ8F45xU2kqGQUwb3ztEEc1YTbfHab5BVP6vKeqJ9ec1m9oc3Llb6fNeC3MnDhGXSnKQBjMqNFFBbOnQrtxjYQbsChHYdXH62I6TjK2jzkHj7MTFjU0O1NI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e2d1963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3404

GET
H3 200 FBicon.png
nhradiv3.com/images/ 4 KB
4 KB 492ms
488ms Image
image/png 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/FBicon.png
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0feffac770a0daff6a903ae7d752927821130786ca7f678a7710540bae603007

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Mon, 19 Nov 2012 23:33:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "03a8844aec6cd1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5apvTE%2BiXbjU4a%2B53CcbokUfqTypdmjOULZWVbtD2tZPPWi3achXK49aMpPALE6IK6%2F6H0M%2BF76MuG6fjChsHn6ci8bMBR6uppzKvdq%2Bu%2FB1beB0DQ3L85YVld%2FrAa2pZx5GCRlF4jC%2FwY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e2e1963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3871

GET
H3 200 nhratv.png
nhradiv3.com/ 8 KB
9 KB 637ms
634ms Image
image/png 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/nhratv.png
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 66d966aa6b9290ac940d27ec02e524e2c263436de84f9b676e8ba378dfdcc5d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Mon, 18 Feb 2019 23:39:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "806dca2ae3c7d41:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yi%2F6Mg02F4a2AoChm4Dkc%2BUrgKB5dZK%2FQDjJXIyZ9Q0t8nuHM4dpa27%2BEjMfaOmCTGspgrijGWCVbhI2iNS0L0b3jKV5aGUMPXOdR0rSVKfGI5ZW1P9BL0cIYUDgpLD47%2B1J9Eq%2Ba8oiKis%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e301963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8694

GET
H/1.1 200
OK LODRS-livetiming.png
www.nhra.net/images/ 16 KB
17 KB 1179ms
363ms Image
image/png 52.175.198.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nhra.net/images/LODRS-livetiming.png
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.175.198.241 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 6643419773399f35ea4422bfa8f1eaf37bb0d2c1855bbdd5fac482086a1e0b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Thu, 01 Jun 2023 01:09:54 GMT
Last-Modified: Thu, 21 Apr 2016 17:37:45 GMT
Server: Microsoft-IIS/7.5
ETag: "80fa7083f49bd11:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: private,max-age=3600
Accept-Ranges: bytes
Content-Length: 16747

GET
H3 200 left_nav_top.gif
nhradiv3.com/images/ 578 B
1 KB 352ms
349ms Image
image/gif 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/left_nav_top.gif
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bf090ca527777b9180254b2378d59ee5b8072248eae8b2e085ec74d7a3b74400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Fri, 09 Dec 2005 16:13:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0952d70dbfcc51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIXNqgPkHPI5iM2JDcER8H7QQB7WQ1LrhNRcl08NZkKZaYTcOD4OK9MMrniUTOzSZbuptfYBZJnQJSEq5IszdDbDLq2A2CAtLeskcr1dqD6Xp8Gd21U0ZTrwfIhN3XFxZWh2o8WwnLNSDpE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e321963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 578

GET
H3 200 complicno.jpg
nhradiv3.com/images/ 71 KB
71 KB 816ms
813ms Image
image/jpeg 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/complicno.jpg
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d8c5a199bad5eee1aa84028454cc53d4f5e5d869e7a2b6b0faab991a81745cdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Thu, 18 Aug 2016 20:31:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0921c8b8ff9d11:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BI0V4sR3YeL3Mebvphl0tgZMxOVQ6Gr%2FYDFZQjYcubJO5FFhbkUvKs8l4sicxp0YNcTRLKlTVb%2F4eOP%2F61URQ9AKP4zDaWuz8SYV546nI2%2F%2FB2bc4NgHNiOVwMR16FaO6nhhGXvlob%2FMq1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e331963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 72611

GET
H3 200 left_nav_bottom.gif
nhradiv3.com/images/ 428 B
912 B 340ms
336ms Image
image/gif 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/left_nav_bottom.gif
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e730b7b19e0f9a88bc52e42a989d3a9a178391bfc640598342f46adf87e99a27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Fri, 09 Dec 2005 16:13:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "80fe946fdbfcc51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvrqbPOwfHDj757apVXCm0Gtmc57cfPRLSLbyq8j3th5ygBUgSxSLK044bqUfd6PBYvBuxCKUryi8AliU%2BYdB7g%2F2sMo%2FtYY4ftGOHL52wrTF50T9eU9M757jk3xPCIzkdEBqmhe4tuopCw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e341963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 428

GET
H3 200 lucas-oil-products.png
nhradiv3.com/images/ 64 KB
64 KB 836ms
832ms Image
image/png 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/lucas-oil-products.png
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b6aef553184ecd56a40aca2fa3ab1f70be1cd916bba5b9c3ebe76a12d590b3d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Fri, 19 Apr 2019 18:42:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0af95a4dff6d41:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TniPgPZmBVfPGZ1XBFLlUe5uy0dHS%2BXaekvTWDun69D1KGk0M8cM3EtL%2BNuYUOvogD7PsXZrYND3LZv60iultKpXNsCJyWIjnXP5isjLUvqPTTgkl476nmG6LoeQp%2Fo%2Bi5Jn73it4iL%2Bf%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e351963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 65270

GET
H3 200 Summit.png
nhradiv3.com/images/ 30 KB
30 KB 793ms
789ms Image
image/png 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/Summit.png
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c8ad707b5566e617ea5386973198e0f83f91b196d26768b34a0e9f4dffaafb99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Fri, 19 Apr 2019 18:42:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0dcc6a5dff6d41:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRNjR02rrPQ1dUdIbuW%2FR7aLhhxRn3uyABlxzHvsWQmJB7a1VA8MPBnYKuI0rxreMKLFfCSinxQtNuO3gFEfxB2pfBnNe02VKPi4xSrwl4QTeEI3Ankc9DyWAXBJSc%2Fx34CV1QpnTOQYkq0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e361963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30630

GET
H3 200 tande_nhradiv3_banner_sidebar.jpg
nhradiv3.com/images/ 11 KB
12 KB 643ms
639ms Image
image/jpeg 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/tande_nhradiv3_banner_sidebar.jpg
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ff0422891d94af315ddead2900276fc49c69b0830875a8fc5fb9592ffdae63e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Fri, 13 Jul 2012 20:07:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0261c1e3361cd1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcP5Xeq1CCnRZ88Z9tJWiVvxLnK4g6J2eO5y785DiKUb%2BmVtQgQv2LmDkg0iC3bt8Ps%2F2AIlZiWH9AaZroepQeNCEZpluTM3nZHiOAAqf8Sn0gPJrDejb3U%2BpSjUlOLURe40SzeN82vFQk0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e371963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11413

GET
H3 200 oakleyms.png
nhradiv3.com/2018/ 40 KB
41 KB 838ms
834ms Image
image/png 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/2018/oakleyms.png
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 479ddcec56d4346b5b0ca3966649261a722f61d05c5f9de792caed8653f8d6a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Tue, 09 Jan 2018 23:36:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "80ab46b9a289d31:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IF0jxCfOToIb%2F0IxAA5MnPxoqOA61YAhNlFay1%2FORcMs%2B4iWKFXZsHSGptAR80wRd6T54FY2ckgzSwJImrwkTsKsIWzQ5JsF7GesNe7Qr3vch9ArBUIB7L2iekz48Sza%2Bws9W68lXRFuldw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e391963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 41455

GET
H3 200 diamondpiston.jpg
nhradiv3.com/2018/ 36 KB
36 KB 844ms
841ms Image
image/jpeg 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/2018/diamondpiston.jpg
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3cb321beb4e1198c536e26a5539880ea0b01bdb15b4e1c3af20f599dbb3ca1bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Tue, 09 Jan 2018 23:38:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "80b3f5e8a289d31:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8OaoK7dlUUpghWTz%2Fq6n7lf7u%2FyVL0xv5lG5kqY3L3EA0sRAXh7p93TyE44wT8VtPTxIVZ9%2FyRWu7bUH9AXUuTmRdGwLNh12dyf5FMfl%2B4saOcUEl724BfnKuj10Pt8xHDjZWsWtRk8nBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e3b1963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 36443

GET
H3 200 FTI.png
nhradiv3.com/2018/ 41 KB
41 KB 814ms
810ms Image
image/png 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/2018/FTI.png
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5ddf107c589c8b282902b1fc3fede9df1f5bad0aa0fce25890ae9d789c1b5985

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Tue, 09 Jan 2018 23:43:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "05c23a1a389d31:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0jXe%2Bdp5TLGHSb3jhmzW%2FYfySfbV3kg6MEWk06ruGk4mznaetau%2BIa2kYZbbm1LIWhWnenoGbDSP50gtWqrBdmtoZY8b1hWiNPI2%2B2B3JDlsf%2FHTgbM2Ser8zqhTYYowu4B3LRPwqaMw4o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e3c1963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 41943

GET
H3 200 facebook-icon.png
nhradiv3.com/images/ 2 KB
2 KB 349ms
345ms Image
image/png 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/facebook-icon.png
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c079b05f2d85439c3dcd32b4983b8273ed5591525c19d45766e91ad44cf81676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Fri, 26 Aug 2011 18:01:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "016ae1c1a64cc1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1XIaYWDcaRJ5gIdXszARmrC8UlbfSzoPijYbP89disGo7VTLhREwZQcDtUZeC9%2FdsU40yafV70QAH1qpgJ92J%2B9%2FuIpNXLGQolgAzwbP92Y359Wui4tD9ObuMWYk4p%2Bx0RVxI%2FnI4Myx8w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dc8e3f1963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1681

GET
H3 200 email-decode.min.js Show response
nhradiv3.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 23ms
23ms Script
application/javascript 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nhradiv3.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: nhradiv3.com
URL: https://nhradiv3.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 May 2023 08:39:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"646f1eba-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T54l4nElDimRqEZ%2BW0loqi9vLpdUyP%2FbwSf%2BwMHRlOyt1lmEXQs6cTYnqlw5HP7g07V4jW0wucia5mOhfFAws0V%2BaZeEFPqFKzL2XLTb9Vu%2FG%2BxGhXvJ0MY9OCdUoYZXISYnoA7NfPGBAuA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7d0392dc7e141963-FRA
expires: Sat, 03 Jun 2023 01:09:52 GMT

GET
H3 200 inAPCM.asp Show response
nhradiv3.com/apcm/ 5 KB
1 KB 332ms
332ms Script
application/x-javascript 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nhradiv3.com/apcm/inAPCM.asp?z=18&ord=desc&h=10
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 69e67848c14f917c67d3f4178bd1beb31c893dca027e58fc46744a807235d5f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMTWQZ6rTLXJULgNVYfKfTsqKjVEDcaE%2FVGQD6Z4i1XE4UgQ7fjzVgf7miVfpW%2Fbj0B3490UiHYwyyA9JpNSyOs2qOzoQHtasA50sIf7qckZW9VH5h3DsTeolHJA0vWJ%2BOSXCy9aLAZe510%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: private
cf-ray: 7d0392dc7e151963-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jun 2023 01:08:53 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 71ms
21ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: nhradiv3.com
URL: https://nhradiv3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

496d3c9d22cecff0a8832d233a64e1db6ee5c0c9abe80f87843f8bbe35766034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 01 Jun 2023 01:09:52 GMT
content-md5: ZXutii+CRE1fGh2oCw+fQA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: sHC4P4Fygbarf4Yul8qyllkCk8CNBlJi++AdtDzDKKQIg0+r4Ro8bYCIn5HUMk0YFqlh7dTIQ8pLA3UT1tA0Tw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: eea5f2554f3c3fd2887f46cfed70bf8e
cross-origin-opener-policy: same-origin-allow-popups
etag: "76db36962e35d4869faaa7cc5675f2f3"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 01 Jun 2023 01:13:23 GMT

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 4 KB
2 KB 101ms
35ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c370d3d1031ffa74e11fec2c18701213d2b6becea3e2fa47c3d9da52f55bc11c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:52 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 May 2023 07:19:31 GMT
server: cloudflare
age: 6574
etag: W/"e8e-5fccfe86ac0fe"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7d0392dceb5a3a85-FRA
expires: Thu, 01 Jun 2023 00:20:18 GMT

GET
H3 200 netscape.css
nhradiv3.com/css/ 7 KB
1 KB 333ms
333ms Stylesheet
text/css 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nhradiv3.com/css/netscape.css
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/css/css.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8ae9ce416a33c08e0783a802898c49d8a6316985ef7556644b7f5b9f4d4b05fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Fri, 12 Mar 2004 19:42:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8064de186a8c41:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCjqrNfZ3vdqpE43aecTV67%2BuRmtABQ8Ykxd0462Iz3dtNUv%2FqHQlq7PZrU%2FZDYn48tAWnsmL43Ge%2FX6oV3euC5Cf1JkDGsztk6EX91ysPh%2FgdUEgGnmJPpUL1CjYGZexMfolwrTWB7Fbx8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: private,max-age=3600
cf-ray: 7d0392dc7e171963-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1925802477&utmhn=nhradiv3.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4277380-18&cid=238229904.1685581793&jid=980378637&_v=5.7.2&z=1925802477
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4277380-18&cid=238229904.1685581793&jid=980378637&_v=5.7.2&z=1925802477
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4277380-18&cid=238229904.1685581793&jid=980378637&_v=5.7.2&z=1925802477&slf_rd=1&random=3910600343

42 B
408 B

99ms
33ms

Image
image/gif

2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4277380-18&cid=238229904.1685581793&jid=980378637&_v=5.7.2&z=1925802477&slf_rd=1&random=3910600343

Requested by

Host: nhradiv3.com
URL: https://nhradiv3.com/

Protocol

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:53 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4277380-18&cid=238229904.1685581793&jid=980378637&_v=5.7.2&z=1925802477&slf_rd=1&random=3910600343
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 99ms
21ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: c.jsrdn.com
URL: https://c.jsrdn.com/s/cs.js?p=23066
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:52 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 08 Jun 2023 01:09:52 GMT

GET
H2 200 1.js Show response
s.jsrdn.com/s/ 99 KB
25 KB 170ms
94ms Script
text/javascript 13.225.78.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.jsrdn.com/s/1.js?p=23066&r=lqrm&k=dmMJMjAyMzA0MjcJdQk4YmIzOGFhZS1iMmNiLTQ5ZmUtYjE5OS1kNTNjZjU0YjY2NmEJdW4JMQl2CTMzODAzMTc2LWI3MWQtNDdkOC04ZmMzLTRmZjY3YTlkNjllYQlzdglqc3Jkbgl0Zwljcy5qcwlidAkyMDIzLTA2LTAxVDAxOjA5OjUyKzAwOjAwCWRjCXdpbmRvd3MtMTI1MglibAllbi11cwlmdAkJZHcJMTYwMAlkaAkxMjAwCWJjCTEJYnAJMQliZAkyNAlidwkxNjAwCWJoCTEyMDAJZglodHRwczovL25ocmFkaXYzLmNvbS8JdWQJCXBiCTAJcHYJMAlwcQkwCWN3CQlhY3IJdW5kZWZpbmVkCWRyCQlrdwluaHJhIG5vcnRoIGNlbnRyYWwgZGl2aXNpb24gd2ViIHNpdGUJcHJmCXVuZGVmaW5lZA
Requested by: Host: c.jsrdn.com
URL: https://c.jsrdn.com/s/cs.js?p=23066
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-55.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: f692002a8703d45990bbabf1eb52166726fbfc44e532d3cd197ef93480597cc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:52 GMT
content-encoding: gzip
via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: text/javascript
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 25304
x-amz-cf-id: acoodRtVWytitF5t0K5Tlo9FowH-XhGOTemMz-trJpM3dgfyZ8wjhw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 rules-p-w9vzu-sGKCA0U.js Show response
rules.quantcount.com/ 160 B
633 B 137ms
23ms Script
application/javascript 2600:9000:223c:5400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-w9vzu-sGKCA0U.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fa8c88f6fb8c595025a5499c5b965b2a3a0df3049103dedd6c4bd88861f4ab6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 00:55:35 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 860
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:41:48 GMT
server: AmazonS3
etag: "5edf0414e91fcef9b8a461d81ebdac7b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: ChL_UpV0Liub_6l8n49FvSEKiXLLRrijFPDj4HKNFDci6qe9HOEkcQ==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 95ms
30ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nhradiv3.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 85ms
31ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nhradiv3.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
19 KB 63ms
63ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=463469340360963&correlator=2522202701735954&eid=31073865&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fifs&iu_parts=1012245%2CDiv3_Homepage_ATF_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=4285196844&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1685581793060&lmt=1685581793&dlt=1685581792367&idt=421&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fnhradiv3.com%2F&frm=20&vis=1&psz=1600x1200&msz=1600x90&fws=0&ohw=0&ga_vid=238229904.1685581793&ga_sid=1685581793&ga_hid=1044553583&ga_fc=true&ga_wpids=UA-4277380-18

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfc8245507e784d86d3c97171f5491f7a99ea6e8f4f52938e9e13a4db15115e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19175
x-xss-protection: 0
google-lineitem-id: 6226273337
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138422963637
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nhradiv3.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET container.html
774b6703fb4224b49d3572325510a1a1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5B76 0
0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
87 KB 46ms
22ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=277cfb78d4834ca2646e9b99fcb440c6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f7cb03e738e1bfa01cc6c19e65407ecbb5ca67203fdba855382920e87ce397b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://nhradiv3.com/
Origin: https://nhradiv3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 01 Jun 2023 01:09:53 GMT
content-md5: mnP+a5ZoSyHptYxIZq8w8g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88621
x-fb-rlafr: 0
x-fb-debug: g4LKgePAp8o6meF1yc2wH6iAYIUfz0oLnzwhuBXxB2M+puk2iv45JMCDN6AOICXliYPNcXayPsREQQF3R5mSfg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 2a6442694e2bae33414720faec6574a2
cross-origin-opener-policy: same-origin-allow-popups
etag: "fdf0cfd677ed67849b60daa5ee30c14d"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 30 May 2024 22:41:49 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 120 KB
46 KB 91ms
34ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K4XRCD6

Requested by

Host: nhradiv3.com
URL: https://nhradiv3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ce216f6c9e452a698cb3d6db15adec75d2b1909b245ad7a5ea69efb751cfff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46988
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Jun 2023 01:09:53 GMT

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1867.003-3.027/ 186 KB
57 KB 35ms
35ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1867.003-3.027/ice.js
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d640c052242a5bc13404627dd9d603d7b416a519eff053c2d00613ad85362e0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 May 2023 10:54:50 GMT
server: cloudflare
age: 5071
etag: W/"2e87a-5fc5a376e26e4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d0392dedc823a85-FRA
expires: Fri, 30 Jun 2023 23:45:22 GMT

GET
H3 200 left_nav_cell.gif
nhradiv3.com/images/ 2 KB
2 KB 335ms
334ms Image
image/gif 2606:4700:3036::6815:1b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhradiv3.com/images/left_nav_cell.gif
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 28a4cd6f6005a5e95d8621052da5aaf6029eaf28ddcb4b8d7ef4c770ab07053d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
cf-cache-status: BYPASS
last-modified: Fri, 09 Dec 2005 16:13:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0952d70dbfcc51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NED6tzxHjcKTxW88qcqNF%2FIEN8Ac0sOb%2Fsj5y16zU0gSsz4y7KylucO7kojLd8jV%2B5G1nwasCrNUKQISX5uHv9qPzo6vDDhcG0%2BlaAbUtj10UrcKM6rHur5M42QRggXO9EhpnALeUwkOrPA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: private,max-age=3600
accept-ranges: bytes
cf-ray: 7d0392dedfeb1963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1716

GET
H2 200 pixel;r=462600285;labels=pub.23066%2Clang.en-us%2Cdomain.com.nhradiv3.root;rf=0;a=p-w9vzu-sGKCA0U;url=https%3A%2F%2Fnhradiv3.com%2F;uht=2;fpan=1;fpa=P0-1327797255-1685581792935;pbc=;ns=0;ce=1;qjs=1...
pixel.quantserve.com/ 35 B
371 B 32ms
22ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=462600285;labels=pub.23066%2Clang.en-us%2Cdomain.com.nhradiv3.root;rf=0;a=p-w9vzu-sGKCA0U;url=https%3A%2F%2Fnhradiv3.com%2F;uht=2;fpan=1;fpa=P0-1327797255-1685581792935;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=nhradiv3.com;dst=0;et=1685581793099;tzo=0;ogl=;ses=4bc2c877-39af-414b-8f97-d1ae869f7e2b;mdl=

Requested by

Host: nhradiv3.com
URL: https://nhradiv3.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:53 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 06B3 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3DN84IZ_twwMdnkDSbpzJIHozzpgQd0lclz400aBtsf8pDpb4TH7zqCTv6GZJdTC6BBhXzcjVyJ9mOx-Oq4yZQKYo26OV1YBa_QWG-zHiL2pQdt0WGxjOND8UCBT2SdoTlNYF8Opjof8itgJwQZQT1ROIMSL9dcwYcuY-6W2Ul3ykUORTsh8VXMcxAXbDBeFcyWH_MhyMJRo0e9rQLfS9dhr5uCVwefrwyC4-91IbNBtEwwIhs4H9ca4iqYzlt14uh32bQlEiWAUovfAz71sJ-XgrMJZ0HE0a3fTafFWCKEG75tE7wTpZPyuTv0SCVduacglM1RaEjMIw6g&sai=AMfl-YQbSJlUgyKfeR0XiIiv1Of8VdtkbP8rnHZjNPrDc2D2hy2NQbK2aiEw43YR6bzdCD45TgQ5Szrqf11NLQxcV_Dv6XnY5t1zi1E7ZuD29syULU2AOU0PlmVT9t06fizKTLkaAOBY7qht_emFzsvz&sig=Cg0ArKJSzABdO5sQOAK9EAE&uach_m=[UACH]&adurl=

Requested by

Host: nhradiv3.com
URL: https://nhradiv3.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Jun 2023 01:09:53 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/ Frame 06B3 22 KB
9 KB 86ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 14:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40041
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 14:02:32 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame 06B3 3 KB
1 KB 88ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 14:02:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 14:02:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 06B3 171 KB
54 KB 76ms
29ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 01:09:53 GMT

GET
H2 200 11504976314564841190
tpc.googlesyndication.com/simgad/ Frame 06B3 46 KB
46 KB 175ms
114ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11504976314564841190

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3da7e8d360cc2f855497c2d754d3b3b55fe59f7f146a3c4a51d550aaa9b776ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46880
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 20:57:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 31 May 2024 01:09:53 GMT

GET
DATA 200
OK truncated
/ Frame 06B3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ff99874d96af6b0a3f5f871ce2e099eb9e35898aeee4dcf18ae11b99f32c8f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 482A 0
33 B 220ms
202ms Document
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3315867&wsid=12&pdom=nhradiv3.com&purl=https%3A%2F%2Fnhradiv3.com%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1867.003-3.027/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nhradiv3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7d0392dfdcfd3a85-FRA
content-length: 0
date: Thu, 01 Jun 2023 01:09:53 GMT
server: cloudflare
via: 1.1 google

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
35 B 206ms
194ms Script
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3315867&wsid=12&pdom=nhradiv3.com&purl=https%3A%2F%2Fnhradiv3.com%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1867.003-3.027/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d0392dfdcfe3a85-FRA
content-length: 0

GET
H2 200 gsd Show response
router.infolinks.com/ 322 B
524 B 146ms
135ms Script
text/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3315867&wsid=12&pdom=nhradiv3.com&purl=https%3A%2F%2Fnhradiv3.com%2F&jsv=1867.003-3.027&_cb=16855817932360
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1867.003-3.027/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8aa6a792a234ffbda222107b8fab02d2c29a69b321922d709bcf20fa71db8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:53 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/javascript;charset=UTF-8
p3p: CP="NON DSP NID OUR COR"
cache-control: max-age=0
cf-ray: 7d0392dfdcff3a85-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dpx.js Show response
i.simpli.fi/ 3 KB
4 KB 143ms
47ms Script
application/javascript 34.90.79.92
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/dpx.js?cid=62812&action=100&segment=maplegroveracewaysite&m=1&sifi_tuid=35523

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4XRCD6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.90.79.92 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

92.79.90.34.bc.googleusercontent.com

Software

Resource Hash

9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Thu, 01 Jun 2023 01:09:53 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3095
x-request-id: F2RjteKWEGBE8i1Pd1rC
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
69 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-939427171

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4XRCD6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d27fe4404e572a92dd17836d81c652df88c5297b48791782ebaaa05dc0e18fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70225
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Jun 2023 01:09:53 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/939427171/ 3 KB
2 KB 97ms
40ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/939427171/?random=1685581793380&cv=11&fst=1685581793380&bg=ffffff&guid=ON&async=1&gtm=45be35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnhradiv3.com%2F&hn=www.googleadservices.com&frm=0&tiba=NHRA%20North%20Central%20Division%20web%20site&auid=1151444692.1685581793&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-939427171

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62179217f08f5bf963945c3aba16a3f528afd1bf705e219dbc3d8b63e024f3d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1336
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 91ms
27ms Script
application/x-javascript 23.36.237.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: nhradiv3.com
URL: https://nhradiv3.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.36.237.138 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-237-138.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 01 Jun 2023 01:09:53 GMT
Last-Modified: Thu, 06 Apr 2023 15:05:41 GMT
ETag: "12a0ef409968d91:0"
Vary: Accept-Encoding
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jun 2023 01:09:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 06B3 0
0 68ms
64ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxJgXgZUkltBhTqy9X1lT_I5hc3VIlwWDjscmqknfkVxByezNRRh8FD2gj_bqvI-fNj_XSTC-U9rtJv4gHnKQMX0amIqOtf5l28GfeyPKNUWodYM2-x0rElHcTuK7MRr8sQLFkuXCCAGvCfiq2_ucsDNFSdaMBf-OT-iSd0mV1sXPuD87Uah_TjxDG4BHr_crVVrcAOXftANVlTs9EXt609Rr_RePI4ImEii4LZF1OWqDYyMYGiGftuL6nnPST-pmhLikKbWIZFSQvPZZ2BGonJbLSgMcKzeLBDc6cTEFOs4x-0mSHjTzKp3vJzLg8Vew9np1j9Yk-ZSAB9xjz&sai=AMfl-YSxjiABHitHy2PGp6heu6y6eibjx4OPpe4NvgKrpNMjJwYtlggvT-d3ZxAoNYOnyKTF1rFxILkzRTu70JO_Q6xX37fXRCwEAahN0YM3GlIZwxc9CvQdQD_n7-esoh76-0CtN1sFroRG6UPQ7s8N&sig=Cg0ArKJSzAYdNYUU5fjWEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Jun 2023 01:09:53 GMT

POST
H2 200 doq.htm Show response
rt3003.infolinks.com/action/ 1 KB
1 KB 273ms
202ms XHR
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3003.infolinks.com/action/doq.htm?pcode=windows-1252&r=16855817934591
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1867.003-3.027/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43972efaa83c01bf5f5caa29adfea959017eae07c0cd644a278ad9a3fc85a066

Request headers

Referer: https://nhradiv3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://nhradiv3.com
p3p: CP="NON DSP NID OUR COR"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-language: de-DE
cf-ray: 7d0392e1bd2d3a7c-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ds_vplayer_detached.min.js Show response
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ 604 KB
215 KB 98ms
28ms Script
application/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ds_vplayer_detached.min.js
Requested by: Host: c.jsrdn.com
URL: https://c.jsrdn.com/s/cs.js?p=23066
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 4a2deba45ddedf023c085e936d3b039db5e678e2fd9baf6301d8f23466802a2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 21:29:09 GMT
etag: "1682544549"
x-hw: 1685581793.dop225.fr8.t,1685581793.cds274.fr8.hn,1685581793.cds240.fr8.c
content-type: application/javascript
cache-control: max-age=66215
accept-ranges: bytes
content-length: 219325

GET
H/1.1 200
OK nhra.png
distroscale.s3.amazonaws.com/uploads/apps.distroscale.com/dc4087b3d220d289/ 87 KB
87 KB 663ms
228ms Image
image/png 52.218.178.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://distroscale.s3.amazonaws.com/uploads/apps.distroscale.com/dc4087b3d220d289/nhra.png
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.178.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c7297992a1ed78e9c1a6022bbfe2b20b49f6540df4c483d1c1881836ecab3a9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Thu, 01 Jun 2023 01:09:55 GMT
x-amz-version-id: qVW6D31Y07W7CMpzCywKFE_U_RUhYXy.
Last-Modified: Thu, 21 Jul 2022 17:42:06 GMT
Server: AmazonS3
x-amz-request-id: E7MEREHNR0RBJ2DS
ETag: "39b20c21e18a17dd90a862ce2667dcc1"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 88782
x-amz-id-2: rVQBqVvElrYUUyNtBNCLkI3gEolRaGbO7PKhTG2uQjgWn5H7BTXoWxHBQRD4qIYy8ttNL2DBacc=

GET
H2 200 1.gif
i.jsrdn.com/i/ 42 B
281 B 202ms
79ms Image
image/gif 52.48.129.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jsrdn.com/i/1.gif?r=mncr&k=ZQlpbQlhCTY4MQlkCWV1LXdlc3QtMWEJaAlpLTA5MzA3N2RjOTIxNWVmYTFmCXUJOGJiMzhhYWUtYjJjYi00OWZlLWIxOTktZDUzY2Y1NGI2NjZhCXYJMzM4MDMxNzYtYjcxZC00N2Q4LThmYzMtNGZmNjdhOWQ2OWVhCXN2CWpzcmRuCXZsCTIwMjMwNjAxLjAxMDAJdnQJMjAyMzA2MDEuMDEwMAl2cwkyMDIzMDIyMQl2YwkyMDIzMDQyNwlzdAkyMDIzMDYwMS4wMTA5NTIJaQkwNTAzY2M3Ni1hZmIyLTQzZGYtOGEzNS1kYTEzYmE1OGM5YWYJZglodHRwczovL25ocmFkaXYzLmNvbS8JcQliNjU3NTk0YS1lYTljLTRjMTEtYjY4Yi1iNTJmY2NiNzIwMjIJbQkyMjM0MgliCTI2MglnCTQxMAl0CTYwODAJYwk2MTM2CWwJMjEwNDYJegkyMDA4OQlzCTcwOTMJcAkyMzA2Ngl3CWVudGVydGFpbm1lbnQJY3MJSUFCMQljegkJZ2MJREUJZ3IJTlcJZ2QJZmFsc2UJZ24JQ29ycG9yYXRlCW5lCWl2CW5kCWl2CXNkCW5ocmFkaXYzLmNvbQlzZQkzMjQzOTAzMTY2CW1jCTEwMTIyNDUJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgk0NTE1CXZuCTIyODA4MDY
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.129.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:53 GMT
server: Apache
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dslogo_sm.png
a.jsrdn.com/creatives/site_logos/ 2 KB
2 KB 111ms
23ms Image
image/png 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.jsrdn.com/creatives/site_logos/dslogo_sm.png
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 5ea71bd07e560ea69f4bf12e5e48de530ce4a977ee361ed45ddcb581b060fd6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
last-modified: Tue, 11 Apr 2017 20:07:40 GMT
etag: "1491941260"
x-hw: 1685581793.dop231.fr8.t,1685581793.cds328.fr8.hn,1685581793.cds318.fr8.c
content-type: image/png
cache-control: max-age=55224
accept-ranges: bytes
content-length: 2119

GET
H2 200 1.gif
i.jsrdn.com/i/ 42 B
282 B 174ms
52ms Image
image/gif 52.48.129.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jsrdn.com/i/1.gif?r=elqz&k=ZQlyZAlhCTY4NQlkCWV1LXdlc3QtMWEJaAlpLTA5MzA3N2RjOTIxNWVmYTFmCXUJOGJiMzhhYWUtYjJjYi00OWZlLWIxOTktZDUzY2Y1NGI2NjZhCXYJMzM4MDMxNzYtYjcxZC00N2Q4LThmYzMtNGZmNjdhOWQ2OWVhCXN2CWpzcmRuCXZsCTIwMjMwNjAxLjAxMDAJdnQJMjAyMzA2MDEuMDEwMAl2cwkyMDIzMDIyMQl2YwkyMDIzMDQyNwlzdAkyMDIzMDYwMS4wMTA5NTIJaQkwNTAzY2M3Ni1hZmIyLTQzZGYtOGEzNS1kYTEzYmE1OGM5YWYJZglodHRwczovL25ocmFkaXYzLmNvbS8JcQliNjU3NTk0YS1lYTljLTRjMTEtYjY4Yi1iNTJmY2NiNzIwMjIJbQkyMjM0MgliCTI2MglnCTQxMAl0CTYwODAJYwk2MTM2CWwJMjEwNDYJegkyMDA4OQlzCTcwOTMJcAkyMzA2Ngl3CWVudGVydGFpbm1lbnQJY3MJSUFCMQljegkJZ2MJREUJZ3IJTlcJZ2QJZmFsc2UJZ24JQ29ycG9yYXRlCW5lCWl2CW5kCWl2CXNkCW5ocmFkaXYzLmNvbQlzZQkzMjQzOTAzMTY2CW1jCTEwMTIyNDUJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgk0NTE1CXZuCTIyODA4MDY
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.129.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:53 GMT
server: Apache
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 1.gif
i.jsrdn.com/i/ 42 B
281 B 176ms
54ms Image
image/gif 52.48.129.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jsrdn.com/i/1.gif?r=5sl8&k=ZQlodglhCTY4NglkCWV1LXdlc3QtMWEJaAlpLTA5MzA3N2RjOTIxNWVmYTFmCXUJOGJiMzhhYWUtYjJjYi00OWZlLWIxOTktZDUzY2Y1NGI2NjZhCXYJMzM4MDMxNzYtYjcxZC00N2Q4LThmYzMtNGZmNjdhOWQ2OWVhCXN2CWpzcmRuCXZsCTIwMjMwNjAxLjAxMDAJdnQJMjAyMzA2MDEuMDEwMAl2cwkyMDIzMDIyMQl2YwkyMDIzMDQyNwlzdAkyMDIzMDYwMS4wMTA5NTIJaQkwNTAzY2M3Ni1hZmIyLTQzZGYtOGEzNS1kYTEzYmE1OGM5YWYJZglodHRwczovL25ocmFkaXYzLmNvbS8JcQliNjU3NTk0YS1lYTljLTRjMTEtYjY4Yi1iNTJmY2NiNzIwMjIJbQkyMjM0MgliCTI2MglnCTQxMAl0CTYwODAJYwk2MTM2CWwJMjEwNDYJegkyMDA4OQlzCTcwOTMJcAkyMzA2Ngl3CWVudGVydGFpbm1lbnQJY3MJSUFCMQljegkJZ2MJREUJZ3IJTlcJZ2QJZmFsc2UJZ24JQ29ycG9yYXRlCW5lCWl2CW5kCWl2CXNkCW5ocmFkaXYzLmNvbQlzZQkzMjQzOTAzMTY2CW1jCTEwMTIyNDUJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgk0NTE1CXZuCTIyODA4MDY
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.129.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:53 GMT
server: Apache
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 1.gif
i.jsrdn.com/i/ 42 B
281 B 180ms
59ms Image
image/gif 52.48.129.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jsrdn.com/i/1.gif?r=bioe&k=ZQl3cwlhCTY5NglkCWV1LXdlc3QtMWEJaAlpLTA5MzA3N2RjOTIxNWVmYTFmCXUJOGJiMzhhYWUtYjJjYi00OWZlLWIxOTktZDUzY2Y1NGI2NjZhCXYJMzM4MDMxNzYtYjcxZC00N2Q4LThmYzMtNGZmNjdhOWQ2OWVhCXN2CWpzcmRuCXZsCTIwMjMwNjAxLjAxMDAJdnQJMjAyMzA2MDEuMDEwMAl2cwkyMDIzMDIyMQl2YwkyMDIzMDQyNwlzdAkyMDIzMDYwMS4wMTA5NTIJaQkwNTAzY2M3Ni1hZmIyLTQzZGYtOGEzNS1kYTEzYmE1OGM5YWYJZglodHRwczovL25ocmFkaXYzLmNvbS8JcQliNjU3NTk0YS1lYTljLTRjMTEtYjY4Yi1iNTJmY2NiNzIwMjIJbQkyMjM0MgliCTI2MglnCTQxMAl0CTYwODAJYwk2MTM2CWwJMjEwNDYJegkyMDA4OQlzCTcwOTMJcAkyMzA2Ngl3CWVudGVydGFpbm1lbnQJY3MJSUFCMQljegkJZ2MJREUJZ3IJTlcJZ2QJZmFsc2UJZ24JQ29ycG9yYXRlCW5lCWl2CW5kCWl2CXNkCW5ocmFkaXYzLmNvbQlzZQkzMjQzOTAzMTY2CW1jCTEwMTIyNDUJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgk0NTE1CXZuCTIyODA4MDYJd3MJMDA6IHNpemUgODAwLDQ1MA
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.129.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:53 GMT
server: Apache
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 1.gif
i.jsrdn.com/i/ 42 B
281 B 178ms
56ms Image
image/gif 52.48.129.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jsrdn.com/i/1.gif?r=clf4&k=ZQl3dwlhCTY5OAlkCWV1LXdlc3QtMWEJaAlpLTA5MzA3N2RjOTIxNWVmYTFmCXUJOGJiMzhhYWUtYjJjYi00OWZlLWIxOTktZDUzY2Y1NGI2NjZhCXYJMzM4MDMxNzYtYjcxZC00N2Q4LThmYzMtNGZmNjdhOWQ2OWVhCXN2CWpzcmRuCXZsCTIwMjMwNjAxLjAxMDAJdnQJMjAyMzA2MDEuMDEwMAl2cwkyMDIzMDIyMQl2YwkyMDIzMDQyNwlzdAkyMDIzMDYwMS4wMTA5NTIJaQkwNTAzY2M3Ni1hZmIyLTQzZGYtOGEzNS1kYTEzYmE1OGM5YWYJZglodHRwczovL25ocmFkaXYzLmNvbS8JcQliNjU3NTk0YS1lYTljLTRjMTEtYjY4Yi1iNTJmY2NiNzIwMjIJbQkyMjM0MgliCTI2MglnCTQxMAl0CTYwODAJYwk2MTM2CWwJMjEwNDYJegkyMDA4OQlzCTcwOTMJcAkyMzA2Ngl3CWVudGVydGFpbm1lbnQJY3MJSUFCMQljegkJZ2MJREUJZ3IJTlcJZ2QJZmFsc2UJZ24JQ29ycG9yYXRlCW5lCWl2CW5kCWl2CXNkCW5ocmFkaXYzLmNvbQlzZQkzMjQzOTAzMTY2CW1jCTEwMTIyNDUJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgk0NTE1CXZuCTIyODA4MDYJd3cJR0RQUjoxOjowOkNDUEE6MDo
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.129.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:53 GMT
server: Apache
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 1.gif
i.jsrdn.com/i/ 42 B
281 B 174ms
53ms Image
image/gif 52.48.129.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jsrdn.com/i/1.gif?r=b3zr&k=ZQltYwlhCTY5OAlkCWV1LXdlc3QtMWEJaAlpLTA5MzA3N2RjOTIxNWVmYTFmCXUJOGJiMzhhYWUtYjJjYi00OWZlLWIxOTktZDUzY2Y1NGI2NjZhCXYJMzM4MDMxNzYtYjcxZC00N2Q4LThmYzMtNGZmNjdhOWQ2OWVhCXN2CWpzcmRuCXZsCTIwMjMwNjAxLjAxMDAJdnQJMjAyMzA2MDEuMDEwMAl2cwkyMDIzMDIyMQl2YwkyMDIzMDQyNwlzdAkyMDIzMDYwMS4wMTA5NTIJaQkwNTAzY2M3Ni1hZmIyLTQzZGYtOGEzNS1kYTEzYmE1OGM5YWYJZglodHRwczovL25ocmFkaXYzLmNvbS8JcQliNjU3NTk0YS1lYTljLTRjMTEtYjY4Yi1iNTJmY2NiNzIwMjIJbQkyMjM0MgliCTI2MglnCTQxMAl0CTYwODAJYwk2MTM2CWwJMjEwNDYJegkyMDA4OQlzCTcwOTMJcAkyMzA2Ngl3CWVudGVydGFpbm1lbnQJY3MJSUFCMQljegkJZ2MJREUJZ3IJTlcJZ2QJZmFsc2UJZ24JQ29ycG9yYXRlCW5lCWl2CW5kCWl2CXNkCW5ocmFkaXYzLmNvbQlzZQkzMjQzOTAzMTY2CW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JNDUxNQl2bgkyMjgwODA2CW1jCWFscmVhZHksLy9wdWJhZHMuZy5kb3VibGVjbGljay5uZXQvZ2FtcGFkL2Fkcz9pdT0vMjE4NzQxNTUxMzMsMTAxMjI0NS8yMzA2Nl8yMDgzNzQyMDY5JmRlc2NyaXB0aW9uX3VybD1odHRwcyUzQSUyRiUyRm5ocmFkaXYzLmNvbSUyRiZ0ZmNkPTAmbnBhPTAmc3o9NjQweDQ4MCU3QzEyODB4NzIwJTdDMTkyMHgxMDgwJTdDNDAweDMwMCZjdXN0X3BhcmFtcz1kc21jbSUzRDElMjZkc2QlM0RuaHJhZGl2My5jb20mZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmVudj12cCZpbXBsPXMmY29ycmVsYXRvcj00OTAxODAmZ2Rwcj0xJmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.129.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:53 GMT
server: Apache
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 1.gif
i.jsrdn.com/i/ 42 B
281 B 86ms
78ms Image
image/gif 52.48.129.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jsrdn.com/i/1.gif?r=59ih&k=ZQltYwlhCTY5OAlkCWV1LXdlc3QtMWEJaAlpLTA5MzA3N2RjOTIxNWVmYTFmCXUJOGJiMzhhYWUtYjJjYi00OWZlLWIxOTktZDUzY2Y1NGI2NjZhCXYJMzM4MDMxNzYtYjcxZC00N2Q4LThmYzMtNGZmNjdhOWQ2OWVhCXN2CWpzcmRuCXZsCTIwMjMwNjAxLjAxMDAJdnQJMjAyMzA2MDEuMDEwMAl2cwkyMDIzMDIyMQl2YwkyMDIzMDQyNwlzdAkyMDIzMDYwMS4wMTA5NTIJaQkwNTAzY2M3Ni1hZmIyLTQzZGYtOGEzNS1kYTEzYmE1OGM5YWYJZglodHRwczovL25ocmFkaXYzLmNvbS8JcQliNjU3NTk0YS1lYTljLTRjMTEtYjY4Yi1iNTJmY2NiNzIwMjIJbQkyMjM0MgliCTI2MglnCTQxMAl0CTYwODAJYwk2MTM2CWwJMjEwNDYJegkyMDA4OQlzCTcwOTMJcAkyMzA2Ngl3CWVudGVydGFpbm1lbnQJY3MJSUFCMQljegkJZ2MJREUJZ3IJTlcJZ2QJZmFsc2UJZ24JQ29ycG9yYXRlCW5lCWl2CW5kCWl2CXNkCW5ocmFkaXYzLmNvbQlzZQkzMjQzOTAzMTY2CW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JNDUxNQl2bgkyMjgwODA2CW1jCWRmcF9tY21fLC8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM_aXU9LzM0MjMwMTA5LDEwMTIyNDUvMjMwNjZfNzcxNjU2MjE2OCZkZXNjcmlwdGlvbl91cmw9aHR0cHMlM0ElMkYlMkZuaHJhZGl2My5jb20lMkYmdGZjZD0wJm5wYT0wJnN6PTY0MHg0ODAlN0MxMjgweDcyMCU3QzE5MjB4MTA4MCU3QzQwMHgzMDAmY3VzdF9wYXJhbXM9ZHNtY20lM0QxJTI2ZHNkJTNEbmhyYWRpdjMuY29tJmdkZnBfcmVxPTEmb3V0cHV0PXZhc3QmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZlbnY9dnAmaW1wbD1zJmNvcnJlbGF0b3I9Nzg1Nzk3JmdkcHI9X19JU19HRFBSX18mZ2Rwcl9jb25zZW50PV9fR0RQUl9DT05TRU5UX18mdXNfcHJpdmFjeT1fX0NDUEFfRkxBR19f
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.129.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:53 GMT
server: Apache
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pixel;r=1251058643;labels=campaign.22342.262.410.6080;event=refresh;rf=0;a=p-w9vzu-sGKCA0U;url=https%3A%2F%2Fnhradiv3.com%2F;uht=2;fpan=1;fpa=P0-1327797255-1685581792935;pbc=;ns=0;ce=1;qjs=1;qv=c81...
pixel.quantserve.com/ 35 B
210 B 26ms
26ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1251058643;labels=campaign.22342.262.410.6080;event=refresh;rf=0;a=p-w9vzu-sGKCA0U;url=https%3A%2F%2Fnhradiv3.com%2F;uht=2;fpan=1;fpa=P0-1327797255-1685581792935;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=nhradiv3.com;dst=0;et=1685581793556;tzo=0;ogl=;ses=4bc2c877-39af-414b-8f97-d1ae869f7e2b;mdl=

Requested by

Host: nhradiv3.com
URL: https://nhradiv3.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 01 Jun 2023 01:09:53 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

svrGP
t.nhra.com/visitor/v200/
Redirect Chain

https://t.nhra.com/visitor/v200/svrGP?pps=3&siteid=3690781&ref2=elqNone&tzo=0&ms=558&optin=disabled&firstPartyCookieDomain=t.nhra.com
https://t.nhra.com/visitor/v200/svrGP?pps=3&siteid=3690781&ref2=elqNone&tzo=0&ms=558&optin=disabled&elq1pcGUID=20A3D20DC3F04B8CB79EDB5F607786B9

49 B
505 B

178ms
178ms

Image
image/gif

147.154.0.190
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.nhra.com/visitor/v200/svrGP?pps=3&siteid=3690781&ref2=elqNone&tzo=0&ms=558&optin=disabled&elq1pcGUID=20A3D20DC3F04B8CB79EDB5F607786B9

Requested by

Host: nhradiv3.com
URL: https://nhradiv3.com/

Protocol

HTTP/1.1

Server

147.154.0.190 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 01:09:55 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 01:09:54 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://t.nhra.com/visitor/v200/svrGP?pps=3&siteid=3690781&ref2=elqNone&tzo=0&ms=558&optin=disabled&elq1pcGUID=20A3D20DC3F04B8CB79EDB5F607786B9
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 284
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 /
www.google.com/pagead/1p-user-list/939427171/ 42 B
165 B 35ms
34ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/939427171/?random=1685581793380&cv=11&fst=1685581200000&bg=ffffff&guid=ON&async=1&gtm=45be35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnhradiv3.com%2F&frm=0&tiba=NHRA%20North%20Central%20Division%20web%20site&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1875896077&rmt_tld=0&ipr=y

Requested by

Host: nhradiv3.com
URL: https://nhradiv3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/939427171/ 42 B
154 B 36ms
35ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/939427171/?random=1685581793380&cv=11&fst=1685581200000&bg=ffffff&guid=ON&async=1&gtm=45be35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnhradiv3.com%2F&frm=0&tiba=NHRA%20North%20Central%20Division%20web%20site&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1875896077&rmt_tld=1&ipr=y

Requested by

Host: nhradiv3.com
URL: https://nhradiv3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ima_html5/ Frame 53CA 21 KB
7 KB 25ms
25ms Document
text/html 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ima_html5/index.html
Requested by: Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ds_vplayer_detached.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 6395e8bd3c20d6fa5091a8aa3115a117c563df4de3d633ddd3ac29c850ad7a82

Request headers

Referer: https://nhradiv3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=66178
content-encoding: gzip
content-length: 7092
content-type: text/html
date: Thu, 01 Jun 2023 01:09:53 GMT
etag: "1682544585"
last-modified: Wed, 26 Apr 2023 21:29:45 GMT
x-hw: 1685581793.dop225.fr8.t,1685581793.cds274.fr8.hn,1685581793.cds285.fr8.c

GET
DATA 200
OK truncated
/ 226 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e8db71249f82bb7584f1a2b6744275d18a4b5940ec8d48da133c65e81d5a23b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dgv_nhra_trending_articles_20230531063512_6476e8dde96d3_new.jpg
a.jsrdn.com/videos/23066/dgv_nhra/20230531063512_6476e8dde96d3/ 15 KB
15 KB 25ms
24ms Image
image/jpeg 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.jsrdn.com/videos/23066/dgv_nhra/20230531063512_6476e8dde96d3/dgv_nhra_trending_articles_20230531063512_6476e8dde96d3_new.jpg
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: e98ad77b3a42317d52aa5cb283c9db348c74e8ef89350475d6d614352d5e10f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
last-modified: Wed, 31 May 2023 06:35:15 GMT
etag: "1685514915"
x-hw: 1685581793.dop231.fr8.t,1685581793.cds328.fr8.hn,1685581793.cds270.fr8.c
content-type: image/jpeg
cache-control: max-age=20233
accept-ranges: bytes
content-length: 15543

GET
H2 206 dgv_nhra_trending_articles_20230531063512_6476e8dde96d3_new.mp4
a.jsrdn.com/videos/23066/dgv_nhra/20230531063512_6476e8dde96d3/ 35 KB
0 27ms
27ms Media
video/mp4 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.jsrdn.com/videos/23066/dgv_nhra/20230531063512_6476e8dde96d3/dgv_nhra_trending_articles_20230531063512_6476e8dde96d3_new.mp4
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash

Request headers

Referer: https://nhradiv3.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
last-modified: Wed, 31 May 2023 06:35:14 GMT
etag: "1685514914"
x-hw: 1685581793.dop231.fr8.t,1685581793.cds328.fr8.hn,1685581793.cds258.fr8.c
content-type: video/mp4
Content-Range: bytes 0-4122559/4122560
cache-control: max-age=23660
accept-ranges: bytes
Content-Length: 4122560

GET
H2 200 in_search.js Show response
resources.infolinks.com/js/1867.003-3.027/ 225 KB
89 KB 38ms
35ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1867.003-3.027/in_search.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1867.003-3.027/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dd2e35c345a092f3e1444855a4906f005229a2bd76f6a1d1d22c6abf9c0e074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 May 2023 10:54:50 GMT
server: cloudflare
age: 201
etag: W/"382f5-5fc5a376e26e4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d0392e30e9e3a85-FRA
expires: Sat, 01 Jul 2023 01:06:32 GMT

GET
H2 200 bubble.js Show response
resources.infolinks.com/js/1867.003-3.027/ 156 KB
46 KB 61ms
58ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1867.003-3.027/bubble.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1867.003-3.027/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca4232df7f0b2be10757316e83ed33aeeab0e20bc7cab28bd9c22e01008d3625

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 May 2023 10:54:50 GMT
server: cloudflare
age: 4175
etag: W/"2706f-5fc5a376e22fc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d0392e30e9f3a85-FRA
expires: Sat, 01 Jul 2023 00:00:18 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 361 KB
120 KB 130ms
55ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1867.003-3.027/ice.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123025
x-xss-protection: 0
expires: Thu, 01 Jun 2023 01:09:53 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 53CA 361 KB
121 KB 93ms
33ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ima_html5/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5x8i7c7.ssl.hwcdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123025
x-xss-protection: 0
expires: Thu, 01 Jun 2023 01:09:53 GMT

GET
H2 206 minimal.mp4
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ima_html5/ Frame 53CA 843 B
997 B 27ms
26ms Media
video/mp4 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ima_html5/minimal.mp4
Requested by: Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ima_html5/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ima_html5/index.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
last-modified: Wed, 26 Apr 2023 21:29:46 GMT
etag: "1682544586"
x-hw: 1685581793.dop225.fr8.t,1685581793.cds274.fr8.hn,1685581793.cds273.fr8.c
content-type: video/mp4
Content-Range: bytes 0-842/843
cache-control: max-age=66177
accept-ranges: bytes
Content-Length: 843

GET
H2 206 dgv_nhra_trending_articles_20230531063512_6476e8dde96d3_new.mp4
a.jsrdn.com/videos/23066/dgv_nhra/20230531063512_6476e8dde96d3/ 64 KB
0 57ms
56ms Media
video/mp4 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.jsrdn.com/videos/23066/dgv_nhra/20230531063512_6476e8dde96d3/dgv_nhra_trending_articles_20230531063512_6476e8dde96d3_new.mp4
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash

Request headers

Referer: https://nhradiv3.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=3997696-

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
last-modified: Wed, 31 May 2023 06:35:14 GMT
etag: "1685514914"
x-hw: 1685581793.dop231.fr8.t,1685581793.cds328.fr8.hn,1685581793.cds258.fr8.c
content-type: video/mp4
Content-Range: bytes 3997696-4122559/4122560
cache-control: max-age=23660
accept-ranges: bytes
Content-Length: 124864

GET
H2 200 getads.htm Show response
rt3003.infolinks.com/action/ 18 KB
8 KB 461ms
460ms Script
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3003.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22news%22%2C%22scs%22%3A%224w-K8U_S6T%22%7D%5D&rid=c9ddc1c8-843b-4cfb-8824-91857c57974b&jsv=1867.003-3.027&sr=1600X1200&rts=1685581793829&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=114.0.5735.90&dv=p&ce=t&purl=https%3A%2F%2Fnhradiv3.com%2F&tzo=-0000&c=c&strg=true&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=f5RYBhizCBfJnKjQelKfiTvv8v_wJbebzouJdMs1j2-_UYs9T8wedVRtNtYQKFz9EoSl3IMVGO_EFK8m6ZQdY1kTGy1Sxp1ys6pCtkams9bKolPVspYNW53WFA88FCRpRPCWDCMumosiD3O0Fu9EWIaH4ys8zn0l&rsk=96&rcs=o7A0Sms0dLFp_vZB67UzZQ&cuid=8b8b2da4-af8e-4ee0-80d1-48a5746c094d&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1867.003-3.027/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a22d662d16f48b6a8f1cf19f87f9b1aa83cd5a87af78836d11acb21698e660e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
content-language: de-DE
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 7d0392e38ed53a85-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET dgv_nhra_trending_articles_20230531063512_6476e8dde96d3_new.mp4
a.jsrdn.com/videos/23066/dgv_nhra/20230531063512_6476e8dde96d3/ 0
0

GET
H2 206 dgv_nhra_trending_articles_20230531063512_6476e8dde96d3_new.mp4
a.jsrdn.com/videos/23066/dgv_nhra/20230531063512_6476e8dde96d3/ 58 KB
58 KB 25ms
24ms Media
video/mp4 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.jsrdn.com/videos/23066/dgv_nhra/20230531063512_6476e8dde96d3/dgv_nhra_trending_articles_20230531063512_6476e8dde96d3_new.mp4
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 69f6158678ef4633ca6da3612392993b4e9ce0c6d966cfd75d802d1d235e9652

Request headers

Referer: https://nhradiv3.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=4063232-

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
last-modified: Wed, 31 May 2023 06:35:14 GMT
etag: "1685514914"
x-hw: 1685581793.dop231.fr8.t,1685581793.cds328.fr8.hn,1685581793.cds258.fr8.c
content-type: video/mp4
Content-Range: bytes 4063232-4122559/4122560
cache-control: max-age=23660
accept-ranges: bytes
Content-Length: 59328

GET
H2 206 dgv_nhra_trending_articles_20230531063512_6476e8dde96d3_new.mp4
a.jsrdn.com/videos/23066/dgv_nhra/20230531063512_6476e8dde96d3/ 4 MB
0 29ms
27ms Media
video/mp4 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.jsrdn.com/videos/23066/dgv_nhra/20230531063512_6476e8dde96d3/dgv_nhra_trending_articles_20230531063512_6476e8dde96d3_new.mp4
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash

Request headers

Referer: https://nhradiv3.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=32768-

Response headers

date: Thu, 01 Jun 2023 01:09:53 GMT
last-modified: Wed, 31 May 2023 06:35:14 GMT
etag: "1685514914"
x-hw: 1685581793.dop231.fr8.t,1685581793.cds328.fr8.hn,1685581793.cds258.fr8.c
content-type: video/mp4
Content-Range: bytes 32768-4122559/4122560
cache-control: max-age=23660
accept-ranges: bytes
Content-Length: 4089792

GET
H2 200 vidice.js Show response
resources.infolinks.com/js/vidice/2.0/ 333 KB
86 KB 43ms
43ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/vidice/2.0/vidice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1867.003-3.027/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:54 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 20 Mar 2023 11:31:12 GMT
server: cloudflare
age: 798
etag: W/"5344d-5f75343a1bcf7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d0392e46f4d3a85-FRA
expires: Sat, 01 Jul 2023 00:56:35 GMT

GET
H2 200 bridge3.575.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame BF7E 707 KB
226 KB 25ms
23ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f19114fc66ef2ca455dc1b7e93be045b3698a3f291312e951b163473fbf6980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c5x8i7c7.ssl.hwcdn.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40165
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231096
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 14:00:29 GMT
expires: Thu, 30 May 2024 14:00:29 GMT
last-modified: Mon, 22 May 2023 19:34:41 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 53CA 44 KB
17 KB 95ms
37ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5x8i7c7.ssl.hwcdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Jun 2023 01:09:54 GMT

GET
H2 200 1.gif
i.jsrdn.com/i/ 42 B
281 B 61ms
59ms Image
image/gif 52.48.129.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jsrdn.com/i/1.gif?r=nbds&k=ZQl3YQlhCTExODQJZAlldS13ZXN0LTFhCWgJaS0wOTMwNzdkYzkyMTVlZmExZgl1CThiYjM4YWFlLWIyY2ItNDlmZS1iMTk5LWQ1M2NmNTRiNjY2YQl2CTMzODAzMTc2LWI3MWQtNDdkOC04ZmMzLTRmZjY3YTlkNjllYQlzdglqc3Jkbgl2bAkyMDIzMDYwMS4wMTAwCXZ0CTIwMjMwNjAxLjAxMDAJdnMJMjAyMzAyMjEJdmMJMjAyMzA0MjcJc3QJMjAyMzA2MDEuMDEwOTUyCWkJMDUwM2NjNzYtYWZiMi00M2RmLThhMzUtZGExM2JhNThjOWFmCWYJaHR0cHM6Ly9uaHJhZGl2My5jb20vCXEJYjY1NzU5NGEtZWE5Yy00YzExLWI2OGItYjUyZmNjYjcyMDIyCW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk2MDgwCWMJNjEzNglsCTIxMDQ2CXoJMjAwODkJcwk3MDkzCXAJMjMwNjYJdwllbnRlcnRhaW5tZW50CWNzCUlBQjEJY3oJCWdjCURFCWdyCU5XCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAluaHJhZGl2My5jb20Jc2UJMzI0MzkwMzE2NgltYwkxMDEyMjQ1CW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JNDUxNQl2bgkyMjgwODA2CXZwCTEJdmcJcHIJY2kJNDNjMzVlNmMtZjFkZS00ZTliLTViNzEtMTRjYjAzOGQwMjUxCWNwCWcyCXZ2CTIwMjMwNDI2XzIxMjg6aW1hX2h0bWw1OjMuNTc1LjAJd3QJNTM4CWFkVGFnCS8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM_aXU9LzIxODc0MTU1MTMzLDEwMTIyNDUvMjMwNjZfMjA4Mzc0MjA2OSZkZXNjcmlwdGlvbl91cmw9aHR0cHMlM0ElMkYlMkZuaHJhZGl2My5jb20lMkYmdGZjZD0wJm5wYT0wJnN6PTY0MHg0ODAlN0MxMjgweDcyMCU3QzE5MjB4MTA4MCU3QzQwMHgzMDAmY3VzdF9wYXJhbXM9ZHNtY20lM0QxJTI2ZHNkJTNEbmhyYWRpdjMuY29tJmdkZnBfcmVxPTEmb3V0cHV0PXZhc3QmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZlbnY9dnAmaW1wbD1zJmNvcnJlbGF0b3I9NDkwMTgwJmdkcHI9MSZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.129.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:54 GMT
server: Apache
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame BF7E 124 B
559 B 95ms
38ms XHR
text/xml 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21874155133%2C1012245%2F23066_2083742069&description_url=https%3A%2F%2Fnhradiv3.com%2F&tfcd=0&npa=0&sz=640x480%7C1280x720%7C1920x1080%7C400x300&cust_params=dsmcm%3D1%26dsd%3Dnhradiv3.com&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4118387055060262&gdpr=1&gdpr_consent&us_privacy&vpa=auto&vpmute=1&sdkv=h.3.575.0&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=2181453730&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.575.0&media_url=https%3A%2F%2Fc5x8i7c7.ssl.hwcdn.net%2Fvplayer-parallel%2F20230426_2128%2Fima_html5%2Fminimal.mp4&sid=00EDED7B-C21E-4CF8-9558-0935AB4B5F39&nel=0&eid=44740340%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fnhradiv3.com%2F&url=https%3A%2F%2Fnhradiv3.com%2F&dt=1685581794181&scor=912327813438245&ged=ve4_td0_tt0_pd0_la0_er0.0.154.300_vi0.0.450.800_vp100_eb24427

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST csi
csi.gstatic.com/ Frame BF7E 0
0

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame DBE8 361 KB
120 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ds_vplayer_detached.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123025
x-xss-protection: 0
expires: Thu, 01 Jun 2023 01:09:54 GMT

GET
H2 200 191231-96143263832481.js Show response
js-sec.indexww.com/ht/p/ Frame DBE8 37 KB
13 KB 113ms
39ms Script
text/javascript 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/191231-96143263832481.js
Requested by: Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ds_vplayer_detached.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3eb6b450e09da3c00ba344a44a690b004402dc62ddf0d3cf3bbdec5ab33310e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 01 Jun 2023 01:06:59 GMT
server: cloudflare
age: 39
etag: W/"da352e-930a-5fd070daf73e9"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 7d0392e71ff7039a-FRA
expires: Thu, 01 Jun 2023 05:09:54 GMT

POST csi
csi.gstatic.com/ Frame BF7E 0
0

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f42b6c9dab0b73174621c0daba5d82d4f2d841fed05a3784952e660b13fb78b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview.htm
rt3003.infolinks.com/action/ 0
141 B 330ms
329ms Image
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rt3003.infolinks.com/action/adview.htm?rid=c9ddc1c8-843b-4cfb-8824-91857c57974b&bdc=1&midx=0&emd=ODgzfjEyMTJfNDI2ODA1OTYwfjQyNjgwNTk2MA&rts=1685581794343&prod_t=d&jsv=1867.003-3.027&skin=sidebar&theme=def&sdata=news&scs=4w-K8U_S6T&rsd=f5RYBhizCBfJnKjQelKfiTvv8v_wJbebzouJdMs1j2-_UYs9T8wedVRtNtYQKFz9EoSl3IMVGO_EFK8m6ZQdY1kTGy1Sxp1ys6pCtkams9bKolPVspYNW53WFA88FCRpRPCWDCMumosiD3O0Fu9EWIaH4ys8zn0l&rsk=96&rcs=o7A0Sms0dLFp_vZB67UzZQ
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 7d0392e6d86e3a85-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1A8E 273 B
186 B 44ms
41ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIS-ybUDENP37rcDGL7wg-QBMAE&v=APEucNVDgmmstIaK-pcGBMI018FKMvYdeY8hQTWafBU0qe2snvkqMqVxKfqBPZE4sqpjoX5LdQsZu3HPh1g4ry0iEL-czkxP-TcsW7lBWOce2lRcJ_Y9p2wsrIp8YCjAkjBBCSHewF-DSFc51L-71ee_1g3usBzQF5zj3tt8IHpdhXCQOlEFCSObHI8z5y85x6h5vjFp_CCobKJE2cQ7JyWAuoEkJCdyJhMLMAY52V9OzRdrhPl6kSE

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9069e765fbe398f997add12a68cb2a29757379a4419198ef6fc3f627a06011f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 101
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 01:09:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B8A 42 B
63 B 101ms
55ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A_AwaJpVCCmuMgdFHXtSl-0lizVDkkCLzpFjTC31FIQ1aP1xxw3W79Rwv0yOJRSeXD2RH6jayS5LPbytCPTemul_8SYJccPa8_zEiZOqVOEf8rDgQ

Requested by

Host: blank
URL: about:blank

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B8A 0
20 B 101ms
55ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5532014260476274230&x=10&ct=2

Requested by

Host: blank
URL: about:blank

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2B8A 78 KB
27 KB 81ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: blank
URL: about:blank

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 01:09:54 GMT

GET
H/1.1 200
OK it
lax1-ib.adnxs-simple.com/ Frame 2B8A 0
783 B 741ms
172ms Image
text/html 104.254.151.120
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lax1-ib.adnxs-simple.com/it?an_audit=0&referrer=nhradiv3.com&e=wqT_3QKjC2yjBQAAAwDWAAUBCOHf36MGEPXhuPH2nPzEMxj_EQF4ASo2CSh9IeS8_58_EWKqTyj6Mps_GQAAAIAUrhBAIRESACkRJNgxAAAA4KNw7T8w9vb1DDizGUC8CUhlUMiVwssBWMWIlQFgAGjEnLABeN3mA4ABAYoBA1VTRJIBAQb0EwWYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAsgIBMNgCpEPgAur5JeoCDG5ocmFkaXYzLmNvbYADAYgDAJADAJgDFKADAaoD8AYKtwZodHRwczovL2FkeC5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvYWR2aWV3P2FpPUNSMDI4NHU5M1pLandBLWZ3a1BJUF9mVzVvQVhDOXNIU2I2akExTGpHRVpfMzlQMElFQUVnNXBmV0pXQ1ZBcUFCMnRIOTBDaklBUUtwQWt1UXBwSlc3N0UtcUFNQnlBT1pCS29FNFFGUDBLSFp6a2s0bWg4X1FGQUVfbkRvcFFHQ3dOZ0RlNUYxLUFRcFlnZWc0dzBtQVJDM2FWUVpaUi1OOXVjNDBEMlZ4aklLVHUzclBpYWkxOFpqWHpQa2p0WW1qMjB2aUV3Z1dYZWotVHNlUm1sUmczUjFVVVYwM21QcWVVZm13OHkzdG9vWkFYUEpqc05BbDA1UHIzcDRZNU1EZWVhQUdxTTFWUWtyUHFsQVBwT0tzNzNmSk81Tm8yaW8zUFYyZUlNQ05ZaVZfNGd0T0VoVV9EX2ZvWnBTeHlJSk9CSDhENEJFTGVmcnZnN0pRQXdVSkhVVmc1SzZRMHE5eW1nRHZZYloyLVd4bXQ1cTQ5a21KRlV5RGF3NmJNVXR4U25nY0gtWlNMTjAxSkNQUnhQQUJKV2poZEtZQk9BRUE0Z0Y0WXo1X1VtU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCZ0tBQjlxSnpyQURxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1FrZlFCR0w3d2ctUUIwZ2dXQ0lEaGdCQVFBUmhmTWdLcUFqb0NnRUJJdmYzQk92SUlEbUpwWkdSbGNpMDJNekE1TVRRemdBb0V5QXNCc0JQWmxOVVN5Qk9tMzVYaUE5Z1RDb2dVQWRnVUFkQVZBWUFYQWJJWENBb0dDQUFTQUJnQTZCY0Imc2lnaD1KVHZhd2pod2tMVSZ1YWNoX209W1VBQ0hdJmNpZD1DQVFTR3dCeWdRaURrWmZaN3EzdGJEaVVCeE5zbUdvY0RkeXJWSGgwV0JnQiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMzNzEzNzY0MjQ0NTIwMzE3MTczIgk0MjY4MDU5NjAqCTkxNzY1OTM5NjoJNDc4MjE0MjA2wAOsAsgDANgD7cww4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQNODQuMTkuMTc1LjE4MKgExuEPsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBMiVwssBiAUBmAUAoAWksMHWkKOPiyaqBSpjOWRkYzFjOC04NDNiLTRjZmItODgyNC05MTg1N2M1Nzk3NGJ-ODgzfjHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXv0hz6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG5IoE2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTk4NTk5MTYzODXIB93mA9IHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHAIoIAhAAlQgAAIA_mAgB&s=0d4d7fd9a248b4356ec92852c80044864e4bf3d6&pp=0.026562

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 01:09:55 GMT
AN-X-Request-Uuid: 26b16c4c-2b5a-45fe-a324-51effc662bf7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs-simple.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs-simple.com/v/s/233/ Frame 2B8A 80 KB
28 KB 135ms
26ms Script
application/x-javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs-simple.com/v/s/233/trk.js
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 096ef6644ebed2ac191e5a20c7c5bf31a24d8739912e2142003fdaa469a13aa5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Expires: Wed, 22 May 2024 13:37:52 GMT
Date: Thu, 01 Jun 2023 01:09:54 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 732723
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27646
X-Served-By: cache-lga21944-LGA, cache-fra-eddf8230030-FRA
Last-Modified: Tue, 23 May 2023 13:36:07 GMT
Server: AkamaiNetStorage
X-Timer: S1685581794.498427,VS0,VE0
ETag: "9016354863c2896e70daab6e27775aa5:1684848967.582788"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 17, 115618

GET
H2 206 minimal.mp4
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/pd1_html5/ Frame DBE8 843 B
1000 B 25ms
25ms Media
video/mp4 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/pd1_html5/minimal.mp4
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer: https://nhradiv3.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 01 Jun 2023 01:09:54 GMT
last-modified: Wed, 26 Apr 2023 21:29:06 GMT
etag: "1682544546"
x-hw: 1685581794.dop225.fr8.t,1685581794.cds274.fr8.hn,1685581794.cds336.fr8.c
content-type: video/mp4
Content-Range: bytes 0-842/843
cache-control: max-age=66176
accept-ranges: bytes
Content-Length: 843

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 1A8E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEAXl81r7Hk4MJvPrRSDBc9A&google_cver=1
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEAXl81r7Hk4MJvPrRSDBc9A&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=f118a08da99831fb1610bee727ac0aeb&uid=f118a08da99831fb1610bee727ac0...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

70 B
264 B

51ms
50ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIS-ybUDENP37rcDGL7wg-QBMAE&v=APEucNVDgmmstIaK-pcGBMI018FKMvYdeY8hQTWafBU0qe2snvkqMqVxKfqBPZE4sqpjoX5LdQsZu3HPh1g4ry0iEL-czkxP-TcsW7lBWOce2lRcJ_Y9p2wsrIp8YCjAkjBBCSHewF-DSFc51L-71ee_1g3usBzQF5zj3tt8IHpdhXCQOlEFCSObHI8z5y85x6h5vjFp_CCobKJE2cQ7JyWAuoEkJCdyJhMLMAY52V9OzRdrhPl6kSE
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 01 Jun 2023 01:09:54 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 01:09:54 GMT
Last-Modified: Thu, 01 Jun 2023 01:09:54 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ad.sxp.smartclip.net/ Frame 1A8E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOMO6WIX7i8Bhz44nhmfbcc&google_cver=1
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOMO6WIX7i8Bhz44nhmfbcc&google_cver=1&ang_testid=1

42 B
444 B

25ms
23ms

Image
image/gif

35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOMO6WIX7i8Bhz44nhmfbcc&google_cver=1&ang_testid=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIS-ybUDENP37rcDGL7wg-QBMAE&v=APEucNVDgmmstIaK-pcGBMI018FKMvYdeY8hQTWafBU0qe2snvkqMqVxKfqBPZE4sqpjoX5LdQsZu3HPh1g4ry0iEL-czkxP-TcsW7lBWOce2lRcJ_Y9p2wsrIp8YCjAkjBBCSHewF-DSFc51L-71ee_1g3usBzQF5zj3tt8IHpdhXCQOlEFCSObHI8z5y85x6h5vjFp_CCobKJE2cQ7JyWAuoEkJCdyJhMLMAY52V9OzRdrhPl6kSE
Protocol: H2
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:54 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Thu, 01 Jun 2023 01:09:54 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOMO6WIX7i8Bhz44nhmfbcc&google_cver=1&ang_testid=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 bridge3.575.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 19A9 707 KB
226 KB 21ms
20ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f19114fc66ef2ca455dc1b7e93be045b3698a3f291312e951b163473fbf6980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nhradiv3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40165
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231096
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 14:00:29 GMT
expires: Thu, 30 May 2024 14:00:29 GMT
last-modified: Mon, 22 May 2023 19:34:41 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame DBE8 44 KB
16 KB 40ms
37ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Jun 2023 01:09:54 GMT

GET
H2 200 p23066-ds-desktop.json Show response
a.jsrdn.com/prebid/tags/ Frame DBE8 19 KB
2 KB 410ms
354ms XHR
application/json 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.jsrdn.com/prebid/tags/p23066-ds-desktop.json?aca=1&env.sd=nhradiv3.com&env.gc=DE
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 49a09c35df64b32b221012f35d3ef02c78243364b5f47d7f22c4ff8a8455e9e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:54 GMT
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 00:42:49 GMT
etag: "1685580169"
access-control-max-age: 3600
x-hw: 1685581794.dop267.fr8.t,1685581794.cds320.fr8.hn,1685581794.cds290.fr8.p
content-type: application/json
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-origin: https://nhradiv3.com
accept-ranges: bytes
content-length: 1940

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 06B3 42 B
121 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOq_KIpwhwhB761yYjN5XdVrH59CYGX6NSWXg6EWLg9b-nRLgTzA4MuGQ03W_B2zBJB190ho2EfMp6HOA0HgJ8dy3uhb_oagfI4N4tCDAI0Cgi8xSs&sig=Cg0ArKJSzOm5KbF-6b4-EAE&id=lidar2&mcvt=1021&p=0,0,90,728&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20230531&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4285196844&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685581793169&rpt=245&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ Frame DBE8 44 B
358 B 111ms
35ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/191231-96143263832481.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nhradiv3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 01 Jun 2023 01:09:54 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://nhradiv3.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame DBE8 63 B
388 B 168ms
50ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=191231
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/191231-96143263832481.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 49a95bb7afece1d9bff94e39031d07822eeaf4b7961e22da71f4ecee44ce498e

Request headers

Referer: https://nhradiv3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 01 Jun 2023 01:09:54 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nhradiv3.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 01 Jul 2023 01:09:54 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B8A 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8949953040795&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B8A 0
20 B 57ms
56ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8949953040795&version=m202301230201&ct=2&x=10&cor=5532014260476275000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2B8A 69 KB
31 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DyCFqsiij4W014iGpV2xPZOjkZ__2wsL1KFPFPAJ9f9kkUAlN-YrDcK9WlclNtSWc-Ohg0ejvlyEsEaNWCcdjWHGyvwPr1oCe0VKujlkUl1cJCbLg-yxvlwRGfMNNj2eVjRG4JrbHE6d9rZdL1DHy-y4RzDg-bMa3X91vX5DFT1reFpyA&cry=1&dbm_d=AKAmf-CzfgQNlAZ2DNvDNpnXJ29aSWeA3XnliO8BnFj1mfRvfpf8W4XBIn5MRq4ozBxR3S3FFLYvBJjsWHE0w4lsDRILjsQoC8tL_Ydf0ZJLOYT_OMk_C1q5ZtR0FqAA7EUkRJE_yafsoRYr5I6BEbveswo2rSJFcVa0gab8cwYKGg7wHy4jTgi1BUDuL3wmv845KOzNbyeGV_d8HpIfOFyUnyV-nNwxT-_engHOg_GapKQvQdHHj-dubU7Nt5PN5PB3O0BvCJHs4EMzKqZz_DifK1_hABxYK9oEni67bYZMWL3RUbAXtYQLQPwvbUcj_jIJrk5HUmbpdsjXj7Pf5S8rqd2_DeqfATtK2tLpssxUMeBqU2HYe1YIGfLhCcqRHbwdtBnmdTAfH_y1SCm4IN_z5MxPuBQegt-yNVAnKDgTZgi2PtMohnFbRNS7qSK4PGqWPiY9Hxsu0kU7gJlKwnUZkjyRQsXi6HvLUZQBn0bh1Idbj4ivgZ4JUtChZc9r6D8HpUE9V-uIxNu8atIpYOJTL8ieDsknVo56Z4w0_RXnf8xNolyXSHeR27_IOS-0rwsYiVQFN09PV2UMSPR1YmDSNCkv_46kK4GDX_V9XHsL1GNY3lycRPZvgStqZLYLui1PmTOTpPgIn8UO-DuV4T8QCEl8iapMgBUlAdgbOLILFx8lEyr8_0BUZSkRi7grBUt4drC4RXu1JPfFtsM8IqXMA85KBozAXUTZM82A2s-xXpu9w0PgFoUWRMxVh-uYkF7XMLauEONOkcgpFs9dcRo_jQXzMFm4AimNO_bLCwHoJrpMzG3Vv48sSk36t6PiTafgkrOzGmFvBhQvv5O3BWcsapPguwiqJ9y-5-iRAsVYfuiO9xpC4_ZkQ6RtMb5YKjnrTVB682_2OLXQZ2cMOvatkpREjucjOFE2UAx53HG7w-yAe7Jp7Ycb2pKx4vT3a1hwfBsLlh3FIcmpGChO_ueKf-BNvDMAyGKqEmh9T8QXVTl0cf6I6EIc1xdVcfZbEBaWXFQNii_uR-iFY5H0eH5UJqtV7-FBsMM_-oEdUiM0ScnRXLRRBPEfEijWEBg3sjZfHUJk5pY7XcpXtLY3MJBLgiZJTBwEcGZZNsza8YcFeMZSH1KsPnWklDqlpdh0yfqQIQ1UbBMpvdTZ4veZqhVbif9PCO-X6nRrwSGK5VO_Ry-HqGnuO2l3qMEPmuKoMzcWU35KJzUgSvpqjWAIUd_iQRPuEVToZqBhjHsWtYwkZgxvc-pcmmlQy1IkjI8htnt2Zd8SmH7VbfPKaC0BP1rdsfuL4pksNbV6Tc13Ui1dbzLR42UyUwFGcc4pBQNfzQPJ46vZ9rVdbFLGFQVe83wCN2RPRGzDCehF3oQLpm8JY_XQP_3HYjgUQf2M1Fp0Wn0pTieOyryU3sYFiESuEGgJYD6CcLrYL5-e5CPXBlcWSkmu5pGZkufNsP-1oyrzzaRxS5xsIAbENC31r97oIfLCA6v6lcC0RZZg0oXxUGlhVQcWfsNLipVlR1SQa3wJ-Q1dTrUUe3zwSyQ-C_AsAETeKRVZangCP-w1cAM4rgZd3Z5-SFARAvBDbDq0TAUu7BPRYgDLDStmgGYcMZSbVrPfaJ1dA2e3pu0Fbh6W2ya1jvWN2fAyPJrrBFfTGqLZgPGjO5I7I1lCYtq4ikWEOCO6A7OInhYQRUFQPPBVJZO_2ApgLd1MrsfZstOvlhPkKDXYIgZS5yei04mFb-fx10cg_I8a7cnkKWxCgo2kX8WuOmnhrydB0ynzbNogCmDk2tWWE18yIdqVMN6HfUyxxPhAAPP7nWCEQzQ-TxYHm-WNslxUuN7ye1xJcPfbIvuj_PfDp0RJquRqgffkUW8PyZdKMMPKPx13Rr9iPTDOt-SvV4RApoTf4PbTuFrIs5Ly__fUMs1ZhqFCdpa2ShjtXwDVdizq9Z5OvEHYG20ON3-yaitELFm8lvlpu5WDM8l46-6Sjhb6CpN_1tX1g30ARptfMdVHIRJUI3-MAuAIugCaoRH5OlQTKIqaxpNbhR3SsrmqK58RY-h9RJJWtTTK-ZikMO8RADKAYo4wcZkyzQ4FeX1sY71wFI_yMmT81Dqnl2OeAo4dhY79vvaUzJaHpBVfEtonzS7TF0KlXVoSpo7xcZ3JVqsdWCv2FsgHOTJpywHRnY7xaM0MrPp7tmvu-SxdLZzC9TADQYX1D-VwheHGLXdcx5Fd46xAy9T-54E19GDOUUVZOuTbmWplefX3o6aL-tnmo_H4vBvoVaEFqQjV-i78yOHnT11LLERY6IESeeubkB3Aq79wxMNt2bya9w3s2skPfwFyMXNMJQ-bt94otZ0vSiM_mPXoUTiMpGqWjBa9kqrnXEP4EAVWDsdsaUzDV7DdWa8MgQpV_7wbzaj2p9UVJLf7Ta6ijMPNQlAXw_cDh0VcMeCYiyrqtZ5QHOK0scu8wpr22o9zIy5bAQWWAWVv42XdXD5Ary8PboLhB9xbNeVLbYwwgN2IIP71Saf6u5-fMl2MjBL1xj8Ni_YDf2B3Plu30kDi_Zh1WB0kqtVz0gn-z-_llTVgKjWbp43Zxgcxxh9HwUe2XIWG9b8_A173NatAnRiuUMeSb6nnQK7xaPgsFiCkOS4GHz3Sg3YRG1qFRexvB0OnuYjONWS9eBGfa7mEmox1_bOGKon7QYMw7yiCr-NJVoAdLIwKkAc6svZg2zhcbdaYNG96jIKSZeFVwmknGT3R04n8sQNfaca5sz2LK-H-BKAPQtkCO6Hapq8TYZeOPgwTp8sqohC_hNsuYqfOCd8F4_DVgHPMHyVXizqc0w0-JDALIWEKXUOmeL34bHCZUx-iRhlBc_G1YNRv-48mk6prQfPfeBB0FQqAjDNFTbetOjXbOuwY6xQ1_6pstE36nHJbZYu6xAnRNaTZuOSS_jjPzz-QqzY3ZCIyRARLWu6QK9leWt__zDgdb3zGpHov25oAbbzb0buEJIydgQfKAMGbgkozu5Z5r4CMh9nKPvf_Pbo62CPDaoKy4H_yuT-SLOIPG3eAXTLsCV9VqSp4jvDtiAkQsAqAnz-FpJSbUq7nkT0lbXLqV4yu5yvl_EubUukww_KQ2XvE5P4ccuAw6IvgPrXmZjLQWT6_YsTI1mBGuc16X9WxC7gt1LK2Wu9EHPfiohFjDccIRuzRe1aG3ynKhunCJ-QAfZVm7j8t5KZJYE1n4Nn82meJo26Os3udmvB2WJyLFUQEVp_gFesv63nlbJjDNymOTQkIb1I0Cj4ypIqWjvY2vSEmjzD0VSvna21BWyZbsvdJX5ubIuDQqD6xAznGpHWK12UhHdqjJnwDNGmlGk3-Kzfod_GOfyTHKDvt3tULbQUeZZ3_ljWDNWEWc8BfCqfl9myQaVIbakW_&cid=CAQSGwBygQiDkZfZ7q3tbDiUBxNsmGocDdyrVHh0WBgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fnhradiv3.com%2F&ds=l&xdt=0&iif=1&cor=5532014260476275000&adk=651903219&idt=94&cac=0&dtd=21

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a98060ee35becd1aa95e8cac640d692381bb9a22ff142c8f953a1fe918ba0f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31679
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/ Frame 2B8A 29 KB
11 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DyCFqsiij4W014iGpV2xPZOjkZ__2wsL1KFPFPAJ9f9kkUAlN-YrDcK9WlclNtSWc-Ohg0ejvlyEsEaNWCcdjWHGyvwPr1oCe0VKujlkUl1cJCbLg-yxvlwRGfMNNj2eVjRG4JrbHE6d9rZdL1DHy-y4RzDg-bMa3X91vX5DFT1reFpyA&cry=1&dbm_d=AKAmf-CzfgQNlAZ2DNvDNpnXJ29aSWeA3XnliO8BnFj1mfRvfpf8W4XBIn5MRq4ozBxR3S3FFLYvBJjsWHE0w4lsDRILjsQoC8tL_Ydf0ZJLOYT_OMk_C1q5ZtR0FqAA7EUkRJE_yafsoRYr5I6BEbveswo2rSJFcVa0gab8cwYKGg7wHy4jTgi1BUDuL3wmv845KOzNbyeGV_d8HpIfOFyUnyV-nNwxT-_engHOg_GapKQvQdHHj-dubU7Nt5PN5PB3O0BvCJHs4EMzKqZz_DifK1_hABxYK9oEni67bYZMWL3RUbAXtYQLQPwvbUcj_jIJrk5HUmbpdsjXj7Pf5S8rqd2_DeqfATtK2tLpssxUMeBqU2HYe1YIGfLhCcqRHbwdtBnmdTAfH_y1SCm4IN_z5MxPuBQegt-yNVAnKDgTZgi2PtMohnFbRNS7qSK4PGqWPiY9Hxsu0kU7gJlKwnUZkjyRQsXi6HvLUZQBn0bh1Idbj4ivgZ4JUtChZc9r6D8HpUE9V-uIxNu8atIpYOJTL8ieDsknVo56Z4w0_RXnf8xNolyXSHeR27_IOS-0rwsYiVQFN09PV2UMSPR1YmDSNCkv_46kK4GDX_V9XHsL1GNY3lycRPZvgStqZLYLui1PmTOTpPgIn8UO-DuV4T8QCEl8iapMgBUlAdgbOLILFx8lEyr8_0BUZSkRi7grBUt4drC4RXu1JPfFtsM8IqXMA85KBozAXUTZM82A2s-xXpu9w0PgFoUWRMxVh-uYkF7XMLauEONOkcgpFs9dcRo_jQXzMFm4AimNO_bLCwHoJrpMzG3Vv48sSk36t6PiTafgkrOzGmFvBhQvv5O3BWcsapPguwiqJ9y-5-iRAsVYfuiO9xpC4_ZkQ6RtMb5YKjnrTVB682_2OLXQZ2cMOvatkpREjucjOFE2UAx53HG7w-yAe7Jp7Ycb2pKx4vT3a1hwfBsLlh3FIcmpGChO_ueKf-BNvDMAyGKqEmh9T8QXVTl0cf6I6EIc1xdVcfZbEBaWXFQNii_uR-iFY5H0eH5UJqtV7-FBsMM_-oEdUiM0ScnRXLRRBPEfEijWEBg3sjZfHUJk5pY7XcpXtLY3MJBLgiZJTBwEcGZZNsza8YcFeMZSH1KsPnWklDqlpdh0yfqQIQ1UbBMpvdTZ4veZqhVbif9PCO-X6nRrwSGK5VO_Ry-HqGnuO2l3qMEPmuKoMzcWU35KJzUgSvpqjWAIUd_iQRPuEVToZqBhjHsWtYwkZgxvc-pcmmlQy1IkjI8htnt2Zd8SmH7VbfPKaC0BP1rdsfuL4pksNbV6Tc13Ui1dbzLR42UyUwFGcc4pBQNfzQPJ46vZ9rVdbFLGFQVe83wCN2RPRGzDCehF3oQLpm8JY_XQP_3HYjgUQf2M1Fp0Wn0pTieOyryU3sYFiESuEGgJYD6CcLrYL5-e5CPXBlcWSkmu5pGZkufNsP-1oyrzzaRxS5xsIAbENC31r97oIfLCA6v6lcC0RZZg0oXxUGlhVQcWfsNLipVlR1SQa3wJ-Q1dTrUUe3zwSyQ-C_AsAETeKRVZangCP-w1cAM4rgZd3Z5-SFARAvBDbDq0TAUu7BPRYgDLDStmgGYcMZSbVrPfaJ1dA2e3pu0Fbh6W2ya1jvWN2fAyPJrrBFfTGqLZgPGjO5I7I1lCYtq4ikWEOCO6A7OInhYQRUFQPPBVJZO_2ApgLd1MrsfZstOvlhPkKDXYIgZS5yei04mFb-fx10cg_I8a7cnkKWxCgo2kX8WuOmnhrydB0ynzbNogCmDk2tWWE18yIdqVMN6HfUyxxPhAAPP7nWCEQzQ-TxYHm-WNslxUuN7ye1xJcPfbIvuj_PfDp0RJquRqgffkUW8PyZdKMMPKPx13Rr9iPTDOt-SvV4RApoTf4PbTuFrIs5Ly__fUMs1ZhqFCdpa2ShjtXwDVdizq9Z5OvEHYG20ON3-yaitELFm8lvlpu5WDM8l46-6Sjhb6CpN_1tX1g30ARptfMdVHIRJUI3-MAuAIugCaoRH5OlQTKIqaxpNbhR3SsrmqK58RY-h9RJJWtTTK-ZikMO8RADKAYo4wcZkyzQ4FeX1sY71wFI_yMmT81Dqnl2OeAo4dhY79vvaUzJaHpBVfEtonzS7TF0KlXVoSpo7xcZ3JVqsdWCv2FsgHOTJpywHRnY7xaM0MrPp7tmvu-SxdLZzC9TADQYX1D-VwheHGLXdcx5Fd46xAy9T-54E19GDOUUVZOuTbmWplefX3o6aL-tnmo_H4vBvoVaEFqQjV-i78yOHnT11LLERY6IESeeubkB3Aq79wxMNt2bya9w3s2skPfwFyMXNMJQ-bt94otZ0vSiM_mPXoUTiMpGqWjBa9kqrnXEP4EAVWDsdsaUzDV7DdWa8MgQpV_7wbzaj2p9UVJLf7Ta6ijMPNQlAXw_cDh0VcMeCYiyrqtZ5QHOK0scu8wpr22o9zIy5bAQWWAWVv42XdXD5Ary8PboLhB9xbNeVLbYwwgN2IIP71Saf6u5-fMl2MjBL1xj8Ni_YDf2B3Plu30kDi_Zh1WB0kqtVz0gn-z-_llTVgKjWbp43Zxgcxxh9HwUe2XIWG9b8_A173NatAnRiuUMeSb6nnQK7xaPgsFiCkOS4GHz3Sg3YRG1qFRexvB0OnuYjONWS9eBGfa7mEmox1_bOGKon7QYMw7yiCr-NJVoAdLIwKkAc6svZg2zhcbdaYNG96jIKSZeFVwmknGT3R04n8sQNfaca5sz2LK-H-BKAPQtkCO6Hapq8TYZeOPgwTp8sqohC_hNsuYqfOCd8F4_DVgHPMHyVXizqc0w0-JDALIWEKXUOmeL34bHCZUx-iRhlBc_G1YNRv-48mk6prQfPfeBB0FQqAjDNFTbetOjXbOuwY6xQ1_6pstE36nHJbZYu6xAnRNaTZuOSS_jjPzz-QqzY3ZCIyRARLWu6QK9leWt__zDgdb3zGpHov25oAbbzb0buEJIydgQfKAMGbgkozu5Z5r4CMh9nKPvf_Pbo62CPDaoKy4H_yuT-SLOIPG3eAXTLsCV9VqSp4jvDtiAkQsAqAnz-FpJSbUq7nkT0lbXLqV4yu5yvl_EubUukww_KQ2XvE5P4ccuAw6IvgPrXmZjLQWT6_YsTI1mBGuc16X9WxC7gt1LK2Wu9EHPfiohFjDccIRuzRe1aG3ynKhunCJ-QAfZVm7j8t5KZJYE1n4Nn82meJo26Os3udmvB2WJyLFUQEVp_gFesv63nlbJjDNymOTQkIb1I0Cj4ypIqWjvY2vSEmjzD0VSvna21BWyZbsvdJX5ubIuDQqD6xAznGpHWK12UhHdqjJnwDNGmlGk3-Kzfod_GOfyTHKDvt3tULbQUeZZ3_ljWDNWEWc8BfCqfl9myQaVIbakW_&cid=CAQSGwBygQiDkZfZ7q3tbDiUBxNsmGocDdyrVHh0WBgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fnhradiv3.com%2F&ds=l&xdt=0&iif=1&cor=5532014260476275000&adk=651903219&idt=94&cac=0&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 13:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 13:56:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2B8A 171 KB
53 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 01:09:54 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/ Frame 2B8A 11 KB
4 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 13:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 13:56:52 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2B8A 0
0 125ms
61ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4H5bTcQGO9IWG5clGfMFxvGfqytGiZScoFdxOV0K4d_rVSsUjFnR2i-3faFnNk4VyCzt1vsRJCAvKjCkhVo1teH5H5k9byRGYIwhg1o6X5fhGNgTY0bbPNGwKbSDG6hZS5l7sh_BgRtbgwUvn0ZXnIOYOezM&sai=AMfl-YSKS6_Uhcc7UOVJEn8MPoo_CKOKokQj_PNgNuoKCdiRfCFjpwbrcb9udtQJqtdzZdrThC0-IfUlR5GTTWzpU3Ak0jjwL0Z2Y9u_xg&sig=Cg0ArKJSzH9nUwD5KSUJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230530.15125&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Jun 2023 01:09:54 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2B8A 41 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149421
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 07:39:33 GMT

GET
H3 200 3968630203300890461
s0.2mdn.net/simgad/ Frame 2B8A 62 KB
62 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3968630203300890461

Requested by

Host: blank
URL: about:blank

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68cfd5b3ef4c5051bad0c70624b8b86410662cb95ded79bfdb427be7fc86899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 21:52:27 GMT
x-content-type-options: nosniff
age: 357447
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63159
x-xss-protection: 0
last-modified: Tue, 21 Mar 2023 19:16:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 21:52:27 GMT

GET
H/1.1 200
OK rd_log Show response
lax1-ib.adnxs-simple.com/ Frame 2B8A 0
783 B 350ms
176ms Script
text/html 104.254.151.120
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://lax1-ib.adnxs-simple.com/rd_log?an_audit=0&referrer=nhradiv3.com&e=wqT_3QKyBGwyAgAAAwDWAAUBCOHf36MGEPXhuPH2nPzEMxj_EQF4ASo2CSh9IeS8_58_EWKqTyj6Mps_GQAAAIAUrhBAIRESACkRJNgxAAAA4KNw7T8w9vb1DDizGUC8CUhlUMiVwssBWMWIlQFgAGjEnLABeN3mA4ABAYoBA1VTRJIBAQb0BQGYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAsgIBMNgCpEPgAur5JeoCDG5ocmFkaXYzLmNvbYADAYgDAJADAJgDFKADAaoDAMADrALIAwDYA-3MMOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDTg0LjE5LjE3NS4xODCoBMbhD7IEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8ATIlcLLAYgFAZgFAKAFpLDB1pCjj4smqgUqYzlkZGMxYzgtODQzYi00Y2ZiLTg4MjQtOTE4NTdjNTc5NzRifjg4M34xwAUAyQUAAAAAAADwP9IFCQkAAAAAARBw2AUB4AUB8AXv0hz6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbkigTaBhYKEAkSGQEBuKDgBgHyBgIIAIAHAYgHAKAHAaoHCzE5ODU5OTE2Mzg1yAfd5gPSBw0JAA03ATQI2gcGAWxoGADgBwDqBwIIAPAHAIoIAhAAlQgAAIA_mAgB&s=bb233cb75ef08f10695c09281914f4371dd24989&bdref=https%3A%2F%2Fnhradiv3.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fnhradiv3.com%2F,about%3Ablank&

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 01:09:54 GMT
AN-X-Request-Uuid: 4c2c6b0b-bdf6-416e-a375-d35df0d4f722
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs-simple.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ Frame DBE8 0
482 B 98ms
34ms XHR
text/plain 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=476694&u=https%3A%2F%2Fnhradiv3.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/191231-96143263832481.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nhradiv3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BmR2q9LpUiBH84OJGaD3JBfkdeNhqGDQuFIAql8EALa13Pfwtyyqb%2FoU5ScESvV%2BZ4INr9ROFGNbPFxenXEzcdQXDQ5ChwbLltp3lw8uJesdOmxQrU0HWW1JSA%2BV1SrerDdeBGqBBw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://nhradiv3.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7d0392e8e9f22bcf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D486 22 KB
8 KB 19ms
18ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 99162
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 May 2023 21:37:12 GMT
expires: Wed, 29 May 2024 21:37:12 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2B8A 0
0 61ms
61ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4H5bTcQGO9IWG5clGfMFxvGfqytGiZScoFdxOV0K4d_rVSsUjFnR2i-3faFnNk4VyCzt1vsRJCAvKjCkhVo1teH5H5k9byRGYIwhg1o6X5fhGNgTY0bbPNGwKbSDG6hZS5l7sh_BgRtbgwUvn0ZXnIOYOezM&sai=AMfl-YSKS6_Uhcc7UOVJEn8MPoo_CKOKokQj_PNgNuoKCdiRfCFjpwbrcb9udtQJqtdzZdrThC0-IfUlR5GTTWzpU3Ak0jjwL0Z2Y9u_xg&sig=Cg0ArKJSzH9nUwD5KSUJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=89&vt=11&dtpt=88&dett=2&cstd=0&cisv=r20230530.15125&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Jun 2023 01:09:54 GMT

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame D486 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 10:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 May 2024 10:02:46 GMT

GET
H2 200 1.gif
i.jsrdn.com/i/ 42 B
281 B 58ms
58ms Image
image/gif 52.48.129.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jsrdn.com/i/1.gif?r=6wsa&k=ZQl3YQlhCTIwMzkJZAlldS13ZXN0LTFhCWgJaS0wOTMwNzdkYzkyMTVlZmExZgl1CThiYjM4YWFlLWIyY2ItNDlmZS1iMTk5LWQ1M2NmNTRiNjY2YQl2CTMzODAzMTc2LWI3MWQtNDdkOC04ZmMzLTRmZjY3YTlkNjllYQlzdglqc3Jkbgl2bAkyMDIzMDYwMS4wMTAwCXZ0CTIwMjMwNjAxLjAxMDAJdnMJMjAyMzAyMjEJdmMJMjAyMzA0MjcJc3QJMjAyMzA2MDEuMDEwOTUyCWkJMDUwM2NjNzYtYWZiMi00M2RmLThhMzUtZGExM2JhNThjOWFmCWYJaHR0cHM6Ly9uaHJhZGl2My5jb20vCXEJYjY1NzU5NGEtZWE5Yy00YzExLWI2OGItYjUyZmNjYjcyMDIyCW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk2MDgwCWMJNjEzNglsCTIxMDQ2CXoJMjAwODkJcwk3MDkzCXAJMjMwNjYJdwllbnRlcnRhaW5tZW50CWNzCUlBQjEJY3oJCWdjCURFCWdyCU5XCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAluaHJhZGl2My5jb20Jc2UJMzI0MzkwMzE2NgltYwkxMDEyMjQ1CW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JNDUxNQl2bgkyMjgwODA2CXZwCTEJdmcJcHIJY2kJYWJiNDFjNGYtNTkzYy0zNWZiLTFlZDMtZGY2NWE1NjliNDhkCWNwCXBkCXZ2CTIwMjMwNDI2XzIxMjg6cGQxX2h0bWw1OjMuNTc1LjAJd3QJNTE4CWFkVGFnCS8vYS5qc3Jkbi5jb20vcHJlYmlkL3RhZ3MvcDIzMDY2LWRzLWRlc2t0b3AuanNvbj9hY2E9MSZlbnYuc2Q9bmhyYWRpdjMuY29tJmVudi5nYz1ERQ
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.129.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:54 GMT
server: Apache
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 115ms
30ms Preflight
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nhradiv3.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://nhradiv3.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Thu, 01 Jun 2023 01:09:54 GMT

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame DBE8 0
160 B 95ms
32ms XHR
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nhradiv3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://nhradiv3.com
pragma: no-cache
date: Thu, 01 Jun 2023 01:09:55 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame DBE8 36 B
548 B 115ms
36ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=858943&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2237bc5fbc269623%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fnhradiv3.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fnhradiv3.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fnhradiv3.com%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224f942f4f2346e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22858943%22%2C%22sid%22%3A%22640x480%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fogg%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A60%2C%22playerSize%22%3A%5B%5B640%2C480%5D%5D%2C%22linearity%22%3A1%2C%22startdelay%22%3A0%2C%22placement%22%3A1%2C%22w%22%3A640%2C%22h%22%3A480%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22distroscale.com%22%2C%22sid%22%3A%223243903166%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 210db05380d56669da45c58b53c56dcd88d6cc3e3c3d202ddca32e91892ff862

Request headers

Referer: https://nhradiv3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2Bq%2BGVsaJl%2BmH4UzyPczR3R2VurAfBB%2FT6ieprXccjnjDdjkOFAA8zJfslOg7ckHErvbqmrqLqDTZRGIhPy%2FjQxLYfv900wusEsstpaWvcjd%2FbwW0wiHgYGVWIwqGVXWVM6IZzlH"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://nhradiv3.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7d0392ea9a3b9118-FRA
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame DBE8 138 B
942 B 110ms
32ms XHR
application/json 185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: nhradiv3.com
URL: https://nhradiv3.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

2bc36dab2fbeedf104920760028e60b45ebb6d517be771cf26426bc582ec1da7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nhradiv3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 01:09:54 GMT
AN-X-Request-Uuid: 8fccd02d-f8db-431d-865e-d513f33cf84e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://nhradiv3.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/233488/0/ Frame DBE8 0
160 B 107ms
31ms XHR
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/233488/0/mvo?z=1r&hbv=6.29,2.1
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nhradiv3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nhradiv3.com
pragma: no-cache
date: Thu, 01 Jun 2023 01:09:54 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame DBE8 19 B
521 B 85ms
25ms XHR
application/json 3.126.223.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.0&referrer=https%3A%2F%2Fnhradiv3.com%2F&tmax=3000

Requested by

Host: nhradiv3.com
URL: https://nhradiv3.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.223.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-223-209.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nhradiv3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:54 GMT
accept-ch: sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nhradiv3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame DBE8 95 B
727 B 471ms
115ms XHR
application/json 69.166.1.14
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22129fa1248f1b04b%22%3A%226f6428ecc72a92ae0cca%7C%7Cgpid%3D6f6428ecc72a92ae0cca%22%7D&ref=https%3A%2F%2Fnhradiv3.com%2F&s=80484cfb-59ed-4d12-8aa0-540d3bcb5a05&pv=6cd6491f-347e-4489-8d28-1eedd520de97&vp=tablet&lib_name=prebid&lib_v=6.29.0&us=3&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22distroscale.com%22%2C%22sid%22%3A%223243903166%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: nhradiv3.com
URL: https://nhradiv3.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

ded9744148252979663230078114867c29e57473dcdb46fcf9b3e7143353fb51

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nhradiv3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 01:09:55 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-63
Content-Type: application/json
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://nhradiv3.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame DBE8 173 B
402 B 197ms
26ms XHR
application/json 52.29.115.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.115.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-115-187.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a4749ae1a96e1089483243f90b30373def2c141a2116793557647e1c33c66d6c

Request headers

Referer: https://nhradiv3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: gzip
x-prebid: pbs-java/1.119.0
content-type: application/json
access-control-allow-origin: https://nhradiv3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

POST
H2 204 bid.json Show response
reachms.bfmio.com/ Frame DBE8 0
216 B 392ms
123ms XHR
text/plain 34.236.219.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reachms.bfmio.com/bid.json?exchange_id=a8e8a036-e72c-4434-ba5a-29f69009ec76
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.219.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-219-103.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nhradiv3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nhradiv3.com
date: Thu, 01 Jun 2023 01:09:55 GMT
access-control-expose-headers: location
access-control-allow-credentials: true
vary: Origin
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 avjp Show response
distroscale-d.openx.net/v/1.0/ Frame DBE8 106 B
379 B 104ms
35ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://distroscale-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fnhradiv3.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c30cc0b2-4903-44e4-aa46-27b0f278aa79&nocache=1685581794901&schain=1.0%2C1!distroscale.com%2C3243903166%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A640%2C%22h%22%3A480%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fogg%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22api%22%3A%5B2%5D%2C%22maxduration%22%3A60%2C%22linearity%22%3A1%2C%22minduration%22%3A0%2C%22startdelay%22%3A0%2C%22placement%22%3A1%7D%7D%5D%7D&auid=540884776&vwd=640&vht=480&vmimes=video%2Fmp4%2Cvideo%2Fogg%2Cvideo%2Fwebm%2Capplication%2Fjavascript
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://nhradiv3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:54 GMT
via: 1.1 google
server: OXGW/0.0.0
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://nhradiv3.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 1.gif
i.jsrdn.com/i/ 42 B
281 B 57ms
55ms Image
image/gif 52.48.129.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jsrdn.com/i/1.gif?r=sx8a&k=ZQl3d2EJYQkyMDc2CWQJZXUtd2VzdC0xYQloCWktMDkzMDc3ZGM5MjE1ZWZhMWYJdQk4YmIzOGFhZS1iMmNiLTQ5ZmUtYjE5OS1kNTNjZjU0YjY2NmEJdgkzMzgwMzE3Ni1iNzFkLTQ3ZDgtOGZjMy00ZmY2N2E5ZDY5ZWEJc3YJanNyZG4JdmwJMjAyMzA2MDEuMDEwMAl2dAkyMDIzMDYwMS4wMTAwCXZzCTIwMjMwMjIxCXZjCTIwMjMwNDI3CXN0CTIwMjMwNjAxLjAxMDk1MglpCTA1MDNjYzc2LWFmYjItNDNkZi04YTM1LWRhMTNiYTU4YzlhZglmCWh0dHBzOi8vbmhyYWRpdjMuY29tLwlxCWI2NTc1OTRhLWVhOWMtNGMxMS1iNjhiLWI1MmZjY2I3MjAyMgltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNjA4MAljCTYxMzYJbAkyMTA0Ngl6CTIwMDg5CXMJNzA5MwlwCTIzMDY2CXcJZW50ZXJ0YWlubWVudAljcwlJQUIxCWN6CQlnYwlERQlncglOVwlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJbmhyYWRpdjMuY29tCXNlCTMyNDM5MDMxNjYJbWMJMTAxMjI0NQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTQ1MTUJdm4JMjI4MDgwNgl2cAkxCXZnCXByCWNpCWFiYjQxYzRmLTU5M2MtMzVmYi0xZWQzLWRmNjVhNTY5YjQ4ZAljcAlwZAl2dgkyMDIzMDQyNl8yMTI4OnBkMV9odG1sNTozLjU3NS4wCXd0CTUxOAl3d2EJYmlkZGVyOnVucnVseXxpeHxhcHBuZXh1c3xyaHl0aG1vbmV8dHJpcGxlbGlmdHxzb25vYml8cnViaWNvbnxiZWFjaGZyb250fG9wZW54CWFkVGFnCS8vYS5qc3Jkbi5jb20vcHJlYmlkL3RhZ3MvcDIzMDY2LWRzLWRlc2t0b3AuanNvbj9hY2E9MSZlbnYuc2Q9bmhyYWRpdjMuY29tJmVudi5nYz1ERQ
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.129.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:54 GMT
server: Apache
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D486 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2V9P4u93ZNCQIILpgAfAr4CIBAAAAAA4AeAEAg&bg=!1Nel14PNAAZu7ficTu07ADkAdvg8WrAGc7VvuVckdN6moinsSzP8iW9DDC5eTz_VsHpokV1CCgqtLThe8HLQjtWVjc_D3lE2o9gCAAAAulIAAAACaAEHmQLlKKjQeelx70bsr1o6mHop5aeGzswXcNJV9miG23P-3PabzcqM3Yeott-Cvq7Lb_ccRVk4MwVmQQQYmewyF9WWZg4fufGfJlEigyGUlNhahI52KTiUVrmIGQ9geCkf1ijYgsqks3m9rMiC8E79ansx2k_mAhzz8-PNNsnYTItZhrxoHrTPXqrSK7ljntZKXNdR61odB6egJqEb5UAvtB4mquAIeM50kFaaNsy0eiekatWsvbzDd3_Az0DyhiEXOSCP6O8jVof9qSF2x-_U_Lhei73rEgTwe_9bI_NpF5MhUQbqwe8RUzTZbIBlAVitXnQZG7ELr8REVNWEr-GJ_B9hTdemqBqMK8wlWQTyEublAvtX6zl8qwvtKTIEKcOqANOGESj9sR4kAKb5_mHUwJWIIWTR_FybtdIuRJxGC8F3SrvJxm9p7ImPBFrR3RoCcivjUAc3mlWGO9r8FiiJHMEkCIvhbZvmj_reeEruogqDjTmr1CiOcBIuAoIyhLVuz-SINdlBGuiWUZw6sg3hrRHIbNa9wMJTGC1c1qJldB3QKAtamt0jW_fg1LJGNTkrq1xIWXBAOjD35bL3jjANuR3c3ZmKspMXTEySfe29zwcp5TOuDIq01m3p2m7TVHI6NUBcdI97HjJKh9kqBVH_1n32DksbM7PPd0gYoirenKYQ-9einX7Y2fc8v2fAi1ruvW_q_wHZmals-tH1xr77ZJJALwq98SpB0JHL5XM210ZMH5x2bYxXOu4wpVMEMDKTuVNTTZZaYEutXCg0_M8V26MmAdnNAvlmEYZ6vWmKCfFI-jzS98-vH60R7pYDd3oQbF-Wzac8UxofhRs1J38VJmbJq2pZVbYtv9E5WBhZT-PEPUbPlPfLvwUkh9f1by4y7Rl_2Shn0iTePnt5RYO00By_NLMOLePfzUGnYrgK24FM1CWVuVM2oy2XR-ozQYajHJZAdN4n6zx7FGZljYx4EyqxHH5e6oYp

Requested by

Host: blank
URL: about:blank

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
lax1-ib.adnxs-simple.com/ Frame 2B8A 0
802 B 186ms
186ms Ping
text/html 104.254.151.120
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://lax1-ib.adnxs-simple.com/vevent?an_audit=0&referrer=nhradiv3.com&e=wqT_3QKjC2yjBQAAAwDWAAUBCOHf36MGEPXhuPH2nPzEMxj_EQF4ASo2CSh9IeS8_58_EWKqTyj6Mps_GQAAAIAUrhBAIRESACkRJNgxAAAA4KNw7T8w9vb1DDizGUC8CUhlUMiVwssBWMWIlQFgAGjEnLABeN3mA4ABAYoBA1VTRJIBAQb0EwWYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAsgIBMNgCpEPgAur5JeoCDG5ocmFkaXYzLmNvbYADAYgDAJADAJgDFKADAaoD8AYKtwZodHRwczovL2FkeC5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvYWR2aWV3P2FpPUNSMDI4NHU5M1pLandBLWZ3a1BJUF9mVzVvQVhDOXNIU2I2akExTGpHRVpfMzlQMElFQUVnNXBmV0pXQ1ZBcUFCMnRIOTBDaklBUUtwQWt1UXBwSlc3N0UtcUFNQnlBT1pCS29FNFFGUDBLSFp6a2s0bWg4X1FGQUVfbkRvcFFHQ3dOZ0RlNUYxLUFRcFlnZWc0dzBtQVJDM2FWUVpaUi1OOXVjNDBEMlZ4aklLVHUzclBpYWkxOFpqWHpQa2p0WW1qMjB2aUV3Z1dYZWotVHNlUm1sUmczUjFVVVYwM21QcWVVZm13OHkzdG9vWkFYUEpqc05BbDA1UHIzcDRZNU1EZWVhQUdxTTFWUWtyUHFsQVBwT0tzNzNmSk81Tm8yaW8zUFYyZUlNQ05ZaVZfNGd0T0VoVV9EX2ZvWnBTeHlJSk9CSDhENEJFTGVmcnZnN0pRQXdVSkhVVmc1SzZRMHE5eW1nRHZZYloyLVd4bXQ1cTQ5a21KRlV5RGF3NmJNVXR4U25nY0gtWlNMTjAxSkNQUnhQQUJKV2poZEtZQk9BRUE0Z0Y0WXo1X1VtU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCZ0tBQjlxSnpyQURxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1FrZlFCR0w3d2ctUUIwZ2dXQ0lEaGdCQVFBUmhmTWdLcUFqb0NnRUJJdmYzQk92SUlEbUpwWkdSbGNpMDJNekE1TVRRemdBb0V5QXNCc0JQWmxOVVN5Qk9tMzVYaUE5Z1RDb2dVQWRnVUFkQVZBWUFYQWJJWENBb0dDQUFTQUJnQTZCY0Imc2lnaD1KVHZhd2pod2tMVSZ1YWNoX209W1VBQ0hdJmNpZD1DQVFTR3dCeWdRaURrWmZaN3EzdGJEaVVCeE5zbUdvY0RkeXJWSGgwV0JnQiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMzNzEzNzY0MjQ0NTIwMzE3MTczIgk0MjY4MDU5NjAqCTkxNzY1OTM5NjoJNDc4MjE0MjA2wAOsAsgDANgD7cww4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQNODQuMTkuMTc1LjE4MKgExuEPsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBMiVwssBiAUBmAUAoAWksMHWkKOPiyaqBSpjOWRkYzFjOC04NDNiLTRjZmItODgyNC05MTg1N2M1Nzk3NGJ-ODgzfjHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXv0hz6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG5IoE2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTk4NTk5MTYzODXIB93mA9IHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHAIoIAhAAlQgAAIA_mAgB&s=0d4d7fd9a248b4356ec92852c80044864e4bf3d6&type=nv&nvt=5&jm=1003&px=436&py=1110&bw=728&bh=90&sid=6782390291892234940&vd=ct~0|rr~0&sv=233&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27097974&sw=1600&sh=1200&pw=1600&ph=2138&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/233/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 01:09:55 GMT
AN-X-Request-Uuid: 339e6a1f-0cde-416b-98b6-d3d3ca5d73b5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://nhradiv3.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs-simple.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 38ms
38ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305250101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35d728f3d807d14e1dadb0d0b6faccc3e2f99bc8d4a705ea4a7be9f5bc784d10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11118
x-xss-protection: 0

GET
H2 200 like_box.php Show response
www.facebook.com/v2.12/plugins/ Frame 0D11 103 KB
35 KB 365ms
299ms Document
text/html 2a03:2880:f17b:187:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12e9f1084b45ac%26domain%3Dnhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnhradiv3.com%252Ff7bde97f93db3%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=277cfb78d4834ca2646e9b99fcb440c6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f17b:187:face:b00c:0:25de Saint-Denis, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b1df9a3e7dac3c47217551025ea528f143f10ef1e05f43f9e9fb392d9c897d8b

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nhradiv3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 01:09:55 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v10.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: gRC6y3+eIELHLLbcBZMkRawKEOGRWo9dJnuT8CuY5V/OmSUsvD+9Kew02OuGuHB1gEjcqzmnJyUahHrPoFvMbA==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 67 KB
22 KB 82ms
22ms Script
text/javascript 2600:9000:206f:8600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 226c9a2c80c75e3c5d7d197c484adb7d63e6ea36270af348bc223be73e8cd059

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

X-Amz-Version-Id: 7FBoqqSL1b96.AgPH.JEYo4TSgYS0kb0
Content-Encoding: gzip
Via: 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
Date: Thu, 01 Jun 2023 00:43:54 GMT
Age: 1575
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 09 May 2023 21:27:29 GMT
Server: AmazonS3
Etag: W/"7866810a321f41ea101e7bcfaa572323"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 82sWsaoI8o31evxfHt05_YOkVjHRJI3MTbNtonuKMHIQeEmyCz3T8A==

GET
H2 200 p Show response
i.simpli.fi/ 758 B
1 KB 35ms
35ms Script
application/javascript 34.90.79.92
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=&cb=sifi_att_1841031087807._hp

Requested by

Host: i.simpli.fi
URL: https://i.simpli.fi/dpx.js?cid=62812&action=100&segment=maplegroveracewaysite&m=1&sifi_tuid=35523

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.90.79.92 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

92.79.90.34.bc.googleusercontent.com

Software

Resource Hash

27d3143e21bac87d9da4a7167c4c10445967df08c4a9462bf92a3030d6618e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Thu, 01 Jun 2023 01:09:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 01:09:55 GMT

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=4677494E04904BBB806CDD3054DB0DE2&dongle=yf3

37 B
140 B

91ms
25ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=4677494E04904BBB806CDD3054DB0DE2&dongle=yf3
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Thu, 01 Jun 2023 01:09:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=4677494E04904BBB806CDD3054DB0DE2&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 31 May 2023 01:09:55 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=4677494E04904BBB806CDD3054DB0DE2

43 B
175 B

392ms
112ms

Image
image/gif

2600:1f18:612b:4232:ab07:9ca5:134e:3ac3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=4677494E04904BBB806CDD3054DB0DE2
Protocol: H2
Server: 2600:1f18:612b:4232:ab07:9ca5:134e:3ac3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 01 Jun 2023 01:09:55 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Thu, 01 Jun 2023 01:09:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=4677494E04904BBB806CDD3054DB0DE2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 31 May 2023 01:09:55 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=4677494E04904BBB806CDD3054DB0DE2
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=4677494E04904BBB806CDD3054DB0DE2

95 B
437 B

41ms
39ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=4677494E04904BBB806CDD3054DB0DE2

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Thu, 01 Jun 2023 01:09:55 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=4677494E04904BBB806CDD3054DB0DE2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=4677494E04904BBB806CDD3054DB0DE2
https://d.agkn.com/pixel/10751/?che=1685581795502&ip=84.19.175.184&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217123104534000058353
https://um.simpli.fi/aa_px?sk=217123104534000058353
https://um.simpli.fi/empty.gif

43 B
361 B

31ms
31ms

Image
image/gif

35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Thu, 01 Jun 2023 01:09:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4677494E04904BBB806CDD3054DB0DE2

0
0

95ms
24ms

Image
text/html

52.222.214.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4677494E04904BBB806CDD3054DB0DE2
Protocol: H2
Server: 52.222.214.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-59.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Redirect headers

date: Thu, 01 Jun 2023 01:09:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4677494E04904BBB806CDD3054DB0DE2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 31 May 2023 01:09:55 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 112ms
31ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 31 May 2023 01:09:55 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 53ms
51ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 31 May 2023 01:09:55 GMT

GET
H2

451

400646.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=4677494E04904BBB806CDD3054DB0DE2;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=4677494E04904BBB806CDD3054DB0DE2;mimetype=img;sr
https://idsync.rlcdn.com/400646.gif?partner_uid=5743841820885795562

0
42 B

42ms
41ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/400646.gif?partner_uid=5743841820885795562
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:54 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
location: https://idsync.rlcdn.com/400646.gif?partner_uid=5743841820885795562
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=4677494E04904BBB806CDD3054DB0DE2&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=4677494E04904BBB806CDD3054DB0DE2&j=0&xl8blockcheck=1

0
763 B

54ms
54ms

Image
text/plain

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=4677494E04904BBB806CDD3054DB0DE2&j=0&xl8blockcheck=1
Protocol: H2
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:56 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Thu, 01 Jun 2023 01:09:55 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=4677494E04904BBB806CDD3054DB0DE2&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 54ms
52ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 31 May 2023 01:09:55 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=4677494E04904BBB806CDD3054DB0DE2

0
421 B

503ms
120ms

Image
text/plain

54.226.177.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=4677494E04904BBB806CDD3054DB0DE2
Protocol: HTTP/1.1
Server: 54.226.177.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-226-177-30.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 01 Jun 2023 01:09:55 GMT

Redirect headers

date: Thu, 01 Jun 2023 01:09:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=4677494E04904BBB806CDD3054DB0DE2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 31 May 2023 01:09:55 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=4677494E04904BBB806CDD3054DB0DE2

62 B
444 B

254ms
178ms

Image
image/gif

104.111.217.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=4677494E04904BBB806CDD3054DB0DE2
Protocol: H2
Server: 104.111.217.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-14.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 01 Jun 2023 01:09:55 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Thu, 01 Jun 2023 01:09:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=4677494E04904BBB806CDD3054DB0DE2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 31 May 2023 01:09:55 GMT

GET
H2

404

tpid=4677494E04904BBB806CDD3054DB0DE2
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=4677494E04904BBB806CDD3054DB0DE2

49 B
266 B

154ms
49ms

Image
image/gif

54.72.29.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=4677494E04904BBB806CDD3054DB0DE2
Protocol: H2
Server: 54.72.29.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-29-236.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:55 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.10.240
content-length: 49
expires: 0

Redirect headers

date: Thu, 01 Jun 2023 01:09:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=4677494E04904BBB806CDD3054DB0DE2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 31 May 2023 01:09:55 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=4677494E04904BBB806CDD3054DB0DE2

0
311 B

128ms
41ms

Image
text/plain

216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=4677494E04904BBB806CDD3054DB0DE2
Protocol: HTTP/1.1
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Thu, 01 Jun 2023 01:09:55 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Thu, 01 Jun 2023 01:09:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=4677494E04904BBB806CDD3054DB0DE2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 31 May 2023 01:09:55 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=4677494E04904BBB806CDD3054DB0DE2

0
98 B

95ms
34ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=4677494E04904BBB806CDD3054DB0DE2
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Thu, 01 Jun 2023 01:09:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=4677494E04904BBB806CDD3054DB0DE2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 31 May 2023 01:09:55 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1685581795261&cv=7&fst=1685581795261&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1763760051&cv=7&fst=1685581795261&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1763760051&cv=7&fst=1685581795261&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1763760051&cv=7&fst=1685581795261&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...

42 B
64 B

37ms
37ms

Image
image/gif

2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1763760051&cv=7&fst=1685581795261&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMItp-cwfGg_wIVloP9Bx1rfAwV&is_vtc=1&ocp_id=4-93ZPahFpaH9u8P6_ixqAE&cid=CAQSKQBygQiDHnw5yp3TYVw3DdJZdgBCSHGOfsEtJRGQOyqTMoLq8EyiaWit&random=2266270777&ipr=y

Protocol

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1763760051&cv=7&fst=1685581795261&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMItp-cwfGg_wIVloP9Bx1rfAwV&is_vtc=1&ocp_id=4-93ZPahFpaH9u8P6_ixqAE&cid=CAQSKQBygQiDHnw5yp3TYVw3DdJZdgBCSHGOfsEtJRGQOyqTMoLq8EyiaWit&random=2266270777&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=4677494E04904BBB806CDD3054DB0DE2
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=4677494E04904BBB806CDD3054DB0DE2&__user_check__=1&sync_id=053b3688-0019-11ee-a8ff-1fd522ee0206

43 B
548 B

36ms
36ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=4677494E04904BBB806CDD3054DB0DE2&__user_check__=1&sync_id=053b3688-0019-11ee-a8ff-1fd522ee0206
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Thu, 01 Jun 2023 01:09:55 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 99
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 01 Jun 2023 01:09:55 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7797&uid=4677494E04904BBB806CDD3054DB0DE2&__user_check__=1&sync_id=053b3688-0019-11ee-a8ff-1fd522ee0206
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 79
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=4677494E04904BBB806CDD3054DB0DE2
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D4677494E04904BBB806CDD3054DB0DE2

43 B
1 KB

33ms
33ms

Image
image/gif

185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D4677494E04904BBB806CDD3054DB0DE2

Protocol

HTTP/1.1

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 01:09:55 GMT
AN-X-Request-Uuid: 843311cc-f96b-4498-838e-d6ffe7f5e978
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 01:09:55 GMT
AN-X-Request-Uuid: 294bdef6-55bf-4995-a283-33f62ea33171
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D4677494E04904BBB806CDD3054DB0DE2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4677494E04904BBB806CDD3054DB0DE2&expires=365

0
239 B

137ms
32ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4677494E04904BBB806CDD3054DB0DE2&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 01 Jun 2023 01:09:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4677494E04904BBB806CDD3054DB0DE2&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 31 May 2023 01:09:55 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=4677494E04904BBB806CDD3054DB0DE2

43 B
122 B

54ms
34ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=4677494E04904BBB806CDD3054DB0DE2
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:55 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Thu, 01 Jun 2023 01:09:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=4677494E04904BBB806CDD3054DB0DE2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 31 May 2023 01:09:55 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEMa8L3ICk9ynzmk-z9BdgyA&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4677494E04904BBB806CDD3054DB0DE2
https://um.simpli.fi/g_match?id=

0
320 B

30ms
30ms

Image
text/plain

35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 31 May 2023 01:09:55 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B14D 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nhradiv3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 16:23:20 GMT
expires: Thu, 30 May 2024 16:23:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4BB2 783 B
535 B 39ms
38ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

79aeea07740408d727b31b0d1d22138c3b0f6f4891005e2702dfbbe065a48e3f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ffkzjnPdHCrwFz1gvkKZYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nhradiv3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ffkzjnPdHCrwFz1gvkKZYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 01:09:55 GMT
expires: Thu, 01 Jun 2023 01:09:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/exp/CUHVY3OLUVBZPJTAWUVLYM/ 42 B
799 B 26ms
26ms Script
application/javascript 2600:9000:206f:8600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/CUHVY3OLUVBZPJTAWUVLYM/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f51a75f2ede4c5e0457f05d60bfa39290b59348a71cdae4cc701236e6f552ad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

X-Amz-Version-Id: FH2joIKQ5_Jc_StuiANbzbWxQ9ssXAXP
Date: Wed, 31 May 2023 17:55:40 GMT
Via: 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
Age: 26056
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 42
Last-Modified: Tue, 21 Mar 2023 16:33:43 GMT
Server: AmazonS3
Etag: "2ff5e20519778d0385c77e7f6e12de10"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: qYADjai9LrDpZQObK7pPLpDr0NQas7OpVyTSqQO4i_g0ccrm8bRuug==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/CUHVY3OLUVBZPJTAWUVLYM/GGGXQ77VW5D5LL7AURJNOI/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

24ms
23ms

Script
application/javascript

2600:9000:206f:8600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:206f:8600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Wed, 31 May 2023 19:54:40 GMT
Via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
Age: 18916
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 8y8kFEk2a3so7yrfDhLx-AThBj0JPqTsra6knCEmIeT6CPkqqd8-kg==

Redirect headers

Date: Wed, 31 May 2023 01:53:51 GMT
Via: 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
Age: 83764
X-Amz-Cf-Pop: FRA56-C1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 2-GSQDDqoAQtOGoxD-elXAadK5OO1ageEIh49QLQO_wLoyj7StxwTg==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/CUHVY3OLUVBZPJTAWUVLYM/GGGXQ77VW5D5LL7AURJNOI/ 0
809 B 67ms
22ms Script
text/javascript 2600:9000:206f:8600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/CUHVY3OLUVBZPJTAWUVLYM/GGGXQ77VW5D5LL7AURJNOI/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

X-Amz-Version-Id: S_FKjKo_mlJXeq6NBN2lT9PxIhWjC5Qs
Date: Thu, 01 Jun 2023 00:34:30 GMT
Via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
Age: 2194
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Tue, 23 May 2023 12:36:51 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: CwIeeTie6iwTn3SgyNUWhNH-zxMlq70l2LeSDarL72YS1iyO0r7oQw==

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame B14D 37 KB
14 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 10:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 May 2024 10:02:46 GMT

GET
H2 200 1.gif
i.jsrdn.com/i/ 42 B
281 B 55ms
55ms Image
image/gif 52.48.129.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jsrdn.com/i/1.gif?r=nmty&k=ZQl3d2gJYQkyNTQ0CWQJZXUtd2VzdC0xYQloCWktMDkzMDc3ZGM5MjE1ZWZhMWYJdQk4YmIzOGFhZS1iMmNiLTQ5ZmUtYjE5OS1kNTNjZjU0YjY2NmEJdgkzMzgwMzE3Ni1iNzFkLTQ3ZDgtOGZjMy00ZmY2N2E5ZDY5ZWEJc3YJanNyZG4JdmwJMjAyMzA2MDEuMDEwMAl2dAkyMDIzMDYwMS4wMTAwCXZzCTIwMjMwMjIxCXZjCTIwMjMwNDI3CXN0CTIwMjMwNjAxLjAxMDk1MglpCTA1MDNjYzc2LWFmYjItNDNkZi04YTM1LWRhMTNiYTU4YzlhZglmCWh0dHBzOi8vbmhyYWRpdjMuY29tLwlxCWI2NTc1OTRhLWVhOWMtNGMxMS1iNjhiLWI1MmZjY2I3MjAyMgltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNjA4MAljCTYxMzYJbAkyMTA0Ngl6CTIwMDg5CXMJNzA5MwlwCTIzMDY2CXcJZW50ZXJ0YWlubWVudAljcwlJQUIxCWN6CQlnYwlERQlncglOVwlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJbmhyYWRpdjMuY29tCXNlCTMyNDM5MDMxNjYJbWMJMTAxMjI0NQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTQ1MTUJdm4JMjI4MDgwNgl2cAkxCXZnCXByCWNpCWFiYjQxYzRmLTU5M2MtMzVmYi0xZWQzLWRmNjVhNTY5YjQ4ZAljcAlwZAl2dgkyMDIzMDQyNl8yMTI4OnBkMV9odG1sNTozLjU3NS4wCXd0CTUxOAl3d2gJYmlkZGVyOm5vbmUsY3BtOjAJYWRUYWcJLy9hLmpzcmRuLmNvbS9wcmViaWQvdGFncy9wMjMwNjYtZHMtZGVza3RvcC5qc29uP2FjYT0xJmVudi5zZD1uaHJhZGl2My5jb20mZW52LmdjPURF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.129.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:55 GMT
server: Apache
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 0C3A 361 KB
120 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ds_vplayer_detached.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123025
x-xss-protection: 0
expires: Thu, 01 Jun 2023 01:09:55 GMT

GET
H2 200 191231-96143263832481.js Show response
js-sec.indexww.com/ht/p/ Frame 0C3A 37 KB
13 KB 34ms
33ms Script
text/javascript 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/191231-96143263832481.js
Requested by: Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ds_vplayer_detached.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3eb6b450e09da3c00ba344a44a690b004402dc62ddf0d3cf3bbdec5ab33310e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 01 Jun 2023 01:06:59 GMT
server: cloudflare
age: 40
etag: W/"da352e-930a-5fd070daf73e9"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 7d0392ed4bb4039a-FRA
expires: Thu, 01 Jun 2023 05:09:55 GMT

GET
H2 200 1.gif
i.jsrdn.com/i/ 42 B
281 B 54ms
54ms Image
image/gif 52.48.129.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jsrdn.com/i/1.gif?r=6pao&k=ZQl3ZQlhCTI1NzIJZAlldS13ZXN0LTFhCWgJaS0wOTMwNzdkYzkyMTVlZmExZgl1CThiYjM4YWFlLWIyY2ItNDlmZS1iMTk5LWQ1M2NmNTRiNjY2YQl2CTMzODAzMTc2LWI3MWQtNDdkOC04ZmMzLTRmZjY3YTlkNjllYQlzdglqc3Jkbgl2bAkyMDIzMDYwMS4wMTAwCXZ0CTIwMjMwNjAxLjAxMDAJdnMJMjAyMzAyMjEJdmMJMjAyMzA0MjcJc3QJMjAyMzA2MDEuMDEwOTUyCWkJMDUwM2NjNzYtYWZiMi00M2RmLThhMzUtZGExM2JhNThjOWFmCWYJaHR0cHM6Ly9uaHJhZGl2My5jb20vCXEJYjY1NzU5NGEtZWE5Yy00YzExLWI2OGItYjUyZmNjYjcyMDIyCW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk2MDgwCWMJNjEzNglsCTIxMDQ2CXoJMjAwODkJcwk3MDkzCXAJMjMwNjYJdwllbnRlcnRhaW5tZW50CWNzCUlBQjEJY3oJCWdjCURFCWdyCU5XCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAluaHJhZGl2My5jb20Jc2UJMzI0MzkwMzE2NgltYwkxMDEyMjQ1CW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JNDUxNQl2bgkyMjgwODA2CXZwCTEJdmcJcHIJY2kJYWJiNDFjNGYtNTkzYy0zNWZiLTFlZDMtZGY2NWE1NjliNDhkCWNwCXBkCXZ2CTIwMjMwNDI2XzIxMjg6cGQxX2h0bWw1OjMuNTc1LjAJd3QJNTE4CXdlCVt3ZV0gZXJyb3I6Tm8gdmFsaWQgYmlkcyByZWNlaXZlZAlhZFRhZwkvL2EuanNyZG4uY29tL3ByZWJpZC90YWdzL3AyMzA2Ni1kcy1kZXNrdG9wLmpzb24_YWNhPTEmZW52LnNkPW5ocmFkaXYzLmNvbSZlbnYuZ2M9REU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.129.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:55 GMT
server: Apache
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4BB2 0
0 56ms
56ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305250101&jk=463469340360963&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 dcl.htm Show response
rt3003.infolinks.com/action/ 0
60 B 195ms
194ms Script
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3003.infolinks.com/action/dcl.htm?rid=c9ddc1c8-843b-4cfb-8824-91857c57974b&prod_t=d&sdata=news&bdc=1&midx=0&capara=%7B%22ve%22%3A%22mrc50%22%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1867.003-3.027/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 7d0392ed5c2b3a85-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 CUHVY3OLUVBZPJTAWUVLYM Show response
d.adroll.com/consent/check/ 466 B
559 B 172ms
47ms Script
application/javascript 2a05:d018:cc3:fe04:3d91:3936:bb0d:1155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/CUHVY3OLUVBZPJTAWUVLYM?pv=67432241739.12228&arrfrr=https%3A%2F%2Fnhradiv3.com%2F&_s=ef8c7da8933eb4ccee9cf728161b43cd&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:3d91:3936:bb0d:1155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: facc4a6b4f9d1d4884d0f912968552564e253e9159ce83879a86b23c7a99cccc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
server: nginx/1.22.1
content-length: 466
content-type: application/javascript

GET
H2 206 minimal.mp4
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/pd1_html5/ Frame 0C3A 843 B
989 B 27ms
26ms Media
video/mp4 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/pd1_html5/minimal.mp4
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer: https://nhradiv3.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
last-modified: Wed, 26 Apr 2023 21:29:06 GMT
etag: "1682544546"
x-hw: 1685581795.dop225.fr8.t,1685581795.cds274.fr8.hn,1685581795.cds336.fr8.c
content-type: video/mp4
Content-Range: bytes 0-842/843
cache-control: max-age=66175
accept-ranges: bytes
Content-Length: 843

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ Frame 0C3A 0
282 B 38ms
37ms XHR
text/plain 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=476694&u=https%3A%2F%2Fnhradiv3.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/191231-96143263832481.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nhradiv3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YyZHTsGScllnbaZZFN23uU1ISRUAMmu%2B4PuL%2FUNGUMdkJx7gLrszleF6BJ4cXwr6AkrxVXa4ioZRv0G3765YEfSvcxtXyhT8SDKmmlcRVGqq3O5fOLSLJvbWRv2hKkpEhZ%2FLf7sydT4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://nhradiv3.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7d0392eddcb42bcf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 200 bridge3.575.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9DD3 707 KB
226 KB 23ms
21ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f19114fc66ef2ca455dc1b7e93be045b3698a3f291312e951b163473fbf6980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nhradiv3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231096
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 14:00:29 GMT
expires: Thu, 30 May 2024 14:00:29 GMT
last-modified: Mon, 22 May 2023 19:34:41 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 0C3A 44 KB
16 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Jun 2023 01:09:55 GMT

GET
H2 200 p23066-ds-desktop-os.json Show response
a.jsrdn.com/prebid/tags/os/ Frame 0C3A 12 KB
2 KB 438ms
437ms XHR
application/json 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.jsrdn.com/prebid/tags/os/p23066-ds-desktop-os.json?aca=1&env.sd=nhradiv3.com&env.gc=DE&env.se=3243903166
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: c9ef620d9097ab209f6daad9aa4d36eafca29311260caf4229d327388a69cc1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 00:42:47 GMT
etag: "1685580167"
access-control-max-age: 3600
x-hw: 1685581795.dop267.fr8.t,1685581795.cds320.fr8.hn,1685581795.cds235.fr8.p
content-type: application/json
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-origin: https://nhradiv3.com
accept-ranges: bytes
content-length: 1571

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B14D 0
10 B 24ms
23ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xM_DJA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 06ZX3mXSkRb.css
static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/ Frame 0D11 28 KB
7 KB 106ms
24ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/06ZX3mXSkRb.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12e9f1084b45ac%26domain%3Dnhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnhradiv3.com%252Ff7bde97f93db3%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

34879b9e2bf687d73136aa78381006501b3565c161d6d633b8ecd98cd7c598a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MwoIf/JO9b6CSdlqTCIFLQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6961
x-fb-rlafr: 0
x-fb-debug: Pi0yOkoUbim/itGoKHywe4UTP4AqJYE1cTAuicwAeiVSdJuiWCu6DJvXhF/hTo0E7jSyR6eGbB1T5XNvbCnX0A==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 30 May 2024 19:26:57 GMT

GET
H2 200 7wUbFZgkwwx.css
static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/ Frame 0D11 15 KB
4 KB 105ms
23ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/7wUbFZgkwwx.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1f469a37c6878414d1e1cdfd935089d6bcf66419075d26910b88ff5207175e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: eYovJt8RBu+Y2sGTdPJ89A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3942
x-fb-rlafr: 0
x-fb-debug: sejrixd0keXoYCroBjc6hdvyVxLjwa8DWsxN8K5WJF6nhExBnSeYsIkqk80/j0G0ejpLqeRrx9sL6H3FwAf7Eg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 28 May 2024 17:29:38 GMT

GET
H2 200 OddrI9NOuB_.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ Frame 0D11 10 KB
3 KB 76ms
24ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/OddrI9NOuB_.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8af274c171647062d29744e679763f07957583da4aa6f9690aaee4c0132480ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: zMdf1N1zjFRkgtELDiTmRg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2569
x-fb-rlafr: 0
x-fb-debug: G7QiMplx96LaYACcbZFHALNV18GJ5Yq0q43p5JFT8uhoeTanj/vLO+0dBH7oU5unrOyHSAtzxuHATKnDb20LKg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 29 May 2024 17:21:14 GMT

GET
DATA 200
OK truncated
/ Frame 0D11 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 vFrQxWP6ZYA.css
static.xx.fbcdn.net/rsrc.php/v3/yQ/l/0,cross/ Frame 0D11 18 KB
5 KB 76ms
24ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yQ/l/0,cross/vFrQxWP6ZYA.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

84c0b447cee69b0835b94a1aa4c8fed05a2005721d401bc02aa3d70316f59e58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fRbsMFgeMrn4qmarpukfBA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4424
x-fb-rlafr: 0
x-fb-debug: p3nErFleFnGacJeufBOTuBAL6okHVZzFpMudKve4c8QeaFhRS3GiCmoj2OKWfDwvkmQC0jJiX7Bqy5IDm/Vxsg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 29 May 2024 18:52:35 GMT

GET
DATA 200
OK truncated
/ Frame 0D11 516 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0592d1c43cb957f92dbb1ff08240a1c8faabc1eeb9e7186be2ce918dfd53da6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 _EJJNa3_fiz.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ Frame 0D11 306 KB
80 KB 142ms
91ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/_EJJNa3_fiz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fadbf72ee4fe9a7141457b00c85d63d3c21c940d762a28e2d6a859dfbf0102a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dG53eutA+6QzMdGZwg0CxQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 81953
x-fb-rlafr: 0
x-fb-debug: r6vhgugmtQVgc36ofdFO0vPU9uqYnwuCPqjgXIJ0luWKP9XdjBsidaqzRpoX5TORYPGGxEacrNisxYx4DBB1aw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 29 May 2024 18:42:49 GMT

GET
H2 200 Ka6Q-fwfz0F.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame 0D11 97 KB
29 KB 94ms
45ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/Ka6Q-fwfz0F.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

805f911869d903d297ec0cb6fb3f02540a883908096434d0c2535f48934ce767

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uBm8JcmVCIJHvBWgcOW/3A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 29615
x-fb-rlafr: 0
x-fb-debug: YF+vJXL/Si9os3N72AJdvMVoFOueOUQyQOxhJojZnYHxIDIv8R0yYYQ8JQ9b6n5lLpFvZE5CjGV+FK8pjf64ow==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 24 May 2024 23:23:51 GMT

GET
H2 200 QYiAigivtUp.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 0D11 52 KB
15 KB 140ms
90ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/QYiAigivtUp.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d45defd95f952507e6f98c50bb632ab1b4eb9184c5928ffbc1329f3dafe5d7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: EnNuB1KX7KDVdLC9fUgA6g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14745
x-fb-rlafr: 0
x-fb-debug: AvQ7BhmnAmC0sxfGimyWRg0FU258tAQRcRh6u5dc6jhrPTAeeq2IXR3taTgPKSK7McI/de28B30mfuFtpEbzzA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 30 May 2024 18:54:47 GMT

GET
H2 200 wwRV14_DSFk.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y0/l/en_US/ Frame 0D11 103 KB
30 KB 139ms
89ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/y0/l/en_US/wwRV14_DSFk.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d3c41a9932ae6f2d4162d5cc9626b87df919934217edf7732f1640c17d75599c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ooasim+t2CmKXnJb07zyAg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30608
x-fb-rlafr: 0
x-fb-debug: L2Ynxz/UI49xbe4EDtGpFqbOOYjuqcL8bSfRJo+5i/vNlJCeedn+AJ45IZObQ6Q4ah8NipRbfgHEvcxMRmvZHQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 30 May 2024 01:42:21 GMT

GET
H2 200 kpHH9AWO-Rm.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yT/r/ Frame 0D11 6 KB
2 KB 139ms
90ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/kpHH9AWO-Rm.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1f8548f59ad3046366b3c82d923308cf960624c7be4e4b9fc4732314940795c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: f9iDZEtIS7q8noiwqN/TJg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1859
x-fb-rlafr: 0
x-fb-debug: p9g2g5NdKCslKxqQeqVPeZPWBpF/uzH9+DAZS/kzVpuLWZJ6tiSBQvgctELtUxy5AdK1btudr7nigUrFCdowug==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 30 May 2024 20:09:17 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 0D11 507 B
488 B 138ms
89ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: rfFqYYSBVPnpgGU6r2/NP7LPB32fF7Q1vsUqzoJhSf3JWpwKPlx+a8jzFOVze7tw3AunKLZlzyZEWO40h2CrTw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 29 May 2024 19:53:44 GMT

GET
H2 200 CKDrEn1TYuq.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/yl/l/en_US/ Frame 0D11 232 KB
65 KB 95ms
46ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yl/l/en_US/CKDrEn1TYuq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

613413585069ca335956afe8c5a3055f2e7e2d3c73560cb16388384a179516df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: WPblnBEmecDEV70mTzXT8A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 66824
x-fb-rlafr: 0
x-fb-debug: KneNfv1di4b1R2We8aXcvYeoefN5p2Zkze2Pg4qsnloplBh+WYut04ArYu9njVHfovCsaOcgJ+cYJ07ye2k/Vg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 30 May 2024 20:08:57 GMT

GET
H2 200 T3z7kLt9wUd.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame 0D11 59 KB
15 KB 94ms
45ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/T3z7kLt9wUd.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f5a0b5a6eee5f4882f44fdb19d4b165bfcffd823d549d7726bb619bd4bee359

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /5ExBb9ca9H4nAtNOEWNAw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15279
x-fb-rlafr: 0
x-fb-debug: SNs07PE9jU+D1Hl+i/PAJLTXD5OJGljH/WULbzrg1ZRMcSEwgrObHOssvNNVcMOOIL2m0x7KbC2nxWgPULjJEg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 23 May 2024 23:50:56 GMT

GET
H2 200 7yrFj6puK50.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEBX4/yk/l/en_US/ Frame 0D11 30 KB
9 KB 94ms
46ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEBX4/yk/l/en_US/7yrFj6puK50.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b9b6d8d76b1728ca66f12764b0207451172fa9d5dd9969b54c429437ea3dba25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: VbATp26hQYAj2uZQ/Zx0ng==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8749
x-fb-rlafr: 0
x-fb-debug: qezsEIwoHtQI9bwGwYakQaIhSFQxrVFZJ7k+lKq9velsVbsZF2oReNwPx9P/BKbBju9dTTx2P/FLm34K+B9tzg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 29 May 2024 19:52:15 GMT

GET
H2 200 8YE6FkA2Gru.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 0D11 26 KB
9 KB 140ms
91ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/8YE6FkA2Gru.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3b8ce8843498dd14696bfe7757014510a7c480c3d96992471e8a9caf28d60512

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ObTiI1aB4xB2qe3ST3BjJA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8992
x-fb-rlafr: 0
x-fb-debug: xTj9Y/eOLeEMsGKyzrioxsI0uiwq6ZWJjH8z4276iCMQAsymcgwNBxaivekLWy+59/IIT8paYaiO8upQXxzF2A==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 29 May 2024 18:42:49 GMT

GET
H2 200 SGz4eMZs48K.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 0D11 6 KB
3 KB 139ms
91ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/SGz4eMZs48K.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f3c9d420219b742bbc205151eb6d7806a8bed330364bbbea46d1a4a37237cabb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: W6NUwkRmieTaygUx1APgLg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2751
x-fb-rlafr: 0
x-fb-debug: T8vVDvQ+JcB9xu4IsO+lU60h5WR2PAxobiXSQWzR8fyL7DgpM60DTK0JjhDMcxZNoQl8EYLnpPfcVgS1RYmTOQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 29 May 2024 17:12:35 GMT

GET
H2 200 bxjZcYwLUdd.js Show response
static.xx.fbcdn.net/rsrc.php/v3iFe24/yV/l/en_US/ Frame 0D11 6 KB
2 KB 139ms
90ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iFe24/yV/l/en_US/bxjZcYwLUdd.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f0cd1a5b692b0d8c5d1280d1d69c81acef394773ff1c4ed2f34c42361821f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: zSNxAoWjupd8tfPpSOdzJg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2233
x-fb-rlafr: 0
x-fb-debug: ujIW3K9CeZeFpsBy5dN0x4ShUXfVGdvdtHUkovrX9bcIbCNiX1/dOpjMV4I428+kExatzcehTWECj/CGYfp1qA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 29 May 2024 20:17:47 GMT

GET
H2 200 350812383_1368286213716510_6117418753910266734_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 0D11 10 KB
10 KB 23ms
22ms Image
image/jpeg 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/350812383_1368286213716510_6117418753910266734_n.jpg?stp=dst-jpg_s320x320&_nc_cat=104&ccb=1-7&_nc_sid=dd9801&_nc_ohc=2Q1GnJNRELwAX-gq3Gb&_nc_ht=scontent.xx&edm=AGggysMEAAAA&oh=00_AfCLd5dgI7kkGMr1MoYUg8MFk1Yfp0SlEqIvywYLL30_tw&oe=647D6C27
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12e9f1084b45ac%26domain%3Dnhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnhradiv3.com%252Ff7bde97f93db3%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: fc438c0ba6d7c6a58ec29dc21a2f6bb85f50ec4649eefe54a6c6d085c7926e8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
x-fb-trip-id: 1679558926
x-fbtype: 30808
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 30 May 2023 14:19:33 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3782054692
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 602148479
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 10221

GET
H2 200 162528649_129499445844920_4183381313066709972_n.jpg
scontent.xx.fbcdn.net/v/t1.6435-1/ Frame 0D11 2 KB
2 KB 21ms
21ms Image
image/jpeg 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t1.6435-1/162528649_129499445844920_4183381313066709972_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=105&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=FQ8NPlEQd3AAX9qFZ5q&_nc_ht=scontent.xx&edm=AGggysMEAAAA&oh=00_AfDnibBp-lnV254zxHoU6ZiVqY5v_Hl-4Jw-USX78RXv9g&oe=649F4ECF
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12e9f1084b45ac%26domain%3Dnhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnhradiv3.com%252Ff7bde97f93db3%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 9b73ce322de806369e6127542882897aaf57d5f74ddeace9639752da86343937

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-haystack-needlechecksum: 3167997119
date: Thu, 01 Jun 2023 01:09:55 GMT
x-fbtype: 6435
content-digest: adler32=458435845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2160
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Sat, 20 Mar 2021 12:13:56 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-needle-checksum: 1479765428
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 350793089_251551724135376_245812026265621769_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 0D11 7 KB
7 KB 23ms
21ms Image
image/jpeg 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/350793089_251551724135376_245812026265621769_n.jpg?stp=dst-jpg_s235x165&_nc_cat=111&ccb=1-7&_nc_sid=8024bb&_nc_ohc=BhzGZw7MvqgAX8JL7bD&_nc_ht=scontent.xx&edm=AGggysMEAAAA&oh=00_AfBsr6jG3nXvW57Gmrov6W7PLoC-DcfqBvZioJlgjwvpdg&oe=647D3EE8
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12e9f1084b45ac%26domain%3Dnhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnhradiv3.com%252Ff7bde97f93db3%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4a707beb91cb3a872af275f58682aab473884053e43a31a46f8f47b64308723a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
x-fb-trip-id: 1679558926
x-fbtype: 30808
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 31 May 2023 19:58:02 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1804237002
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3066157967
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 7558

GET
H2 200 350323633_1384626088991019_6472720679242292436_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 0D11 5 KB
5 KB 26ms
25ms Image
image/jpeg 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/350323633_1384626088991019_6472720679242292436_n.jpg?stp=dst-jpg_p118x90&_nc_cat=103&ccb=1-7&_nc_sid=8024bb&_nc_ohc=M7UeSKiw_6kAX_kvgSW&_nc_ht=scontent.xx&edm=AGggysMEAAAA&oh=00_AfAQ6KGgVTXB0iutNtSmThjw4Hs2qXXvg_UTTO67-kEInA&oe=647C64BA
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12e9f1084b45ac%26domain%3Dnhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnhradiv3.com%252Ff7bde97f93db3%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4dad9351597016102210b1d8e7d2187f39c362b4b24c04241c35bd5c9bc55d1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-haystack-needlechecksum: 2640363752
date: Thu, 01 Jun 2023 01:09:55 GMT
x-fbtype: 30808
content-digest: adler32=2707495235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5405
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 31 May 2023 16:49:08 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-needle-checksum: 722117959
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 350464257_220043367457331_5604932876166402659_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 0D11 7 KB
7 KB 30ms
29ms Image
image/jpeg 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/350464257_220043367457331_5604932876166402659_n.jpg?stp=dst-jpg_p118x90&_nc_cat=107&ccb=1-7&_nc_sid=8024bb&_nc_ohc=3OhqNiEu4voAX8usvmd&_nc_ht=scontent.xx&edm=AGggysMEAAAA&oh=00_AfBlsAJhNnAv59yqG3HJy40GPtR_hij6-G3VtwCrFGx9Pw&oe=647C88A7
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12e9f1084b45ac%26domain%3Dnhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnhradiv3.com%252Ff7bde97f93db3%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ca9414e0f73ed8ae6d67b37996f5a87fff00ea1f4cbba22604bee27c04d392fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-haystack-needlechecksum: 2202526745
date: Thu, 01 Jun 2023 01:09:55 GMT
x-fbtype: 30808
content-digest: adler32=3801124002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7493
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 31 May 2023 16:49:13 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-needle-checksum: 3270291003
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 348864975_721475292997541_4821343780799633527_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 0D11 9 KB
9 KB 34ms
33ms Image
image/jpeg 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/348864975_721475292997541_4821343780799633527_n.jpg?stp=dst-jpg_s235x165&_nc_cat=110&ccb=1-7&_nc_sid=8024bb&_nc_ohc=kSWqBXL6rnYAX-kyK2m&_nc_ht=scontent.xx&edm=AGggysMEAAAA&oh=00_AfBLVP-tqX1PrNSWuv9EE2AkJDs4pA8H5_zIp0a2u1nXEg&oe=647C6C18
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12e9f1084b45ac%26domain%3Dnhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnhradiv3.com%252Ff7bde97f93db3%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 1f0f28b031e2d2a909749d820ee00ea5628ddda70373e6624bba1d902e142039

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
x-fb-trip-id: 1679558926
x-fbtype: 30808
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 29 May 2023 02:55:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=258568552
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3406066326
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 9452

GET
H2 200 349584828_1209080899799790_7803944249598015667_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 0D11 12 KB
12 KB 52ms
52ms Image
image/jpeg 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/349584828_1209080899799790_7803944249598015667_n.jpg?stp=cp1_dst-jpg_p173x172&_nc_cat=108&ccb=1-7&_nc_sid=110474&_nc_ohc=81z1T3pciLUAX_5X-MI&_nc_ht=scontent.xx&edm=AGggysMEAAAA&oh=00_AfDhLI50Oyo87lxUAaQ6jP49_AdIbTsvoR8wDxL-QCGPIg&oe=647D221D
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12e9f1084b45ac%26domain%3Dnhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnhradiv3.com%252Ff7bde97f93db3%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a93fd37e7c849f29b3688c55010aa00e1fbfb230a4d98f23ac534944214db93c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
x-fb-trip-id: 1679558926
x-fbtype: 30808
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 28 May 2023 16:35:52 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3749803456
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3527572387
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 11922

GET
H2 200 348836366_784081066635122_3832631442352689419_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 0D11 9 KB
9 KB 33ms
33ms Image
image/jpeg 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/348836366_784081066635122_3832631442352689419_n.jpg?stp=cp1_dst-jpg_s526x296&_nc_cat=103&ccb=1-7&_nc_sid=110474&_nc_ohc=vigL02G7m2YAX-3AR23&_nc_ht=scontent.xx&edm=AGggysMEAAAA&oh=00_AfA992A-UK5UMi3IR458Iy2Vh0i2eeBshDfbJqQPxsgEOg&oe=647CD62F
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12e9f1084b45ac%26domain%3Dnhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnhradiv3.com%252Ff7bde97f93db3%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: da9440d50ee19debf4167685f48ddba1aa468338c8fff20039f7ddc200da3153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
x-fb-trip-id: 1679558926
x-fbtype: 30808
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 28 May 2023 00:07:31 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1619665034
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2435487655
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 9457

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2B8A 42 B
64 B 59ms
58ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstH5bL0itJba4PYEF3QxblvzRv-nM4QSpYMX_xaSzPziB9nq5ItuCQIQoai0ccZnXneVNFMI6A_vFL5ueO789oScBpWTmSLV6s&sig=Cg0ArKJSzO6GPRLwruwcEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230531&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=651903219&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685581794368&rpt=312&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 0D11 573 B
630 B 60ms
37ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/06ZX3mXSkRb.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/06ZX3mXSkRb.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: /Wy/uJqpjDin7tt7oK/Yu6+GJBzs2/3bViurx9djJqr9Z8hv1Tn1RLzj2KCeo/3XTAYLuK6P4hSI/AqyYhlE9A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1,i
expires: Thu, 23 May 2024 23:50:55 GMT

GET
H3 200 re1hPxQECWj.png
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 0D11 3 KB
3 KB 60ms
38ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/re1hPxQECWj.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/7wUbFZgkwwx.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fcdaa4a9116d5ab88233e3349fea2428f2a4c46b3538900117cef9c8c1d31f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/7wUbFZgkwwx.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:55 GMT
x-content-type-options: nosniff
content-md5: i7RWZH3OINQHgRs93K4JmQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2674
x-fb-rlafr: 0
x-fb-debug: EkfbW6hPtsNwq8JoW2wEcFw3FClODdnkxBB2Xu+5/c2Az7waSEb64ixjiI55HOrdxIjOkRRScgsjPNrxddiFDw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1,i
expires: Thu, 23 May 2024 23:04:18 GMT

GET
H3 200 1f6a8.png
static.xx.fbcdn.net/images/emoji.php/v9/t45/1/16/ Frame 0D11 634 B
692 B 61ms
38ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/images/emoji.php/v9/t45/1/16/1f6a8.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

60693d6a606540052f32df0e43ad850322256cbe52d614032ee6455e0cee1611

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 01 Jun 2023 01:09:55 GMT
x-content-type-options: nosniff
content-md5: CyUhckRyclzkcvLVFJr2hw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 634
x-fb-rlafr: 0
x-fb-debug: boP70PWyg5yx2HdilE3C6wwVxcKVr8oR0y0UCYpHYUUbycxNcUm9gTqLhqZDUT2EFW7qdstZ/WFeEUv58GJvww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
cross-origin-opener-policy: same-origin
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1,i
expires: Thu, 23 May 2024 20:06:19 GMT

POST
H/1.1 200
OK vevent
lax1-ib.adnxs-simple.com/ Frame 2B8A 0
802 B 228ms
228ms Ping
text/html 104.254.151.120
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://lax1-ib.adnxs-simple.com/vevent?an_audit=0&referrer=nhradiv3.com&e=wqT_3QKjC2yjBQAAAwDWAAUBCOHf36MGEPXhuPH2nPzEMxj_EQF4ASo2CSh9IeS8_58_EWKqTyj6Mps_GQAAAIAUrhBAIRESACkRJNgxAAAA4KNw7T8w9vb1DDizGUC8CUhlUMiVwssBWMWIlQFgAGjEnLABeN3mA4ABAYoBA1VTRJIBAQb0EwWYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAsgIBMNgCpEPgAur5JeoCDG5ocmFkaXYzLmNvbYADAYgDAJADAJgDFKADAaoD8AYKtwZodHRwczovL2FkeC5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvYWR2aWV3P2FpPUNSMDI4NHU5M1pLandBLWZ3a1BJUF9mVzVvQVhDOXNIU2I2akExTGpHRVpfMzlQMElFQUVnNXBmV0pXQ1ZBcUFCMnRIOTBDaklBUUtwQWt1UXBwSlc3N0UtcUFNQnlBT1pCS29FNFFGUDBLSFp6a2s0bWg4X1FGQUVfbkRvcFFHQ3dOZ0RlNUYxLUFRcFlnZWc0dzBtQVJDM2FWUVpaUi1OOXVjNDBEMlZ4aklLVHUzclBpYWkxOFpqWHpQa2p0WW1qMjB2aUV3Z1dYZWotVHNlUm1sUmczUjFVVVYwM21QcWVVZm13OHkzdG9vWkFYUEpqc05BbDA1UHIzcDRZNU1EZWVhQUdxTTFWUWtyUHFsQVBwT0tzNzNmSk81Tm8yaW8zUFYyZUlNQ05ZaVZfNGd0T0VoVV9EX2ZvWnBTeHlJSk9CSDhENEJFTGVmcnZnN0pRQXdVSkhVVmc1SzZRMHE5eW1nRHZZYloyLVd4bXQ1cTQ5a21KRlV5RGF3NmJNVXR4U25nY0gtWlNMTjAxSkNQUnhQQUJKV2poZEtZQk9BRUE0Z0Y0WXo1X1VtU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCZ0tBQjlxSnpyQURxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1FrZlFCR0w3d2ctUUIwZ2dXQ0lEaGdCQVFBUmhmTWdLcUFqb0NnRUJJdmYzQk92SUlEbUpwWkdSbGNpMDJNekE1TVRRemdBb0V5QXNCc0JQWmxOVVN5Qk9tMzVYaUE5Z1RDb2dVQWRnVUFkQVZBWUFYQWJJWENBb0dDQUFTQUJnQTZCY0Imc2lnaD1KVHZhd2pod2tMVSZ1YWNoX209W1VBQ0hdJmNpZD1DQVFTR3dCeWdRaURrWmZaN3EzdGJEaVVCeE5zbUdvY0RkeXJWSGgwV0JnQiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMzNzEzNzY0MjQ0NTIwMzE3MTczIgk0MjY4MDU5NjAqCTkxNzY1OTM5NjoJNDc4MjE0MjA2wAOsAsgDANgD7cww4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQNODQuMTkuMTc1LjE4MKgExuEPsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBMiVwssBiAUBmAUAoAWksMHWkKOPiyaqBSpjOWRkYzFjOC04NDNiLTRjZmItODgyNC05MTg1N2M1Nzk3NGJ-ODgzfjHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXv0hz6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG5IoE2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTk4NTk5MTYzODXIB93mA9IHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHAIoIAhAAlQgAAIA_mAgB&s=0d4d7fd9a248b4356ec92852c80044864e4bf3d6&type=pv&jm=1003&px=436&py=1110&bw=728&bh=90&sf=1&sid=6782390291892234940&vd=ct~0|rr~5&sv=233&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27097974&ft=2

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/233/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 01:09:56 GMT
AN-X-Request-Uuid: fa6741cf-b327-40c3-b52b-f3b42649f24d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://nhradiv3.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs-simple.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 1.gif
i.jsrdn.com/i/ 42 B
281 B 58ms
58ms Image
image/gif 52.48.129.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jsrdn.com/i/1.gif?r=8ybj&k=ZQl3YQlhCTMxNjUJZAlldS13ZXN0LTFhCWgJaS0wOTMwNzdkYzkyMTVlZmExZgl1CThiYjM4YWFlLWIyY2ItNDlmZS1iMTk5LWQ1M2NmNTRiNjY2YQl2CTMzODAzMTc2LWI3MWQtNDdkOC04ZmMzLTRmZjY3YTlkNjllYQlzdglqc3Jkbgl2bAkyMDIzMDYwMS4wMTAwCXZ0CTIwMjMwNjAxLjAxMDAJdnMJMjAyMzAyMjEJdmMJMjAyMzA0MjcJc3QJMjAyMzA2MDEuMDEwOTUyCWkJMDUwM2NjNzYtYWZiMi00M2RmLThhMzUtZGExM2JhNThjOWFmCWYJaHR0cHM6Ly9uaHJhZGl2My5jb20vCXEJYjY1NzU5NGEtZWE5Yy00YzExLWI2OGItYjUyZmNjYjcyMDIyCW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk2MDgwCWMJNjEzNglsCTIxMDQ2CXoJMjAwODkJcwk3MDkzCXAJMjMwNjYJdwllbnRlcnRhaW5tZW50CWNzCUlBQjEJY3oJCWdjCURFCWdyCU5XCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAluaHJhZGl2My5jb20Jc2UJMzI0MzkwMzE2NgltYwkxMDEyMjQ1CW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JNDUxNQl2bgkyMjgwODA2CXZwCTEJdmcJcHIJY2kJNWQ0ZDA2OGYtODM1NS0yNWQ4LTJmYjItYzExNmIyN2MyYjMzCWNwCXRkCXZ2CTIwMjMwNDI2XzIxMjg6cGQxX2h0bWw1OjMuNTc1LjAJd3QJNzA5CWFkVGFnCS8vYS5qc3Jkbi5jb20vcHJlYmlkL3RhZ3Mvb3MvcDIzMDY2LWRzLWRlc2t0b3Atb3MuanNvbj9hY2E9MSZlbnYuc2Q9bmhyYWRpdjMuY29tJmVudi5nYz1ERSZlbnYuc2U9MzI0MzkwMzE2Ng
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.129.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:56 GMT
server: Apache
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ie38mp0O07P.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 0D11 25 KB
10 KB 27ms
27ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/_EJJNa3_fiz.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CEYVgZg04j7erS0ub7sNsg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10390
x-fb-rlafr: 0
x-fb-debug: NAnPVYL3ZbFJI9nNyzjri+HJVW8ULgGV3W1W3lMBnO1RdapA816m+JeEo8jqMLpe1y6v8dDeWtYA/9qYvskn0w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Wed, 29 May 2024 16:42:54 GMT

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 0C3A 36 B
334 B 39ms
38ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=859575&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2214de4f9d66391a%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fnhradiv3.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fnhradiv3.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%226.29.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fnhradiv3.com%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222db6fb7b064e9e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22859575%22%2C%22sid%22%3A%22640x480%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fogg%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A60%2C%22playerSize%22%3A%5B%5B640%2C480%5D%5D%2C%22linearity%22%3A1%2C%22startdelay%22%3A0%2C%22placement%22%3A3%2C%22w%22%3A640%2C%22h%22%3A480%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22distroscale.com%22%2C%22sid%22%3A%223243903166%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b365ac9bcd5186ef633b2ce67a89bd968f50ffcc4bad77023ece2b590d99359d

Request headers

Referer: https://nhradiv3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOk4d%2B3c490epmsU2sLA4fquB3m7vUcoNmMAY8LOac%2Frv02%2Bykc9MgyKUeOm27UTBcJdFAX8APdE2aDBfpxmsrkAVpy%2FdMqXAaFCuGtDAYFSZv%2BcsggEwBo9S%2FkTRyCvmexsqY59"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://nhradiv3.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7d0392f12cff9118-FRA
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 bid.json Show response
reachms.bfmio.com/ Frame 0C3A 0
140 B 150ms
149ms XHR
text/plain 34.236.219.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reachms.bfmio.com/bid.json?exchange_id=3c9cb0ab-4555-4bb2-c02a-e13f487c95ab
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.219.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-219-103.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nhradiv3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nhradiv3.com
date: Thu, 01 Jun 2023 01:09:56 GMT
access-control-expose-headers: location
access-control-allow-credentials: true
vary: Origin

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 0C3A 173 B
401 B 33ms
30ms XHR
application/json 52.29.115.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.115.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-115-187.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f652d3c3c92d9c8cf9a9ac6f9afc18a86011bc7c53f77852442fa716d0cf986b

Request headers

Referer: https://nhradiv3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:56 GMT
content-encoding: gzip
x-prebid: pbs-java/1.119.0
content-type: application/json
access-control-allow-origin: https://nhradiv3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

GET
H2 200 avjp Show response
distroscale-d.openx.net/v/1.0/ Frame 0C3A 106 B
170 B 40ms
37ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://distroscale-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fnhradiv3.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2e00bcb6-91ee-44d4-a492-d98b03db747b&nocache=1685581796012&schain=1.0%2C1!distroscale.com%2C3243903166%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A640%2C%22h%22%3A480%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fogg%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22api%22%3A%5B2%5D%2C%22maxduration%22%3A60%2C%22linearity%22%3A1%2C%22minduration%22%3A0%2C%22startdelay%22%3A0%2C%22placement%22%3A3%7D%7D%5D%7D&auid=558415435&vwd=640&vht=480&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fogg%2Cvideo%2Fwebm%2Capplication%2Fjavascript
Requested by: Host: nhradiv3.com
URL: https://nhradiv3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://nhradiv3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:56 GMT
via: 1.1 google
server: OXGW/0.0.0
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://nhradiv3.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 1487645_6012475414660_1439393861_n.png
scontent.xx.fbcdn.net/hads-ak-prn2/ Frame 0D11 79 B
121 B 23ms
22ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/hads-ak-prn2/1487645_6012475414660_1439393861_n.png
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12e9f1084b45ac%26domain%3Dnhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnhradiv3.com%252Ff7bde97f93db3%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/png
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 79
priority: u=3,i
expires: Thu, 01 Jun 2023 01:09:56 GMT

GET
H2 200 1.gif
i.jsrdn.com/i/ 42 B
281 B 59ms
58ms Image
image/gif 52.48.129.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jsrdn.com/i/1.gif?r=p7uc&k=ZQl3d2EJYQkzMjA1CWQJZXUtd2VzdC0xYQloCWktMDkzMDc3ZGM5MjE1ZWZhMWYJdQk4YmIzOGFhZS1iMmNiLTQ5ZmUtYjE5OS1kNTNjZjU0YjY2NmEJdgkzMzgwMzE3Ni1iNzFkLTQ3ZDgtOGZjMy00ZmY2N2E5ZDY5ZWEJc3YJanNyZG4JdmwJMjAyMzA2MDEuMDEwMAl2dAkyMDIzMDYwMS4wMTAwCXZzCTIwMjMwMjIxCXZjCTIwMjMwNDI3CXN0CTIwMjMwNjAxLjAxMDk1MglpCTA1MDNjYzc2LWFmYjItNDNkZi04YTM1LWRhMTNiYTU4YzlhZglmCWh0dHBzOi8vbmhyYWRpdjMuY29tLwlxCWI2NTc1OTRhLWVhOWMtNGMxMS1iNjhiLWI1MmZjY2I3MjAyMgltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNjA4MAljCTYxMzYJbAkyMTA0Ngl6CTIwMDg5CXMJNzA5MwlwCTIzMDY2CXcJZW50ZXJ0YWlubWVudAljcwlJQUIxCWN6CQlnYwlERQlncglOVwlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJbmhyYWRpdjMuY29tCXNlCTMyNDM5MDMxNjYJbWMJMTAxMjI0NQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTQ1MTUJdm4JMjI4MDgwNgl2cAkxCXZnCXByCWNpCTVkNGQwNjhmLTgzNTUtMjVkOC0yZmIyLWMxMTZiMjdjMmIzMwljcAl0ZAl2dgkyMDIzMDQyNl8yMTI4OnBkMV9odG1sNTozLjU3NS4wCXd0CTcwOQl3d2EJYmlkZGVyOml4LW9zfGJlYWNoZnJvbnQtb3N8cnViaWNvbi1vc3xvcGVueC1vcwlhZFRhZwkvL2EuanNyZG4uY29tL3ByZWJpZC90YWdzL29zL3AyMzA2Ni1kcy1kZXNrdG9wLW9zLmpzb24_YWNhPTEmZW52LnNkPW5ocmFkaXYzLmNvbSZlbnYuZ2M9REUmZW52LnNlPTMyNDM5MDMxNjY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.129.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:56 GMT
server: Apache
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B8A 0
20 B 58ms
57ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8949953040795&version=m202301230201&ct=2&x=10&cor=5532014260476275000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1.gif
i.jsrdn.com/i/ 42 B
281 B 64ms
64ms Image
image/gif 52.48.129.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jsrdn.com/i/1.gif?r=azfm&k=ZQl3d2gJYQkzMzM3CWQJZXUtd2VzdC0xYQloCWktMDkzMDc3ZGM5MjE1ZWZhMWYJdQk4YmIzOGFhZS1iMmNiLTQ5ZmUtYjE5OS1kNTNjZjU0YjY2NmEJdgkzMzgwMzE3Ni1iNzFkLTQ3ZDgtOGZjMy00ZmY2N2E5ZDY5ZWEJc3YJanNyZG4JdmwJMjAyMzA2MDEuMDEwMAl2dAkyMDIzMDYwMS4wMTAwCXZzCTIwMjMwMjIxCXZjCTIwMjMwNDI3CXN0CTIwMjMwNjAxLjAxMDk1MglpCTA1MDNjYzc2LWFmYjItNDNkZi04YTM1LWRhMTNiYTU4YzlhZglmCWh0dHBzOi8vbmhyYWRpdjMuY29tLwlxCWI2NTc1OTRhLWVhOWMtNGMxMS1iNjhiLWI1MmZjY2I3MjAyMgltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNjA4MAljCTYxMzYJbAkyMTA0Ngl6CTIwMDg5CXMJNzA5MwlwCTIzMDY2CXcJZW50ZXJ0YWlubWVudAljcwlJQUIxCWN6CQlnYwlERQlncglOVwlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJbmhyYWRpdjMuY29tCXNlCTMyNDM5MDMxNjYJbWMJMTAxMjI0NQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTQ1MTUJdm4JMjI4MDgwNgl2cAkxCXZnCXByCWNpCTVkNGQwNjhmLTgzNTUtMjVkOC0yZmIyLWMxMTZiMjdjMmIzMwljcAl0ZAl2dgkyMDIzMDQyNl8yMTI4OnBkMV9odG1sNTozLjU3NS4wCXd0CTcwOQl3d2gJYmlkZGVyOm5vbmUsY3BtOjAJYWRUYWcJLy9hLmpzcmRuLmNvbS9wcmViaWQvdGFncy9vcy9wMjMwNjYtZHMtZGVza3RvcC1vcy5qc29uP2FjYT0xJmVudi5zZD1uaHJhZGl2My5jb20mZW52LmdjPURFJmVudi5zZT0zMjQzOTAzMTY2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.129.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:56 GMT
server: Apache
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK index.html Show response
s3-us-west-2.amazonaws.com/distroscale-public/vplayer-parallel/20230426_2128/ima_html5/ Frame 7E20 21 KB
7 KB 645ms
218ms Document
text/html 52.92.241.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/distroscale-public/vplayer-parallel/20230426_2128/ima_html5/index.html
Requested by: Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ds_vplayer_detached.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.241.168 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6395e8bd3c20d6fa5091a8aa3115a117c563df4de3d633ddd3ac29c850ad7a82

Request headers

Referer: https://nhradiv3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Length: 7092
Content-Type: text/html
Date: Thu, 01 Jun 2023 01:09:57 GMT
ETag: "475744d90e2d1ae4dc5c8173c898b717"
Last-Modified: Wed, 26 Apr 2023 21:29:45 GMT
Server: AmazonS3
x-amz-id-2: zRLkjo/c78g2HLa585ms0zAzv8JFiU5bktRZE3VXT9CsWEDlrUntnC/r78t+3RtXX5bgz6d2lUc=
x-amz-request-id: WYKGWPZ25A2ZMZKV
x-amz-server-side-encryption: AES256
x-amz-version-id: ZNQEVHdttYQsZn7QvWVRQUkAp.LZW8tu

GET
H2 200 1.gif
i.jsrdn.com/i/ 42 B
281 B 62ms
62ms Image
image/gif 52.48.129.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jsrdn.com/i/1.gif?r=19s9&k=ZQl3ZQlhCTMzNDIJZAlldS13ZXN0LTFhCWgJaS0wOTMwNzdkYzkyMTVlZmExZgl1CThiYjM4YWFlLWIyY2ItNDlmZS1iMTk5LWQ1M2NmNTRiNjY2YQl2CTMzODAzMTc2LWI3MWQtNDdkOC04ZmMzLTRmZjY3YTlkNjllYQlzdglqc3Jkbgl2bAkyMDIzMDYwMS4wMTAwCXZ0CTIwMjMwNjAxLjAxMDAJdnMJMjAyMzAyMjEJdmMJMjAyMzA0MjcJc3QJMjAyMzA2MDEuMDEwOTUyCWkJMDUwM2NjNzYtYWZiMi00M2RmLThhMzUtZGExM2JhNThjOWFmCWYJaHR0cHM6Ly9uaHJhZGl2My5jb20vCXEJYjY1NzU5NGEtZWE5Yy00YzExLWI2OGItYjUyZmNjYjcyMDIyCW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk2MDgwCWMJNjEzNglsCTIxMDQ2CXoJMjAwODkJcwk3MDkzCXAJMjMwNjYJdwllbnRlcnRhaW5tZW50CWNzCUlBQjEJY3oJCWdjCURFCWdyCU5XCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAluaHJhZGl2My5jb20Jc2UJMzI0MzkwMzE2NgltYwkxMDEyMjQ1CW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JNDUxNQl2bgkyMjgwODA2CXZwCTEJdmcJcHIJY2kJNWQ0ZDA2OGYtODM1NS0yNWQ4LTJmYjItYzExNmIyN2MyYjMzCWNwCXRkCXZ2CTIwMjMwNDI2XzIxMjg6cGQxX2h0bWw1OjMuNTc1LjAJd3QJNzA5CXdlCVt3ZV0gZXJyb3I6Tm8gdmFsaWQgYmlkcyByZWNlaXZlZAlhZFRhZwkvL2EuanNyZG4uY29tL3ByZWJpZC90YWdzL29zL3AyMzA2Ni1kcy1kZXNrdG9wLW9zLmpzb24_YWNhPTEmZW52LnNkPW5ocmFkaXYzLmNvbSZlbnYuZ2M9REUmZW52LnNlPTMyNDM5MDMxNjY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.129.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:56 GMT
server: Apache
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 64ms
63ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305250101&jk=463469340360963&bg=!dnWldSHNAAZu7ficTu07ADkAdvg8Wlil4TJNwRtMIMwgBBd8zIxdGXUat-2wDNZjo8Ej6thrd6ISjgCkpYeYXKtGLUW6MH5ExrgCAAABClIAAAAGaAEHmQL3NHFzD6zz7LQw8K8bJ3lYw-LjZA_ReBwoMFNFbo9BJl2zL9U9vohp5zgH6ovOu8FRv0fJU3GZ1wn7qIHk2QpiReg1m9sLs0wE6nUgvhTwMtn-4LrA2x8V71tDruAvm756lPM3FIMVNHGYd1EGNwzBbmhFp-iBaIxYCtVD7b9Cdau8dkf4tKCm-UrFop5jAEUlgASYaZJFEm80GvAYVgBflgg-VZE2IHgnHL2JAsaiot6WdWZzYLRUBNDeJFEh6FnNOukCgaXpQPaQjzjQVwjEy6jhEHfPWDAaI7RaSyj2jKxPEUJeyAZGEOViZDE3gaL70cKjDZLJdr1nZTmUlJJpuGHDhm6_PTpgVhFxX0k4el4QaFor4qfJl67W3QtVgxp8AxD_pFCPQk4cKCzuWVzL1hM9C3FKAs9fJ5YG6s3rcRekrKp9unvVrMpZJrDb8NhtHvRmojR3EJzhq9cGm025wuPYcyAd4AQbBxdpyoz9QQTyLKA9QcBR4UNqGmN8NJXrFveZ9Yjqb6TTaXgnJyliCBGUkb6SDwVEx8AEOVhUcpm48OPMKy4_aN59jMHv9cRYwX7UiuyZeciWiveiQ6sycolVTl1fl-xaCa-bBW44aIlib8HxVEw6w-6jIvtpWUTJn96LssBIpPCQq6jUdVtYqa_t61kqlM7lt_Skmet7txbjbJiLqiZTlXUwCANvo0OpIzctwOiugNeP2uPxZtb0Hqbwn74Dv2ZXImfnRxKZUxjF2biZZGbrfy-IIO3Loo_UlhMjHJYmcsf233eysciT4jbXQUyUvPdyoRoxFJOeLNVSol7q4xOFV4cvEtSNnGaVPrx3tMosbdhOlK3BqMlatUFFzaCr3NihG5jeymtFt8PF-fHHMBeE0hilRNSukxF6HKDPXBOTHYPr5BJNjx1vyC7MrwwY_r8VA-4OY0bExIehwSR67giFYcCFaTR6yvOfvq3dId--T3RSAcdB5Pz-M7_hc-51iHrXN5qgDo3p3otGAYVQcxmB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 7E20 361 KB
120 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/distroscale-public/vplayer-parallel/20230426_2128/ima_html5/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3-us-west-2.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123025
x-xss-protection: 0
expires: Thu, 01 Jun 2023 01:09:56 GMT

GET
H/1.1 206
Partial Content minimal.mp4
s3-us-west-2.amazonaws.com/distroscale-public/vplayer-parallel/20230426_2128/ima_html5/ Frame 7E20 843 B
1 KB 216ms
216ms Media
video/mp4 52.92.241.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/distroscale-public/vplayer-parallel/20230426_2128/ima_html5/minimal.mp4
Requested by: Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/distroscale-public/vplayer-parallel/20230426_2128/ima_html5/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.241.168 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer: https://s3-us-west-2.amazonaws.com/distroscale-public/vplayer-parallel/20230426_2128/ima_html5/index.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 01 Jun 2023 01:09:57 GMT
x-amz-version-id: 89LafSTvveiCaYXVbDRaO1zxtruX4_Yf
Last-Modified: Wed, 26 Apr 2023 21:29:46 GMT
Server: AmazonS3
x-amz-request-id: WYKQNYYKMAJDA6TV
ETag: "fb62001afaa95ed461f35992d7431867"
x-amz-server-side-encryption: AES256
Content-Type: video/mp4
Content-Range: bytes 0-842/843
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 843
x-amz-id-2: fG4iskFTmilquWikgU1g3187HSbMHmF3Oo4mxzQihunMuAbWFup08w4yDRwz62fVBrOwtT6PH1c=

GET
H3 200 bridge3.575.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2DC1 707 KB
226 KB 22ms
22ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f19114fc66ef2ca455dc1b7e93be045b3698a3f291312e951b163473fbf6980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s3-us-west-2.amazonaws.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231096
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 14:00:29 GMT
expires: Thu, 30 May 2024 14:00:29 GMT
last-modified: Mon, 22 May 2023 19:34:41 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 7E20 44 KB
16 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3-us-west-2.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Jun 2023 01:09:56 GMT

GET
H2 200 1.gif
i.jsrdn.com/i/ 42 B
281 B 58ms
58ms Image
image/gif 52.48.129.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jsrdn.com/i/1.gif?r=cb9k&k=ZQl3YQlhCTQwOTIJZAlldS13ZXN0LTFhCWgJaS0wOTMwNzdkYzkyMTVlZmExZgl1CThiYjM4YWFlLWIyY2ItNDlmZS1iMTk5LWQ1M2NmNTRiNjY2YQl2CTMzODAzMTc2LWI3MWQtNDdkOC04ZmMzLTRmZjY3YTlkNjllYQlzdglqc3Jkbgl2bAkyMDIzMDYwMS4wMTAwCXZ0CTIwMjMwNjAxLjAxMDAJdnMJMjAyMzAyMjEJdmMJMjAyMzA0MjcJc3QJMjAyMzA2MDEuMDEwOTUyCWkJMDUwM2NjNzYtYWZiMi00M2RmLThhMzUtZGExM2JhNThjOWFmCWYJaHR0cHM6Ly9uaHJhZGl2My5jb20vCXEJYjY1NzU5NGEtZWE5Yy00YzExLWI2OGItYjUyZmNjYjcyMDIyCW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk2MDgwCWMJNjEzNglsCTIxMDQ2CXoJMjAwODkJcwk3MDkzCXAJMjMwNjYJdwllbnRlcnRhaW5tZW50CWNzCUlBQjEJY3oJCWdjCURFCWdyCU5XCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAluaHJhZGl2My5jb20Jc2UJMzI0MzkwMzE2NgltYwkxMDEyMjQ1CW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JNDUxNQl2bgkyMjgwODA2CXZwCTEJdmcJcHIJY2kJNzBjOWY5NDAtOGEwOS1lMTJhLTAyMmQtZDA2YjcyMTY4ZTM0CWNwCWdnCXZ2CTIwMjMwNDI2XzIxMjg6aW1hX2h0bWw1OjMuNTc1LjAJd3QJNjUyCWFkVGFnCS8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM_aXU9LzM0MjMwMTA5LDEwMTIyNDUvMjMwNjZfNzcxNjU2MjE2OCZkZXNjcmlwdGlvbl91cmw9aHR0cHMlM0ElMkYlMkZuaHJhZGl2My5jb20lMkYmdGZjZD0wJm5wYT0wJnN6PTY0MHg0ODAlN0MxMjgweDcyMCU3QzE5MjB4MTA4MCU3QzQwMHgzMDAmY3VzdF9wYXJhbXM9ZHNtY20lM0QxJTI2ZHNkJTNEbmhyYWRpdjMuY29tJmdkZnBfcmVxPTEmb3V0cHV0PXZhc3QmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZlbnY9dnAmaW1wbD1zJmNvcnJlbGF0b3I9Nzg1Nzk3JmdkcHI9MSZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.129.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:56 GMT
server: Apache
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 bz Show response
www.facebook.com/ajax/ Frame 0D11 0
1 KB 67ms
66ms XHR
text/html 2a03:2880:f17b:187:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xe6HzE4e685KbwKBAodod8d898nwgU29zEdEc83WwvE3vx60Vo1upEdEnwcG0KEswIwuo2aw7Bx61vw55xS0sy0ny0RE2Jw8W0iW0pa0h-0Lo6-0Co2cwcq&__hs=19509.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7239518684513210741&__req=1&__rev=1007591086&__s=%3A%3Afucjcl&__sp=1&__user=0&dpr=1&jazoest=21836&locale=en_US&lsd=ATPA8Ce848y4qufjQ6pliS

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/Ka6Q-fwfz0F.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f17b:187:face:b00c:0:25de Saint-Denis, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v2.12/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12e9f1084b45ac%26domain%3Dnhradiv3.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnhradiv3.com%252Ff7bde97f93db3%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FNhraNorthCentralDivision3%2F%3Fref%3Dbookmarks&locale=en_US&sdk=joey&show_faces=true&stream=true&width=245
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryiEYdCHHieGAkVcqP

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Thu, 01 Jun 2023 01:09:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: biq+e00r9bTwV3yRpjlFbKn/yRGIWHyvTL12eCxKdCP8zPV8hkVAKxHy7iWpdsg2hHeQiYJdDq6IsCM3UBc/lQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
access-control-allow-methods: OPTIONS
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
vary: Origin
content-type: text/html; charset="utf-8"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 2DC1 124 B
125 B 39ms
38ms XHR
text/xml 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F34230109%2C1012245%2F23066_7716562168&description_url=https%3A%2F%2Fnhradiv3.com%2F&tfcd=0&npa=0&sz=640x480%7C1280x720%7C1920x1080%7C400x300&cust_params=dsmcm%3D1%26dsd%3Dnhradiv3.com&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2079554942861969&gdpr=1&gdpr_consent&us_privacy&vpa=auto&vpmute=1&sdkv=h.3.575.0&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=2915487050&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.575.0&media_url=https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fdistroscale-public%2Fvplayer-parallel%2F20230426_2128%2Fima_html5%2Fminimal.mp4&sid=C9D3F76F-BCA3-4E07-B630-E7C17FD466A3&nel=0&eid=44765701%2C44772139%2C44773378%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fnhradiv3.com%2F&url=https%3A%2F%2Fnhradiv3.com%2F&dt=1685581797071&scor=114539114485715&ged=ve4_td0_tt0_pd0_la0_er0.0.154.300_vi0.0.450.800_vp100_eb24427

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 2DC1 0
45 B 34ms
33ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~licfvqfe&c=8760734845070&slotId=4380367422535&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ima_html5/ Frame EB67 21 KB
7 KB 28ms
28ms Document
text/html 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ima_html5/index.html
Requested by: Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ds_vplayer_detached.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 6395e8bd3c20d6fa5091a8aa3115a117c563df4de3d633ddd3ac29c850ad7a82

Request headers

Referer: https://nhradiv3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=66174
content-encoding: gzip
content-length: 7092
content-type: text/html
date: Thu, 01 Jun 2023 01:09:57 GMT
etag: "1682544585"
last-modified: Wed, 26 Apr 2023 21:29:45 GMT
x-hw: 1685581797.dop225.fr8.t,1685581797.cds274.fr8.hn,1685581797.cds285.fr8.c

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame EB67 361 KB
120 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ima_html5/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5x8i7c7.ssl.hwcdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123025
x-xss-protection: 0
expires: Thu, 01 Jun 2023 01:09:57 GMT

GET
H2 206 minimal.mp4
c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ima_html5/ Frame EB67 843 B
966 B 29ms
29ms Media
video/mp4 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ima_html5/minimal.mp4
Requested by: Host: c5x8i7c7.ssl.hwcdn.net
URL: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ima_html5/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer: https://c5x8i7c7.ssl.hwcdn.net/vplayer-parallel/20230426_2128/ima_html5/index.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 01 Jun 2023 01:09:57 GMT
last-modified: Wed, 26 Apr 2023 21:29:46 GMT
etag: "1682544586"
x-hw: 1685581797.dop225.fr8.t,1685581797.cds274.fr8.hn,1685581797.cds273.fr8.c
content-type: video/mp4
Content-Range: bytes 0-842/843
cache-control: max-age=66173
accept-ranges: bytes
Content-Length: 843

GET
H3 200 bridge3.575.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 7612 707 KB
226 KB 25ms
21ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f19114fc66ef2ca455dc1b7e93be045b3698a3f291312e951b163473fbf6980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c5x8i7c7.ssl.hwcdn.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40168
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231096
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 14:00:29 GMT
expires: Thu, 30 May 2024 14:00:29 GMT
last-modified: Mon, 22 May 2023 19:34:41 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame EB67 44 KB
16 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5x8i7c7.ssl.hwcdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Jun 2023 01:09:57 GMT

GET
H2 200 1.gif
i.jsrdn.com/i/ 42 B
281 B 57ms
57ms Image
image/gif 52.48.129.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jsrdn.com/i/1.gif?r=i5f6&k=ZQl3YQlhCTQ0MjIJZAlldS13ZXN0LTFhCWgJaS0wOTMwNzdkYzkyMTVlZmExZgl1CThiYjM4YWFlLWIyY2ItNDlmZS1iMTk5LWQ1M2NmNTRiNjY2YQl2CTMzODAzMTc2LWI3MWQtNDdkOC04ZmMzLTRmZjY3YTlkNjllYQlzdglqc3Jkbgl2bAkyMDIzMDYwMS4wMTAwCXZ0CTIwMjMwNjAxLjAxMDAJdnMJMjAyMzAyMjEJdmMJMjAyMzA0MjcJc3QJMjAyMzA2MDEuMDEwOTUyCWkJMDUwM2NjNzYtYWZiMi00M2RmLThhMzUtZGExM2JhNThjOWFmCWYJaHR0cHM6Ly9uaHJhZGl2My5jb20vCXEJYjY1NzU5NGEtZWE5Yy00YzExLWI2OGItYjUyZmNjYjcyMDIyCW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk2MDgwCWMJNjEzNglsCTIxMDQ2CXoJMjAwODkJcwk3MDkzCXAJMjMwNjYJdwllbnRlcnRhaW5tZW50CWNzCUlBQjEJY3oJCWdjCURFCWdyCU5XCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAluaHJhZGl2My5jb20Jc2UJMzI0MzkwMzE2NgltYwkxMDEyMjQ1CW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JNDUxNQl2bgkyMjgwODA2CXZwCTEJdmcJcHIJY2kJZDQ2ZjBiMWEtZjFhMi0zNmNlLTgxNWItYWE1OWQyM2ZmMGIzCWNwCXJiCXZ2CTIwMjMwNDI2XzIxMjg6aW1hX2h0bWw1OjMuNTc1LjAJd3QJMTg1CWFkVGFnCS8vdmlkZW8tYWRzLnJ1Ymljb25wcm9qZWN0LmNvbS92aWRlby8xNjU3OC8xMzU5ODgvMjU3MzI2MC8yMDMvdmFzdC54bWw_dGdfYy5sYW5ndWFnZT1lbiZ3aWR0aD04MDAmaGVpZ2h0PTQ1MCZycF9zY2hhaW49MS4wLDEhZGlzdHJvc2NhbGUuY29tLDMyNDM5MDMxNjYsMSwsLCZ0Z19pLmRvbWFpbj1uaHJhZGl2My5jb20mcmY9aHR0cHMlM0ElMkYlMkZuaHJhZGl2My5jb20lMkYmdXNfcHJpdmFjeT0mZ2Rwcj0xJmdkcHJfY29uc2VudD0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.129.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:57 GMT
server: Apache
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK vast.xml Show response
video-ads.rubiconproject.com/video/16578/135988/2573260/203/ Frame 7612 2 KB
2 KB 315ms
40ms XHR
text/xml 104.79.25.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://video-ads.rubiconproject.com/video/16578/135988/2573260/203/vast.xml?tg_c.language=en&width=800&height=450&rp_schain=1.0,1!distroscale.com,3243903166,1,,,&tg_i.domain=nhradiv3.com&rf=https%3A%2F%2Fnhradiv3.com%2F&us_privacy=&gdpr=1&gdpr_consent=
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.25.60 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-25-60.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash: 30d8da27d99d63008f001e58d7bd9d797d0ce81f2e9a73a9bd603f9b0e0511e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 01:09:57 GMT
Content-Encoding: gzip
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: text/xml
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 987
Expires: Thu, 01 Jun 2023 01:09:57 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 7612 0
17 B 31ms
31ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~licfvqp7&c=1836594793516&slotId=918297396758&eee=missing-element&bi=missing-id&vast_v=2.0&vmfc=1&vhc=0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 7612 0
17 B 31ms
31ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~licfvr02&c=1836594793516&slotId=918297396758&fb=ima_html5-lima&sdkv=h.3.575.0&mrd=4&aab=1&itv=1&ghmsh_eids=44752657%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 2B34 53 KB
19 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03448f4ce5638de3995a8e74b44294f26aeb075fcf85b35cc04ed381d2f26158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5x8i7c7.ssl.hwcdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 01:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19405
x-xss-protection: 0
last-modified: Mon, 22 May 2023 19:38:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Thu, 01 Jun 2023 01:21:00 GMT

GET
H2 200 1.gif
i.jsrdn.com/i/ 42 B
281 B 58ms
58ms Image
image/gif 52.48.129.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jsrdn.com/i/1.gif?r=c56a&k=ZQl3aAlhCTQ5NTMJZAlldS13ZXN0LTFhCWgJaS0wOTMwNzdkYzkyMTVlZmExZgl1CThiYjM4YWFlLWIyY2ItNDlmZS1iMTk5LWQ1M2NmNTRiNjY2YQl2CTMzODAzMTc2LWI3MWQtNDdkOC04ZmMzLTRmZjY3YTlkNjllYQlzdglqc3Jkbgl2bAkyMDIzMDYwMS4wMTAwCXZ0CTIwMjMwNjAxLjAxMDAJdnMJMjAyMzAyMjEJdmMJMjAyMzA0MjcJc3QJMjAyMzA2MDEuMDEwOTUyCWkJMDUwM2NjNzYtYWZiMi00M2RmLThhMzUtZGExM2JhNThjOWFmCWYJaHR0cHM6Ly9uaHJhZGl2My5jb20vCXEJYjY1NzU5NGEtZWE5Yy00YzExLWI2OGItYjUyZmNjYjcyMDIyCW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk2MDgwCWMJNjEzNglsCTIxMDQ2CXoJMjAwODkJcwk3MDkzCXAJMjMwNjYJdwllbnRlcnRhaW5tZW50CWNzCUlBQjEJY3oJCWdjCURFCWdyCU5XCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAluaHJhZGl2My5jb20Jc2UJMzI0MzkwMzE2NgltYwkxMDEyMjQ1CW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JNDUxNQl2bgkyMjgwODA2CXZwCTEJdmcJcHIJY2kJZDQ2ZjBiMWEtZjFhMi0zNmNlLTgxNWItYWE1OWQyM2ZmMGIzCWNwCXJiCXZ2CTIwMjMwNDI2XzIxMjg6aW1hX2h0bWw1OjMuNTc1LjAJd3QJMTg1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.129.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:57 GMT
server: Apache
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bridge-31050.js Show response
video-ads.rubiconproject.com/video/ Frame 2B34 65 KB
20 KB 105ms
35ms Script
application/javascript 104.79.25.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://video-ads.rubiconproject.com/video/bridge-31050.js
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.25.60 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-25-60.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: c002b1b4f4aacc0c7e2bf806a9efa9263fb5f34826500f0ffb0417238cc7cceb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5x8i7c7.ssl.hwcdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Thu, 01 Jun 2023 01:09:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 16:05:35 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "10253-5ed1ff17fb1c0-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 20231

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ Frame 2B34 28 B
366 B 163ms
36ms XHR
application/xml 3.120.124.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=0&gdpr_consent=&account_id=16578&site_id=135988&zone_id=2573260&size_id=203&tg_c.language=en&width=645&height=363&rp_schain=1.0,1!distroscale.com,6678323594,1,,,&tg_i.domain=eenadu.net&rf=https://www.eenadu.net/&p_window.depth=1&p_window.url=https%3A%2F%2Fnhradiv3.com%2F&p_window.w=800&p_window.h=450&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=5905870330132248&rp_secure=1
Requested by: Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31050.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.124.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-124-247.eu-central-1.compute.amazonaws.com
Software: nginx/1.21.4 /
Resource Hash: d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5x8i7c7.ssl.hwcdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Wed, 17 Sep 1975 21:32:10 GMT
pragma: no-cache
date: Thu, 01 Jun 2023 01:09:58 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://c5x8i7c7.ssl.hwcdn.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 28
x-http2-stream-id: 27651

POST
H3 204 csi
csi.gstatic.com/ Frame 2DC1 0
17 B 29ms
28ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~licfvqim&c=8760734845070&slotId=4380367422535&ghmsh_eids=44765701%2C44772139%2C44773378%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST csi
csi.gstatic.com/ Frame 7612 0
0

GET
H2 200 1.gif
i.jsrdn.com/i/ 42 B
281 B 55ms
55ms Image
image/gif 52.48.129.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jsrdn.com/i/1.gif?r=hcxa&k=ZQl3ZQlhCTU3MDMJZAlldS13ZXN0LTFhCWgJaS0wOTMwNzdkYzkyMTVlZmExZgl1CThiYjM4YWFlLWIyY2ItNDlmZS1iMTk5LWQ1M2NmNTRiNjY2YQl2CTMzODAzMTc2LWI3MWQtNDdkOC04ZmMzLTRmZjY3YTlkNjllYQlzdglqc3Jkbgl2bAkyMDIzMDYwMS4wMTAwCXZ0CTIwMjMwNjAxLjAxMDAJdnMJMjAyMzAyMjEJdmMJMjAyMzA0MjcJc3QJMjAyMzA2MDEuMDEwOTUyCWkJMDUwM2NjNzYtYWZiMi00M2RmLThhMzUtZGExM2JhNThjOWFmCWYJaHR0cHM6Ly9uaHJhZGl2My5jb20vCXEJYjY1NzU5NGEtZWE5Yy00YzExLWI2OGItYjUyZmNjYjcyMDIyCW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk2MDgwCWMJNjEzNglsCTIxMDQ2CXoJMjAwODkJcwk3MDkzCXAJMjMwNjYJdwllbnRlcnRhaW5tZW50CWNzCUlBQjEJY3oJCWdjCURFCWdyCU5XCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAluaHJhZGl2My5jb20Jc2UJMzI0MzkwMzE2NgltYwkxMDEyMjQ1CW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JNDUxNQl2bgkyMjgwODA2CXZwCTEJdmcJcHIJY2kJZDQ2ZjBiMWEtZjFhMi0zNmNlLTgxNWItYWE1OWQyM2ZmMGIzCWNwCXJiCXZ2CTIwMjMwNDI2XzIxMjg6aW1hX2h0bWw1OjMuNTc1LjAJd3QJMTg1CXdlCVs5MDFdIGFkTWFuYWdlckVycm9yIHN0YWdlOmk6QW4gdW5leHBlY3RlZCBlcnJvciBvY2N1cnJlZCB3aXRoaW4gdGhlIFZQQUlEIGNyZWF0aXZlLiBSZWZlciB0byB0aGUgaW5uZXIgZXJyb3IgZm9yIG1vcmUgaW5mby4JYWQJLHN5czpSdWJpY29uLGFpZDoxLHRpdGxlOlZQQUlEIFdyYXBwZXIsZHVyOjMwLGFwaWZ3OlZQQUlECWFkVGFnCS8vdmlkZW8tYWRzLnJ1Ymljb25wcm9qZWN0LmNvbS92aWRlby8xNjU3OC8xMzU5ODgvMjU3MzI2MC8yMDMvdmFzdC54bWw_dGdfYy5sYW5ndWFnZT1lbiZ3aWR0aD04MDAmaGVpZ2h0PTQ1MCZycF9zY2hhaW49MS4wLDEhZGlzdHJvc2NhbGUuY29tLDMyNDM5MDMxNjYsMSwsLCZ0Z19pLmRvbWFpbj1uaHJhZGl2My5jb20mcmY9aHR0cHMlM0ElMkYlMkZuaHJhZGl2My5jb20lMkYmdXNfcHJpdmFjeT0mZ2Rwcj0xJmdkcHJfY29uc2VudD0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.129.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-129-37.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nhradiv3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 01:09:58 GMT
server: Apache
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
expires: Mon, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 774b6703fb4224b49d3572325510a1a1.safeframe.googlesyndication.com
URL: https://774b6703fb4224b49d3572325510a1a1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Domain: a.jsrdn.com
URL: https://a.jsrdn.com/videos/23066/dgv_nhra/20230531063512_6476e8dde96d3/dgv_nhra_trending_articles_20230531063512_6476e8dde96d3_new.mp4

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~licfvo6v&c=8604497072581&slotId=4302248536290.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~licfvobw&c=8604497072581&slotId=4302248536290.5&uet=2&ghmsh_eids=44740340%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~licfvr0a&c=1836594793516&slotId=918297396758&fb=ima_html5-lima&sdkv=h.3.575.0&mrd=4&aab=1&itv=1&uet=2&met.4=err.licfvrlg&aec=901&rec=loaded-1%7Cshow_ad-1%7CskippableStateChanged-1%7Cerror-1%7CverificationNotExecuted-1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nhradiv3.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDSCQQTABS Value: LBBGNEEDDCEACOBAOAHMFPCC
.nhradiv3.com/	1970-01-20 21:49:01	Name: __utma Value: 195837427.238229904.1685581793.1685581793.1685581793.1
.nhradiv3.com/	1969-12-31 23:59:59	Name: __utmc Value: 195837427
.nhradiv3.com/	1970-01-20 16:35:49	Name: __utmz Value: 195837427.1685581793.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.nhradiv3.com/	1970-01-20 12:13:02	Name: __utmt Value: 1
.nhradiv3.com/	1970-01-20 12:13:03	Name: __utmb Value: 195837427.1.10.1685581793
.jsrdn.com/	1970-01-20 20:58:37	Name: u Value: 8bb38aae-b2cb-49fe-b199-d53cf54b666a
.quantserve.com/	1970-01-20 21:43:16	Name: mc Value: 6477efe1-1d9e7-6a1bb-bc886
.nhradiv3.com/	1970-01-20 21:37:30	Name: __qca Value: P0-1327797255-1685581792935
.nhradiv3.com/	1970-01-20 21:34:37	Name: __gads Value: ID=83563ff34df5f7c0:T=1685581793:RT=1685581793:S=ALNI_MaEHxcbAyd-v-SZmWhbACdZXX3LBw
.nhradiv3.com/	1970-01-20 21:34:37	Name: __gpi Value: UID=00000c2aa6b8bf74:T=1685581793:RT=1685581793:S=ALNI_MbMdaobpH5NIcB7UsF15pjmvWZEdw
nhradiv3.com/	1969-12-31 23:59:59	Name: logglytrackingsession Value: 69960022-f024-4f33-9f6d-9377093a5d4c
.doubleclick.net/	1970-01-20 21:34:37	Name: IDE Value: AHWqTUlRjm31H_NA0GkcO2IWyvvk_GGGERSgh2PzAziwIJTk1RdKZkXiOGMZOcyaGB4
.infolinks.com/	1970-01-20 21:49:01	Name: cuid Value: 8b8b2da4-af8e-4ee0-80d1-48a5746c094d
.nhradiv3.com/	1970-01-20 14:22:37	Name: _gcl_au Value: 1.1.1151444692.1685581793
.simpli.fi/	1970-01-20 21:00:04	Name: suid Value: 4677494E04904BBB806CDD3054DB0DE2
.sxp.smartclip.net/	1970-01-20 12:56:13	Name: uuid Value: a9759734-e2ef-7764-13b1-2907d9a8488c
ads.smartstream.tv/	1970-01-20 20:58:37	Name: DID Value: f118a08da99831fb1610bee727ac0aeb
ads.smartstream.tv/	1970-01-20 20:58:37	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 20:58:37	Name: permanent Value: 1
.sxp.smartclip.net/	1970-01-20 12:56:13	Name: dspuuid Value: 10.CAESEOMO6WIX7i8Bhz44nhmfbcc
.sxp.smartclip.net/	1970-01-20 12:56:13	Name: psyn Value: 19509.10
cm.adsafety.net/	1970-01-20 20:58:37	Name: UID Value: CM120230601014f7d539d4896ef13d96
.adsafety.net/	1970-01-20 20:58:37	Name: cm_uid Value: CM120230601014f7d539d4896ef13d96
cm.adsafety.net/	1970-01-20 20:58:37	Name: cache0 Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvdDBNNjdYK2ZuN3M2cFk2bkhJOWM3RUI1ekdNU2p3c0oyTTZCcjd2bmJUZzR0S1pGa1JJZmZWbFMxbi9kY2xGcVBHdFFpbzVkRjJBM1l1bytNRG9Pd1RNWFp0L2pMeGIyWmpSSlZINU1Rbi9hWTFpTUxMbndjZ2c5a2xmRmJGdzg2VEtHZnp2OG56MGh0ano0dGs1Tnh6UG5FVWo4eFBNVEVtNHQ3eVZyTEFPakllZ0czejNhdmF0UXhpaDM0MXNoRENlOXoyR3lQUGpiS3FQRHhLTjhoUHhjZUU4SjE2VitudXNsVEh4S2ZDdWVIWVVRN0VKY1laVEpUcWFkWGdueHB5OVhEOG9tbEtaS0JlNUpDeWVRZi80d2UybVVvKzlmSmRPY3BCbE4zUnE4cWtCQ2NtSldpUFhMd2JFRmg1TG1BPT0%3D
.simpli.fi/	1970-01-20 12:23:06	Name: uid_syncd_secure Value: true
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8A Value: s8653\|ZHfv5
.adnxs.com/	1970-01-20 14:22:37	Name: uuid2 Value: 5231343556647632125
.tapad.com/	1970-01-20 13:39:25	Name: TapAd_TS Value: 1685581795475
.tapad.com/	1970-01-20 13:39:25	Name: TapAd_DID Value: b5e3ba87-669d-4e5b-94d7-a69bdebcd42d
.adnxs.com/	1970-01-20 14:22:37	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2E>=x<Q'D!]tbPl1N!7On*M$=BWUolybnwe:?_EidRkGfnZI<gm=yWk^L#XeUBu:jSa[lwZQR./X%W#.wL4W1Qw1k(jyw]
.agkn.com/	1970-01-20 20:58:37	Name: ab Value: 0001%3A3q0BetfUGA%2BbG3SqEwbtuyo9ZcpRgJ50
.pro-market.net/	1970-01-20 16:32:13	Name: anProfile Value: "17n05zt22cv6y+1+1f=1+1g=1+1j=41+rs=s+rt=20011B60101000021012A9A125CA0C4B+s2=(rvjv8j)+vm=24-4677494E04904BBB806CDD3054DB0DE2"
.pro-market.net/	1970-01-20 12:56:13	Name: anHistory Value: "17n05zt22cv6y+2+!#7%/#c#?_L"
.tapad.com/	1970-01-20 13:39:25	Name: TapAd_3WAY_SYNCS Value:
.exelator.com/	1970-01-20 15:05:49	Name: EE Value: "bd8be0fe03f591e8ffffa420a09b26be"
.bluekai.com/	1970-01-20 16:36:32	Name: bku Value: blx99mwF5tuq5L1U
.bluekai.com/	1970-01-20 16:36:32	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwExtBpz6mEHa1ex81eHYxA/T1ejeHWxp1eD6HW/yHWD09y9kPyrx
.agkn.com/	1970-01-20 20:58:37	Name: u Value: C\|0AAAAAAAALAqsYwAAAAAA
.spotxchange.com/	1970-01-20 12:53:20	Name: audience Value: 053b361c-0019-11ee-a8ff-1fd522ee0206
.exelator.com/	1970-01-20 15:05:49	Name: ud Value: "eJxrXxzq6XKLQSEpxSIp1SAt1cA4zdTSMNUiDQgSTYwMEg0sk4zMklIXl6UWLVhaWpyaknRoSUVOSU7T6rL4UMd4N0dfT5%252FIZc4ZRfm5qSvAQmGuQYsNDU2W5Bdlpi9ycV1clJLGsKik%252BFTwEStHAPX9KsE%253D"
.bfmio.com/	1970-01-20 20:58:37	Name: __141_cid Value: 4677494E04904BBB806CDD3054DB0DE2
.bfmio.com/	1970-01-20 20:58:37	Name: __io_cid Value: 186eebb99873a19460384a81d214a62285555b2a

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://nhradiv3.com/ Message: Mixed Content: The page at 'https://nhradiv3.com/' was loaded over HTTPS, but requested an insecure element 'http://www.nhra.net/images/LODRS-livetiming.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://nhradiv3.com/(Line 237) Message: Mixed Content: The page at 'https://nhradiv3.com/' was loaded over HTTPS, but requested an insecure element 'http://www.nhra.net/images/LODRS-livetiming.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://resources.infolinks.com/js/1867.003-3.027/in_search.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4677494E04904BBB806CDD3054DB0DE2 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=4677494E04904BBB806CDD3054DB0DE2 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=4677494E04904BBB806CDD3054DB0DE2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/400646.gif?partner_uid=5743841820885795562 Message: Failed to load resource: the server responded with a status of 451 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

774b6703fb4224b49d3572325510a1a1.safeframe.googlesyndication.com
a.jsrdn.com
aa.agkn.com
ad.sxp.smartclip.net
ads.smartstream.tv
adservice.google.com
adservice.google.de
apex.go.sonobi.com
api.rlcdn.com
as-sec.casalemedia.com
bcp.crwdcntrl.net
c.jsrdn.com
c5x8i7c7.ssl.hwcdn.net
cdn.adnxs-simple.com
ce.lijit.com
cm.adsafety.net
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
d.adroll.com
d.agkn.com
distroscale-d.openx.net
distroscale.s3.amazonaws.com
eb2.3lift.com
fei.pro-market.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
htlb.casalemedia.com
i.jsrdn.com
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
imasdk.googleapis.com
img.en25.com
js-sec.indexww.com
lax1-ib.adnxs-simple.com
loadm.exelator.com
match.adsrvr.org
nhradiv3.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
prebid-server.rubiconproject.com
reachms.bfmio.com
resources.infolinks.com
router.infolinks.com
rt3003.infolinks.com
rules.quantcount.com
s.adroll.com
s.jsrdn.com
s0.2mdn.net
s3-us-west-2.amazonaws.com
scontent.xx.fbcdn.net
secure.quantserve.com
securepubads.g.doubleclick.net
simplifi.partners.tremorhub.com
ssl.google-analytics.com
stags.bluekai.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
t.nhra.com
tag.1rx.io
targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
video-ads.rubiconproject.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.nhra.net
774b6703fb4224b49d3572325510a1a1.safeframe.googlesyndication.com
a.jsrdn.com
csi.gstatic.com
104.111.217.14
104.18.10.47
104.18.24.185
104.18.25.185
104.254.151.120
104.79.25.60
13.225.78.109
13.225.78.55
13.248.245.213
142.250.185.98
142.250.186.130
142.250.186.34
147.154.0.190
151.101.129.108
172.66.41.9
172.66.42.247
185.83.142.19
185.94.180.126
193.135.9.124
193.135.9.135
2001:4860:4802:32::3
205.185.216.10
205.185.216.42
213.19.147.43
216.52.2.39
23.36.237.138
2600:1901:0:8eee::
2600:1f18:612b:4232:ab07:9ca5:134e:3ac3
2600:9000:206f:8600:6:9280:1080:93a1
2600:9000:223c:5400:6:44e3:f8c0:93a1
2606:4700:3036::6815:1b50
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:803::2006
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f17b:187:face:b00c:0:25de
2a05:d018:cc3:fe04:3d91:3936:bb0d:1155
3.120.124.247
3.124.42.161
3.126.223.209
3.74.9.235
34.111.113.62
34.120.133.55
34.236.219.103
34.254.143.3
34.90.79.92
35.186.194.101
35.204.158.49
35.244.159.8
35.244.174.68
52.175.198.241
52.218.178.107
52.222.214.59
52.223.40.198
52.29.115.187
52.48.129.37
52.92.241.168
54.226.177.30
54.72.29.236
69.166.1.14
69.173.144.138
00f3c1fd33c433a3282b8070325a29a69431d377374753fc9ad68d18a2825876
00f8fe54fe21ece4173951889d11b493a50d91704dffb96704099b8a51d302c7
03448f4ce5638de3995a8e74b44294f26aeb075fcf85b35cc04ed381d2f26158
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
096ef6644ebed2ac191e5a20c7c5bf31a24d8739912e2142003fdaa469a13aa5
09bfebef3ab9e81e4d60ce233d1c9c5cfd2adb7691c80a683db41cb66ccc03be
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0feffac770a0daff6a903ae7d752927821130786ca7f678a7710540bae603007
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63
1f0f28b031e2d2a909749d820ee00ea5628ddda70373e6624bba1d902e142039
1f42b6c9dab0b73174621c0daba5d82d4f2d841fed05a3784952e660b13fb78b
1f469a37c6878414d1e1cdfd935089d6bcf66419075d26910b88ff5207175e21
210db05380d56669da45c58b53c56dcd88d6cc3e3c3d202ddca32e91892ff862
2201858ed70c2c137b991c9ef55e542211a7321c5ab8b9f5e1ef9459aea16bb3
226c9a2c80c75e3c5d7d197c484adb7d63e6ea36270af348bc223be73e8cd059
253e1b537be3002bedc17fd291a3b3e1bbb1f0f3ca23f2f776fb187cb2d6088e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27d3143e21bac87d9da4a7167c4c10445967df08c4a9462bf92a3030d6618e5b
28a4cd6f6005a5e95d8621052da5aaf6029eaf28ddcb4b8d7ef4c770ab07053d
2bc36dab2fbeedf104920760028e60b45ebb6d517be771cf26426bc582ec1da7
2c5d5f321e2acc7f8885685ddea6762577cda47a13aa0b3ca07d599681fcec51
2e8db71249f82bb7584f1a2b6744275d18a4b5940ec8d48da133c65e81d5a23b
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30d8da27d99d63008f001e58d7bd9d797d0ce81f2e9a73a9bd603f9b0e0511e8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
34879b9e2bf687d73136aa78381006501b3565c161d6d633b8ecd98cd7c598a0
35d728f3d807d14e1dadb0d0b6faccc3e2f99bc8d4a705ea4a7be9f5bc784d10
3755aaf2199e97118e0f6d1e1da5cde26628db0349cb7c6b3f861cdea9c15e8c
3979518840b1deefa53a2f7317b5ca3ccb07dc0a5232da5d7758cf431b1a2a52
3b8ce8843498dd14696bfe7757014510a7c480c3d96992471e8a9caf28d60512
3cb321beb4e1198c536e26a5539880ea0b01bdb15b4e1c3af20f599dbb3ca1bc
3d45defd95f952507e6f98c50bb632ab1b4eb9184c5928ffbc1329f3dafe5d7d
3da7e8d360cc2f855497c2d754d3b3b55fe59f7f146a3c4a51d550aaa9b776ce
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f9f532d9791610dfcc4f0902dcac54e5274eec29a675eae9612ad25c4512fbb
43972efaa83c01bf5f5caa29adfea959017eae07c0cd644a278ad9a3fc85a066
479ddcec56d4346b5b0ca3966649261a722f61d05c5f9de792caed8653f8d6a5
496d3c9d22cecff0a8832d233a64e1db6ee5c0c9abe80f87843f8bbe35766034
49a09c35df64b32b221012f35d3ef02c78243364b5f47d7f22c4ff8a8455e9e4
49a95bb7afece1d9bff94e39031d07822eeaf4b7961e22da71f4ecee44ce498e
4a2deba45ddedf023c085e936d3b039db5e678e2fd9baf6301d8f23466802a2a
4a707beb91cb3a872af275f58682aab473884053e43a31a46f8f47b64308723a
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6
4ce216f6c9e452a698cb3d6db15adec75d2b1909b245ad7a5ea69efb751cfff5
4dad9351597016102210b1d8e7d2187f39c362b4b24c04241c35bd5c9bc55d1c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f6f93edd526b29a826d8b9574ef738479c04fff574ecb9237d4e76f1e045063
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568677ea58d16bdebaa76ea6cb62952dbbf4a424f10c8ed71388da50cd067d5c
5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a
5ddf107c589c8b282902b1fc3fede9df1f5bad0aa0fce25890ae9d789c1b5985
5ea71bd07e560ea69f4bf12e5e48de530ce4a977ee361ed45ddcb581b060fd6c
60693d6a606540052f32df0e43ad850322256cbe52d614032ee6455e0cee1611
613413585069ca335956afe8c5a3055f2e7e2d3c73560cb16388384a179516df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62179217f08f5bf963945c3aba16a3f528afd1bf705e219dbc3d8b63e024f3d7
6395e8bd3c20d6fa5091a8aa3115a117c563df4de3d633ddd3ac29c850ad7a82
6643419773399f35ea4422bfa8f1eaf37bb0d2c1855bbdd5fac482086a1e0b2a
66d966aa6b9290ac940d27ec02e524e2c263436de84f9b676e8ba378dfdcc5d2
69e67848c14f917c67d3f4178bd1beb31c893dca027e58fc46744a807235d5f4
69f6158678ef4633ca6da3612392993b4e9ce0c6d966cfd75d802d1d235e9652
6a7eb1baf25ac09de631b81a21ca1c605a8d5225ce6143cd57027499b4e0d472
6fa8c88f6fb8c595025a5499c5b965b2a3a0df3049103dedd6c4bd88861f4ab6
6ff99874d96af6b0a3f5f871ce2e099eb9e35898aeee4dcf18ae11b99f32c8f3
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
79aeea07740408d727b31b0d1d22138c3b0f6f4891005e2702dfbbe065a48e3f
7f8aa6a792a234ffbda222107b8fab02d2c29a69b321922d709bcf20fa71db8e
805f911869d903d297ec0cb6fb3f02540a883908096434d0c2535f48934ce767
84c0b447cee69b0835b94a1aa4c8fed05a2005721d401bc02aa3d70316f59e58
885da2a870d07585756c1bc62e0b6c9aa45a799cf7e8646c6dd933fd90587b89
8a22d662d16f48b6a8f1cf19f87f9b1aa83cd5a87af78836d11acb21698e660e
8ae9ce416a33c08e0783a802898c49d8a6316985ef7556644b7f5b9f4d4b05fe
8af274c171647062d29744e679763f07957583da4aa6f9690aaee4c0132480ca
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ecd6521c5e5e413b55387d23e819743905d72ffbf5a770805b2373976535947
8eee926e5449d74f66b603828cb148966727652daa41f7cc47a1ed1cdfd7523f
8f5a0b5a6eee5f4882f44fdb19d4b165bfcffd823d549d7726bb619bd4bee359
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
9b73ce322de806369e6127542882897aaf57d5f74ddeace9639752da86343937
9dd2e35c345a092f3e1444855a4906f005229a2bd76f6a1d1d22c6abf9c0e074
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9f19114fc66ef2ca455dc1b7e93be045b3698a3f291312e951b163473fbf6980
9f573cd26ecb8e370a782b167638f5cad48dd1fc7fc1f467e738b63efc704b26
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4749ae1a96e1089483243f90b30373def2c141a2116793557647e1c33c66d6c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
a93fd37e7c849f29b3688c55010aa00e1fbfb230a4d98f23ac534944214db93c
a98060ee35becd1aa95e8cac640d692381bb9a22ff142c8f953a1fe918ba0f19
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
b1df9a3e7dac3c47217551025ea528f143f10ef1e05f43f9e9fb392d9c897d8b
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f
b365ac9bcd5186ef633b2ce67a89bd968f50ffcc4bad77023ece2b590d99359d
b6aef553184ecd56a40aca2fa3ab1f70be1cd916bba5b9c3ebe76a12d590b3d1
b9b6d8d76b1728ca66f12764b0207451172fa9d5dd9969b54c429437ea3dba25
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bde72f76a4afcf1381ae8e7bef6a5a916228798a73944c6b0185a5ff67c9c56a
bf090ca527777b9180254b2378d59ee5b8072248eae8b2e085ec74d7a3b74400
c002b1b4f4aacc0c7e2bf806a9efa9263fb5f34826500f0ffb0417238cc7cceb
c0592d1c43cb957f92dbb1ff08240a1c8faabc1eeb9e7186be2ce918dfd53da6
c079b05f2d85439c3dcd32b4983b8273ed5591525c19d45766e91ad44cf81676
c1f8548f59ad3046366b3c82d923308cf960624c7be4e4b9fc4732314940795c
c2e04b7d8e9504a713345b02df2bfd5cc241b78f53c1f0eb5ef549d83d84cbbf
c370d3d1031ffa74e11fec2c18701213d2b6becea3e2fa47c3d9da52f55bc11c
c7297992a1ed78e9c1a6022bbfe2b20b49f6540df4c483d1c1881836ecab3a9f
c8ad707b5566e617ea5386973198e0f83f91b196d26768b34a0e9f4dffaafb99
c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604
c9ef620d9097ab209f6daad9aa4d36eafca29311260caf4229d327388a69cc1b
ca4232df7f0b2be10757316e83ed33aeeab0e20bc7cab28bd9c22e01008d3625
ca9414e0f73ed8ae6d67b37996f5a87fff00ea1f4cbba22604bee27c04d392fa
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d27fe4404e572a92dd17836d81c652df88c5297b48791782ebaaa05dc0e18fb3
d3c41a9932ae6f2d4162d5cc9626b87df919934217edf7732f1640c17d75599c
d640c052242a5bc13404627dd9d603d7b416a519eff053c2d00613ad85362e0c
d65f0cd1a5b692b0d8c5d1280d1d69c81acef394773ff1c4ed2f34c42361821f
d8c5a199bad5eee1aa84028454cc53d4f5e5d869e7a2b6b0faab991a81745cdb
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da9440d50ee19debf4167685f48ddba1aa468338c8fff20039f7ddc200da3153
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
ded9744148252979663230078114867c29e57473dcdb46fcf9b3e7143353fb51
dfc8245507e784d86d3c97171f5491f7a99ea6e8f4f52938e9e13a4db15115e0
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3eb6b450e09da3c00ba344a44a690b004402dc62ddf0d3cf3bbdec5ab33310e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5be34f84221bc8adcc1429b74b11bb2d2e8034461a6092e0904826ce353f0f6
e730b7b19e0f9a88bc52e42a989d3a9a178391bfc640598342f46adf87e99a27
e98ad77b3a42317d52aa5cb283c9db348c74e8ef89350475d6d614352d5e10f3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f3c9d420219b742bbc205151eb6d7806a8bed330364bbbea46d1a4a37237cabb
f51a75f2ede4c5e0457f05d60bfa39290b59348a71cdae4cc701236e6f552ad9
f652d3c3c92d9c8cf9a9ac6f9afc18a86011bc7c53f77852442fa716d0cf986b
f68cfd5b3ef4c5051bad0c70624b8b86410662cb95ded79bfdb427be7fc86899
f692002a8703d45990bbabf1eb52166726fbfc44e532d3cd197ef93480597cc0
f7cb03e738e1bfa01cc6c19e65407ecbb5ca67203fdba855382920e87ce397b6
f9069e765fbe398f997add12a68cb2a29757379a4419198ef6fc3f627a06011f
facc4a6b4f9d1d4884d0f912968552564e253e9159ce83879a86b23c7a99cccc
fadbf72ee4fe9a7141457b00c85d63d3c21c940d762a28e2d6a859dfbf0102a6
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fc438c0ba6d7c6a58ec29dc21a2f6bb85f50ec4649eefe54a6c6d085c7926e8e
fc91d3398d51237f839282c9442a86327679eb2ae3190e191ea84a5079d6db76
fcdaa4a9116d5ab88233e3349fea2428f2a4c46b3538900117cef9c8c1d31f0c
ff0422891d94af315ddead2900276fc49c69b0830875a8fc5fb9592ffdae63e3

nhradiv3.com Open in urlscan Pro 2606:4700:3036::6815:1b50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

257 Requests

89 %HTTPS

33 %IPv6

52 Domains

80 Subdomains

66 IPs

8 Countries

4403 kBTransfer

15797 kBSize

43 Cookies

0 Outgoing links

Page URL History

Redirected requests

257 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nhradiv3.com Open in urlscan Pro
2606:4700:3036::6815:1b50 Public Scan

Screenshot
Live screenshot

Full Image

257
Requests

89 %
HTTPS

33 %
IPv6

52
Domains

80
Subdomains

66
IPs

8
Countries

4403 kB
Transfer

15797 kB
Size

43
Cookies

257 HTTP transactions
4 data transactions