www.nortonsimon.org Open in urlscan Pro
2606:4700:20::ac43:4680 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nortonsimon.org/
Effective URL:
https://www.nortonsimon.org/
Submission Tags: tranco_l324
Submission: On November 18 via api (November 18th 2021, 4:28:13 am UTC) from DE — Scanned from DE

Summary HTTP 45 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 45 HTTP transactions. The main IP is 2606:4700:20::ac43:4680, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.nortonsimon.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 17th 2021. Valid for: a year.

This is the only time www.nortonsimon.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:520	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2606:4700:20:... 2606:4700:20::ac43:4680	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1 3	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c01::9a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
45	11

1 2606:4700:20::681a:520 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nortonsimon.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700:20::ac43:4680 (United States)

ASN13335 (CLOUDFLARENET, US)

www.nortonsimon.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.74.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

9330945.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	nortonsimon.org 1 redirects nortonsimon.org www.nortonsimon.org	2 MB
4	doubleclick.net 1 redirects 9330945.fls.doubleclick.net stats.g.doubleclick.net	2 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	facebook.com www.facebook.com	442 B
2	facebook.net connect.facebook.net	113 KB
2	googletagmanager.com www.googletagmanager.com	105 KB
1	google.de adservice.google.de	870 B
1	google.com adservice.google.com	857 B
1	adsrvr.org insight.adsrvr.org	261 B
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
45	10

	Domain	Requested by
29	www.nortonsimon.org	www.nortonsimon.org static.cloudflareinsights.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	9330945.fls.doubleclick.net	1 redirects www.googletagmanager.com www.nortonsimon.org
2	www.facebook.com	www.nortonsimon.org
2	connect.facebook.net	www.nortonsimon.org connect.facebook.net
2	www.googletagmanager.com	www.nortonsimon.org www.googletagmanager.com
1	adservice.google.de	adservice.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	9330945.fls.doubleclick.net
1	insight.adsrvr.org	www.nortonsimon.org
1	static.cloudflareinsights.com	www.nortonsimon.org
1	nortonsimon.org	1 redirects
45	12

This site contains links to these domains. Also see Links.

Domain
store.nortonsimon.org
nortonsimon.us7.list-manage.com
www.google.com
www.facebook.com
twitter.com
instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-17` - `2022-06-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-27` - `2021-11-25`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.nortonsimon.org/
Frame ID: 7E1B1E7728162A06C043A1EED54008FB
Requests: 42 HTTP requests in this frame

Frame: https://9330945.fls.doubleclick.net/activityi;dc_pre=CPz5qK-JofQCFafUEQgdjjMCpw;src=9330945;type=retar0;cat=allpa0;ord=447160977896;gtm=2wgba1;auiddc=1529059021.1637209689;ps=1;~oref=https%3A%2F%2Fwww.nortonsimon.org%2F
Frame ID: 4119089ECFB72D67FA7719F5FF295CB3
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPz5qK-JofQCFafUEQgdjjMCpw;src=9330945;type=retar0;cat=allpa0;ord=447160977896;gtm=2wgba1;auiddc=1529059021.1637209689;ps=1;~oref=https%3A%2F%2Fwww.nortonsimon.org%2F
Frame ID: D84DCB7164110F5DCA8C4E9BDDD364BE
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPz5qK-JofQCFafUEQgdjjMCpw;src=9330945;type=retar0;cat=allpa0;ord=447160977896;gtm=2wgba1;auiddc=1529059021.1637209689;ps=1;~oref=https%3A%2F%2Fwww.nortonsimon.org%2F
Frame ID: D20CC2A9725C6EA683870D6C3CE50A53
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home » Norton Simon Museum

Page URL History Show full URLs

http://nortonsimon.org/ HTTP 301
https://www.nortonsimon.org/ Page URL

Page Statistics

45
Requests

100 %
HTTPS

83 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

2481 kB
Transfer

3601 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://store.nortonsimon.org/
Title: SHOP

Search URL Search Domain Scan URL

URL: https://nortonsimon.us7.list-manage.com/subscribe/post?u=e61357ad7dc62e73684591942&id=d4545a92a5
Title: SIGN UP

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/Norton+Simon+Museum/
Title: Map & Directions

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nortonsimonmuseum
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/nortonsimon
Title: Twitter

Search URL Search Domain Scan URL

URL: http://instagram.com/nortonsimon
Title: Instagram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nortonsimon.org/ HTTP 301
https://www.nortonsimon.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://9330945.fls.doubleclick.net/activityi;src=9330945;type=retar0;cat=allpa0;ord=447160977896;gtm=2wgba1;auiddc=1529059021.1637209689;ps=1;~oref=https%3A%2F%2Fwww.nortonsimon.org%2F HTTP 302
https://9330945.fls.doubleclick.net/activityi;dc_pre=CPz5qK-JofQCFafUEQgdjjMCpw;src=9330945;type=retar0;cat=allpa0;ord=447160977896;gtm=2wgba1;auiddc=1529059021.1637209689;ps=1;~oref=https%3A%2F%2Fwww.nortonsimon.org%2F

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.nortonsimon.org/
Redirect Chain

http://nortonsimon.org/
https://www.nortonsimon.org/

41 KB
7 KB

3212ms
3174ms

Document
text/html

2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nortonsimon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.29
Resource Hash: 216ac045b0b10d9689bc43613cc796c43f2a00bd43ef673a485b5bd426fe86a3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/7.3.29
vary: X-Forwarded-Protocol
cache-control: no-cache, must-revalidate
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s28p1goJGdWw%2BosYXaNgDzSSkk7lTxCoWpGzW1Lhgipfxdtu5J9k6UjxQ%2FchmETq2QJ4vYoa6o2DEeXEwV0t9NHwjqcbOvzjGFa62TBhU%2BxLORPxMZh%2BASbiXboBRzNOTCWkxtdY%2B8zGPzjwaDnyCNY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6afe7334be4e430f-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Thu, 18 Nov 2021 04:28:05 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.nortonsimon.org/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t43xJ404gDXC2da97HmN%2Bk0rWFNE8XB2IERqd%2FtcICoO9tdxKUQJ8eFcGfjU%2Fh17ShSud5%2Fyuu0fep2G9XLtG%2FY7jruuh4Enwob80%2FwEy25%2BhLTL6f4i0R4IXJay3CsfDLR%2Fpr8kPiGpzEzULA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6afe73322f92c2f4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 layout.css
www.nortonsimon.org/_resources/themes/nsm/css/ 322 KB
51 KB 28ms
27ms Stylesheet
text/css 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nortonsimon.org/_resources/themes/nsm/css/layout.css
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae46e15072d61a8684b571cc1d6d43d45ad0100b767d63ddfabfbe9c706fe3e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50219
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Sep 2021 23:48:36 GMT
server: cloudflare
etag: W/"50990-5cd02bc4893d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BNJB%2FAoj3hJDPXpaVDDr1FXMcZa4hc1nM%2Fws%2B%2FP65lPZg%2BvWto3GqpzEGQ7QP7GMS3xSFYW4GnkjtZK%2FPFe0mpsG%2FpT6xIpA28NXu2z40SykWSgstxf0FjrdABuV%2F6qjOQEAIj%2B%2Bmi3KQBEaZ61jJc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 6afe7348abe5430f-FRA
expires: Thu, 18 Nov 2021 14:31:09 GMT

GET
H2 200 typography.css
www.nortonsimon.org/_resources/themes/nsm/css/ 2 KB
848 B 31ms
31ms Stylesheet
text/css 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nortonsimon.org/_resources/themes/nsm/css/typography.css
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f2f5e4058a1adf75b3790d8e4e99a599bb5a3ffc739f7c390646ec1efcac319

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55659
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Sep 2021 23:48:34 GMT
server: cloudflare
etag: W/"6c9-5cd02bc364070"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sudOS6UKTyxkezJteSQz2AhL46tUxvYsiH77VIni%2BZ09JMWU9hpD05L6DFY0%2B3OF%2FOo2Jc5SCrpGnOvTvf05eM96NXy9jmOdATwqbMN7BwifnRrnJHmpmPDt0o68K7Ld6hHVXHUuHzyjlz1TAYHiTc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 6afe7348abe7430f-FRA
expires: Thu, 18 Nov 2021 13:00:29 GMT

GET
H2 200 api.js Show response
www.nortonsimon.org/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 9ms
9ms Script
text/javascript 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nortonsimon.org/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxjNjGoeH1gxB9PnZ7wLYXHCsn7SJ95Y9GnT8XuwoZiPr9fD%2FOIxR5FR%2Fd68wod9HX0RusLjsMROCrCJaTQ2U75Rm92RXbNE69qaLWdgH52w1Io%2FhZbNBoeYpBPjIWagaAxT8avmQLj6Wx5Vi08jf88%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6afe7348abf0430f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 logo.svg
www.nortonsimon.org/_resources/themes/nsm/images/ 3 KB
1 KB 742ms
742ms Image
image/svg+xml 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nortonsimon.org/_resources/themes/nsm/images/logo.svg
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb891a8a222be7a3f00849b0b7e9b5868a007e8c3036ec992a3d2567288e2af9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:09 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 27 Sep 2021 23:48:34 GMT
server: cloudflare
etag: W/"b5e-5cd02bc2d7288"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqBtTC78m81p7wDB1MH%2BvyqBrPlHDqeaOqlekMa%2Fq7SnFRq9cEvUSg%2BZJwdQbuPBwjzdBeP7lhFIZ7JNegFDi%2Bvio2eKGh1JTKn8h1OqAMTLOj210f71HjVtYhzvlqrNtMmnQIAF66JUZ8B9l1UvH3c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6afe7348abf1430f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 Expressive-Body-Website_a__ScaleWidthWzE2MDBd.jpg
www.nortonsimon.org/assets/slideshow-images/ 739 KB
740 KB 30ms
30ms Image
image/jpeg 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nortonsimon.org/assets/slideshow-images/Expressive-Body-Website_a__ScaleWidthWzE2MDBd.jpg
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85d3f0184561843009ffb8ef8a5b31a2d24c7a6f9404be7dacd6d34649ea036e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2836802
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 756470
last-modified: Fri, 15 Oct 2021 16:04:38 GMT
server: cloudflare
etag: "b8af6-5ce665a28ddd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHrcE2PwiFT%2BKepydHUy9%2Fi3zNMEJ8DQ8gXtZd73dsjGaekFh2msBtCShAzYyA8s5iBme%2BbP1K%2F1aaGBiPIoCbSL%2BXBGftK3vaf%2BsX4zo6%2FaAyf4ZUX2TCoVQiU22Tyhf%2F96gWqdELyxMJIIPJBpFqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 6afe7348abf3430f-FRA
expires: Sun, 16 Oct 2022 14:16:52 GMT

GET
H2 200 2021-Unseen-Picasso-Website_v2__ScaleWidthWzE2MDBd.jpg
www.nortonsimon.org/assets/slideshow-images/ 112 KB
112 KB 18ms
17ms Image
image/jpeg 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nortonsimon.org/assets/slideshow-images/2021-Unseen-Picasso-Website_v2__ScaleWidthWzE2MDBd.jpg
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3078567e6df4c9a7317d8789c3da5c276b3602b6f548758709ab62b8307e129a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2955321
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 114273
last-modified: Wed, 06 Oct 2021 21:33:14 GMT
server: cloudflare
etag: "1be61-5cdb5e4c7fe80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpHcAC318zNMnkRag4oYi4UmWJAIdWVjkq%2F%2BPozckPWfcG0wN0TVL77WmtTD9adLTR6dE%2BJqFLKejZ0%2FL%2FWnyB4O2Xe2Zx7a%2FcXMyBvfVEKIv81yH6R0FOn8QtyJS9mRRI%2BRvdBPqerdNFqQvytoMB8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 6afe7348abf5430f-FRA
expires: Sat, 15 Oct 2022 05:21:33 GMT

GET
H2 200 2021-Representing-Women_desktop-final__ScaleWidthWzE2MDBd.jpg
www.nortonsimon.org/assets/slideshow-images/ 212 KB
212 KB 1023ms
1023ms Image
image/jpeg 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nortonsimon.org/assets/slideshow-images/2021-Representing-Women_desktop-final__ScaleWidthWzE2MDBd.jpg
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b8ce6e3591d2419b3ab0c445ec0764a146812491d25b8d130aa0716fab0c146

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 216810
last-modified: Fri, 01 Oct 2021 22:09:40 GMT
server: cloudflare
etag: "34eea-5cd51d1de2d08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WgA9XgyS5RVnvR6wr%2BX0qa%2FVOSu8GVuIu69aSLE36vE%2FiNuENJT604XqVBnatFrSdPT04v5N%2BNWv3h0X8WNYrMHBO2UwsftSpuTuDvoNpicBGRRbyBgaqcpV0FiNu2wTtoQd8Rm41Zb4O%2B4k0dQqXu8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 6afe7348abf7430f-FRA
expires: Fri, 18 Nov 2022 10:16:55 GMT

GET
H2 200 2020-MFH-Meditative-Moments__ScaleWidthWzE2MDBd.jpg
www.nortonsimon.org/assets/slideshow-images/3e2fb96685/ 127 KB
127 KB 29ms
29ms Image
image/jpeg 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nortonsimon.org/assets/slideshow-images/3e2fb96685/2020-MFH-Meditative-Moments__ScaleWidthWzE2MDBd.jpg
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ea0619e3ae75e03111ef752e1a8dad817a05ce317c42332f1814e7e4419262c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2955321
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 129818
last-modified: Fri, 03 Sep 2021 16:36:47 GMT
server: cloudflare
etag: "1fb1a-5cb19e7d1f980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4jycqgwqsCb%2B3d4RZQS4ArMd2R7SgRnWIvhcmRXbwbnicFX0hnltdEbE0O6nOUUPCHxHVxQYn6a%2BD0ZUN5KNC91EOlksMLk1nETE7QtexEVU08LaXRafYR%2FVQyKXc1CLcThNT6szPFLPMTr7KLVH2o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 6afe7348abf8430f-FRA
expires: Sat, 15 Oct 2022 05:21:33 GMT

GET
H2 200 Raphael-2020-600x600__ScaleWidthWzMwMF0.jpg
www.nortonsimon.org/assets/Podcast/Images/61e38af39e/ 18 KB
18 KB 23ms
23ms Image
image/jpeg 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nortonsimon.org/assets/Podcast/Images/61e38af39e/Raphael-2020-600x600__ScaleWidthWzMwMF0.jpg
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43734c72bde9df82ebfb76b99b937af9d576e45a839e635c96d25740a0fc8a0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4386944
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18106
last-modified: Tue, 08 Jun 2021 21:10:21 GMT
server: cloudflare
etag: "46ba-5c44795f2e940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1%2FKobeTSVXKeR8W6JNuzfvvb8NTlFrgaGKahzjGhACWRV3S%2FWXfvuWj9Ti3k%2FV6gxPpW043fwFf161FL3SG3LrhJ44Gi1QMHWkmIo6msN1ewgHuQ1VFi%2FgPguCw78Tc%2Bf1cJ8YQKP%2FUvVmH6l5vV3g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 6afe7348bbf9430f-FRA
expires: Wed, 28 Sep 2022 15:41:10 GMT

GET
H2 200 StSebastian-600x600__ScaleWidthWzMwMF0.jpg
www.nortonsimon.org/assets/GenericArticle/Images/476f93a3f2/ 14 KB
15 KB 24ms
24ms Image
image/jpeg 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nortonsimon.org/assets/GenericArticle/Images/476f93a3f2/StSebastian-600x600__ScaleWidthWzMwMF0.jpg
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad9024e1bb6d4ffecbba973a6f146095267b84c51b280f2c9affc2a49f6a38be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1454166
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14824
last-modified: Tue, 08 Jun 2021 21:10:21 GMT
server: cloudflare
etag: "39e8-5c44795f2e940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOpCx4DwS08MeiOawgt6ezCCgqH29F%2FeY4HTvJgcz2S%2Bt4h%2FBNj78kb6NrcJbHc7hvdKRZQlxiDguELtSE7E0N8zoyPXslzJt8cuB0ecNWy3myYI2GbOzDHz98%2BZ88a4kVgqSe1vWJoX79nENQBGFPI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 6afe7348bbfa430f-FRA
expires: Tue, 01 Nov 2022 14:20:48 GMT

GET
H2 200 AMH_suncatcher_600x600_2__ScaleWidthWzMwMF0.jpg
www.nortonsimon.org/assets/Podcast/Images/ 23 KB
23 KB 22ms
21ms Image
image/jpeg 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nortonsimon.org/assets/Podcast/Images/AMH_suncatcher_600x600_2__ScaleWidthWzMwMF0.jpg
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 573a01f447f799f27a5a7966f9d194e8696c515776f35be53f02dfb304274caa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4386944
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23050
last-modified: Tue, 13 Jul 2021 17:28:09 GMT
server: cloudflare
etag: "5a0a-5c7048fc0d040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKedRe3NTtNqKMwBETR6SpH495b%2B1GwGwHUSPNlCKAq1Ka%2BpbxuAqSRoeqH9IyS%2F7xJcYZOWKVpNo1BMq%2F67sO97HaMeS0QSapWnDj7rN28I8SoQnZXmomFWaFAHu1TCt8jD%2FErSMZaOWdqUvd9vmFA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 6afe7348bbfe430f-FRA
expires: Wed, 28 Sep 2022 15:41:10 GMT

GET
H2 200 Learn-600x600__ScaleWidthWzMwMF0.jpg
www.nortonsimon.org/assets/GenericPages/Images/e31312cc76/ 32 KB
33 KB 874ms
873ms Image
image/jpeg 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nortonsimon.org/assets/GenericPages/Images/e31312cc76/Learn-600x600__ScaleWidthWzMwMF0.jpg
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e54f226bfc9a2a1fa45d5b1c14ab7d3dca2e61a02c0b6b02f23d11f5ba46ccab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32850
last-modified: Tue, 08 Jun 2021 21:10:22 GMT
server: cloudflare
etag: "8052-5c44796022b80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z39ghvkxsmVTVvm%2B%2FIgj6NpG%2FUkFaEvpQCPmcfHsHFj3JFu2S8RuwuMMagoKGh9KekGJypatPWerCcrgf0F1i9UArfx5PLp4qUNdUShxHqeE97NDJMliLIqsU51OBLPI3IsKc4Qq2S3iXxOqILV2LnM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 6afe7348bbff430f-FRA
expires: Fri, 18 Nov 2022 10:16:55 GMT

GET
H2 200 Join-600x600__ScaleWidthWzMwMF0.jpg
www.nortonsimon.org/assets/GenericPages/Images/4a615c2f05/ 27 KB
27 KB 22ms
21ms Image
image/jpeg 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nortonsimon.org/assets/GenericPages/Images/4a615c2f05/Join-600x600__ScaleWidthWzMwMF0.jpg
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9400102723d1b23df8de757a09bfa3f9e705566dfa5ca08b8e9376ae7b7709cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1454166
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27435
last-modified: Tue, 08 Jun 2021 21:10:22 GMT
server: cloudflare
etag: "6b2b-5c44796022b80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=le2LVlzr5i%2Ff3XMwSkiY5P8gzUUDdqcx5Oy10JTold7PUBGdB6mUj%2BqYIgXqv7C0a5iVRG3hZfSwRGtweL1Uhm0DmGtm%2FPZ2eBlQUp%2BaHrlW3bQOxxDANBojcVdNypsCdCq7LnwpRDphI2uX7nT60pc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 6afe7348bc01430f-FRA
expires: Tue, 01 Nov 2022 14:20:48 GMT

GET
H2 200 Shop-600x600__ScaleWidthWzMwMF0.jpg
www.nortonsimon.org/assets/GenericPages/Images/edf7cd5bef/ 20 KB
20 KB 24ms
23ms Image
image/jpeg 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nortonsimon.org/assets/GenericPages/Images/edf7cd5bef/Shop-600x600__ScaleWidthWzMwMF0.jpg
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1264893c6f7b197da9f4be9abeeba9f2213abcc86deb0ef11c9716998c64b14d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1803635
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20524
last-modified: Tue, 08 Jun 2021 21:10:22 GMT
server: cloudflare
etag: "502c-5c44796022b80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=No93pxrgov1fLYf6B6UBoVIfGawuhWEGCKNh6GzRhXXR1gOr7fP6aKghdFOvtgSj8AYaXEINa1hh8uouvOAnNqGyAn4DOP7K65Xw3N2aAZJy4Uccwz3p2QqB8yj87NRNuB7GOAIszO5blL0mw41yLs4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 6afe7348bc02430f-FRA
expires: Fri, 28 Oct 2022 13:16:19 GMT

GET
H2 200 MuseumMap-600x600__ScaleWidthWzMwMF0.jpg
www.nortonsimon.org/assets/GenericPages/Images/419b834689/ 21 KB
21 KB 29ms
28ms Image
image/jpeg 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nortonsimon.org/assets/GenericPages/Images/419b834689/MuseumMap-600x600__ScaleWidthWzMwMF0.jpg
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11db826d58beb556c38054c76f76e768e5c59af9c9d6b8fa805b9b0a1e45562

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1454166
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21053
last-modified: Tue, 08 Jun 2021 21:10:22 GMT
server: cloudflare
etag: "523d-5c44796022b80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GteFyBAbBHe6TYsGvlnKqKwgUXYKzWa8HlpI5WsutNRIvpKahbeAwBIv8t7WBpjMiS%2B3Yekkxe1lJmzVVi5yHjX%2FMn%2BBbaGqVb4NkyugQteEUw4RGfLav4085LSxsTZPt%2FtrsU7rUAstygmyz7Dzjp4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 6afe7348bc03430f-FRA
expires: Tue, 01 Nov 2022 14:20:48 GMT

GET
H2 200 NS10__ScaleWidthWzMwMF0.24.16-8.jpg
www.nortonsimon.org/assets/GenericPages/Images/d22172ba14/ 29 KB
29 KB 27ms
27ms Image
image/jpeg 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nortonsimon.org/assets/GenericPages/Images/d22172ba14/NS10__ScaleWidthWzMwMF0.24.16-8.jpg
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 942d66da8e97894634cc530a5e042def1d17722ed25704edbe5f52705a85540e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4386944
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29606
last-modified: Tue, 08 Jun 2021 21:10:22 GMT
server: cloudflare
etag: "73a6-5c44796022b80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJvr1s8U7FQGmmSa7SVCJ8b74%2Fj8mzN9i%2BZ1R6YHLDdtNIjB8YV2g7TtncZaYdvU624fy3XC4Xk7nj%2Bij1H%2FnvvFSY7q6aucMZrfxr7Qc9nILFYb0S7%2F8TjEXenpvXzMNjxYENmx9qJHfaQPui9qIeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 6afe7348bc04430f-FRA
expires: Wed, 28 Sep 2022 15:41:10 GMT

GET
H2 200 jquery.main.js Show response
www.nortonsimon.org/_resources/themes/nsm/javascript/ 407 KB
107 KB 30ms
30ms Script
application/javascript 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nortonsimon.org/_resources/themes/nsm/javascript/jquery.main.js
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7b1ebd5a24964563a535fa8c9d1194fd3f47f47a7a006f7c78e922dd0d6bf18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34621
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Mar 2021 20:39:30 GMT
server: cloudflare
etag: W/"65c34-5be4e4bae6480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEN7gzWbRvlZjZfvy%2FFGeOeE9kX7D7E7ZkLkl%2Fy%2BY09UmREQUkQVH1RmCK3rCdsubfBxzEygpDQSGX6znexA2LoPP3nmU8rt3OwyCDMfiy1sNnYoD%2BLR8MenwMquWB7GvnMrAJ6ywRqVU4xPQcPGLJg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 6afe7348abed430f-FRA
expires: Thu, 18 Nov 2021 18:51:07 GMT

GET
H2 200 v64f9daad31f64f81be21cbef6184a5e31634941392597 Show response
static.cloudflareinsights.com/beacon.min.js/ 13 KB
5 KB 55ms
39ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6

Request headers

Referer: https://www.nortonsimon.org/
Origin: https://www.nortonsimon.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.10.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6afe7348cf6d5ba4-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 114 KB
45 KB 54ms
30ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5WDFJ7M

Requested by

Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56aca3d9d5def9cf2992284a3d49990239645bcf35c0ad9baf7dcf9b67d80187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45536
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Nov 2021 04:28:08 GMT

GET
H2 200 email_20x20.png
www.nortonsimon.org/_resources/themes/nsm/images/ 986 B
1 KB 15ms
15ms Image
image/png 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nortonsimon.org/_resources/themes/nsm/images/email_20x20.png
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/_resources/themes/nsm/css/layout.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c11f60a9cf95aa9dc05cc50b697d32fcd7a0d27399d9edb26cc7f48e4a72cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/_resources/themes/nsm/css/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34621
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 986
last-modified: Wed, 24 Mar 2021 20:39:30 GMT
server: cloudflare
etag: "3da-5be4e4bae6480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lz3eyv0LEaQhqmsa%2BoHnJGjg%2FBPgf7XOJY02rLj57Cb113UuGC5D%2BUJKeY9dZMEQic1U77ALKwZ%2BrrEJkwBcJ48JRfhbmVwXRPqWxepyFs2phrDTRYbC8Majv8YrwbxbK9qE3qp8DIv9EtWqpBNB%2BAk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 6afe7348fc6f430f-FRA
expires: Fri, 18 Nov 2022 00:39:53 GMT

GET
H2 200 BauerGroteskWeb-Medium.woff
www.nortonsimon.org/_resources/themes/nsm/fonts/ 114 KB
115 KB 749ms
748ms Font
application/font-woff 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nortonsimon.org/_resources/themes/nsm/fonts/BauerGroteskWeb-Medium.woff
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/_resources/themes/nsm/css/layout.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3ab6669c86641abcfe8ced6f2ea3421b6b0d82d15d3eb4f0641c98e69e067f2

Request headers

Referer: https://www.nortonsimon.org/_resources/themes/nsm/css/layout.css
Origin: https://www.nortonsimon.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:09 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 24 Mar 2021 20:39:30 GMT
server: cloudflare
etag: W/"1c86c-5be4e4bae6480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KV%2BGThDxYuH5vXFhkCfR6JaoB%2FEALVNpT%2BjmKwT1BJbqs9sRhsC%2FO3NFqXpOJ%2B2vRe5zMSMNyp9Zk4RrXQlZ66IUxMZ3pZ7nLpMp0G4DzGkuvmP60zq8WsZmMM5hWXl1F9rftERGsHy8F0wR8q32lFY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6afe73490c79430f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 icomoon.ttf
www.nortonsimon.org/_resources/themes/nsm/fonts/ 5 KB
3 KB 775ms
774ms Font
application/font-sfnt 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nortonsimon.org/_resources/themes/nsm/fonts/icomoon.ttf?hmodso
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/_resources/themes/nsm/css/layout.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 333c1aaf9c13dd66e487d8c14e218adaf5a2f0b2fcc943b3c0991351b3cdc065

Request headers

Referer: https://www.nortonsimon.org/_resources/themes/nsm/css/layout.css
Origin: https://www.nortonsimon.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:09 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 24 Mar 2021 20:39:30 GMT
server: cloudflare
etag: W/"1210-5be4e4bae6480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsjT6YlHL%2Fu9tEtjLxHpfIrg4hcoU9m0ITWqBZOpak3bvuSgLGJzhex5mve3D5wu9ENdgL2eJbPOU1I0ouUbiVff7SO%2FEZ7rsJYHsQ%2B84LIJWcRK3g1f3ignEn6uZbCj4GlJblOq1U5DKkM8zKS28Jk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-sfnt
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6afe73490c7a430f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 BauerGroteskWeb-Book.woff
www.nortonsimon.org/_resources/themes/nsm/fonts/ 111 KB
112 KB 705ms
705ms Font
application/font-woff 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nortonsimon.org/_resources/themes/nsm/fonts/BauerGroteskWeb-Book.woff
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/_resources/themes/nsm/css/layout.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b47f3730c0779e73f96c43e484f0a2bb12d442fa82d2c4a98cef835339d28263

Request headers

Referer: https://www.nortonsimon.org/_resources/themes/nsm/css/layout.css
Origin: https://www.nortonsimon.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:09 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 24 Mar 2021 20:39:30 GMT
server: cloudflare
etag: W/"1bce4-5be4e4bae6480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Aee%2FDN%2FFo%2BIaBwIKn6OmkGgDlU8mnvqF64w9VJULJul7p19mvjHRydDaZEIeqbCmXag8GaapVsbNI8SklQNwEl1%2B0aSLz3lXXOnoUpn6IIkYHEEfI5RO0kUszDctd89dnp04m%2Fvx39QEvtZbQ0zP1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6afe73490c7c430f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 BauerGroteskWeb-Demibold.woff
www.nortonsimon.org/_resources/themes/nsm/fonts/ 114 KB
114 KB 719ms
719ms Font
application/font-woff 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nortonsimon.org/_resources/themes/nsm/fonts/BauerGroteskWeb-Demibold.woff
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/_resources/themes/nsm/css/layout.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f65e53918883fe01d1b8ee6e0f5403212d1527b9195a69bca3cc0484afc7e55

Request headers

Referer: https://www.nortonsimon.org/_resources/themes/nsm/css/layout.css
Origin: https://www.nortonsimon.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:09 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 24 Mar 2021 20:39:30 GMT
server: cloudflare
etag: W/"1c80c-5be4e4bae6480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMYlVRr5Xoc7RET9KhpDNzPeHR7EurO1Q5e7WPoNoZbsyuJa6QaqHxe799E4Qp4TP5bKreSX%2Bw8IFD%2Fz66LAK9JorvcjBx1rEanNRg9RpiIcLKTPuhchRnnv7arlM%2BxhcMk9rNAvNWkMmY6BrBBhB%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6afe73490c7d430f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 LyonText-Semibold-Web.woff2
www.nortonsimon.org/_resources/themes/nsm/fonts/ 57 KB
57 KB 716ms
716ms Font
application/octet-stream 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nortonsimon.org/_resources/themes/nsm/fonts/LyonText-Semibold-Web.woff2
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/_resources/themes/nsm/css/layout.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c93573ca090fb272b25f7c84ec6e77ce9e56c68fca5e6a614da3b32b97346b8

Request headers

Referer: https://www.nortonsimon.org/_resources/themes/nsm/css/layout.css
Origin: https://www.nortonsimon.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:09 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 24 Mar 2021 20:39:30 GMT
server: cloudflare
etag: "e24d-5be4e4bae6480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgdUZxsQRUp0Sp0aDowzJIbvnzgBTB3nSitkNbpWMKeu5mJMMIaLljtJJOLBPtRlrP54bkKXg5I9OmZT%2FhgDKv6S0XU4nIdDMQ3TA9oalq5HGr0Z0yT3AimUsMv8496XaNNNqK1GOxuX6JdIFlSiyZ4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6afe73490c7e430f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 57933

GET
H2 200 BauerGroteskWeb-Bold.woff
www.nortonsimon.org/_resources/themes/nsm/fonts/ 109 KB
109 KB 751ms
750ms Font
application/font-woff 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nortonsimon.org/_resources/themes/nsm/fonts/BauerGroteskWeb-Bold.woff
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/_resources/themes/nsm/css/layout.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb0ce790e689f5b7fac36d74defef29b7bf3e24eec2f0e76fc3c8dd474a5c5e0

Request headers

Referer: https://www.nortonsimon.org/_resources/themes/nsm/css/layout.css
Origin: https://www.nortonsimon.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:09 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 24 Mar 2021 20:39:30 GMT
server: cloudflare
etag: W/"1b32c-5be4e4bae6480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFM26qjsFr9jKyKUwdkc%2FGRgqA8g2rBjDjoOKB%2B61HcWyC16uhM1fnK3A5qa1Wd9H4xG%2FapLffmYfPLAwfMdIPzK8qoBxly9r8%2FsBCZGR0%2F36JkXgAhKQiOThF2nnyxLNt%2FvdZnD4%2Ba5ZJb1XCLajTE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6afe73490c7f430f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 LyonText-Regular-Web.woff2
www.nortonsimon.org/_resources/themes/nsm/fonts/ 52 KB
53 KB 797ms
797ms Font
application/octet-stream 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nortonsimon.org/_resources/themes/nsm/fonts/LyonText-Regular-Web.woff2
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/_resources/themes/nsm/css/layout.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1250a76c921131ebebc4e924ca91aa67bd96318c8c351dd738d74235be23e44d

Request headers

Referer: https://www.nortonsimon.org/_resources/themes/nsm/css/layout.css
Origin: https://www.nortonsimon.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:09 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 24 Mar 2021 20:39:30 GMT
server: cloudflare
etag: "d1e1-5be4e4bae6480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhKT5%2B%2FCx1X5FcYES8VLQoHhjHcc%2BXi1CEdjl%2F8nMgx9DRBC6hnrNsInwbqdo5I%2FF1rq6GonBQPUarVyL%2ByqlSDpZJHRAXj6GvTSDXshVIP9zGq7hSuHOfZZmrl5jIGLT%2BXSri2P%2FNQkPxCCYaW1Mpo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6afe73490c80430f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 53729

GET
H2 200 BauerGroteskWeb.woff
www.nortonsimon.org/_resources/themes/nsm/fonts/ 113 KB
113 KB 706ms
705ms Font
application/font-woff 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nortonsimon.org/_resources/themes/nsm/fonts/BauerGroteskWeb.woff
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/_resources/themes/nsm/css/layout.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5415321525708cb521d79f111ca0517e4bcb4ee18f9e9698f5ab52a036a56728

Request headers

Referer: https://www.nortonsimon.org/_resources/themes/nsm/css/layout.css
Origin: https://www.nortonsimon.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:09 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 24 Mar 2021 20:39:30 GMT
server: cloudflare
etag: W/"1c3f0-5be4e4bae6480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2h%2BCCCf%2BbwBAQwJGSsOMLtdG78iTgm7k1XtNra5D1QeLSEreqQGX63p6Cw2ekuWf6iuR8FEeCqf1cV4ScpiXSP2sktBQkpyzQ64PhPVT3BnrlfXd%2BVLigmjwuTqSnYqdiwe3pMchRIpW3L63SL4h3E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6afe73490c96430f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MQL31MRQMK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WDFJ7M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0b8dd030e83ca7982c86933d76bade43f6067ae23c0063597bf51c721d86679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61791
x-xss-protection: 0
expires: Thu, 18 Nov 2021 04:28:08 GMT

GET
H2

200

activityi;dc_pre=CPz5qK-JofQCFafUEQgdjjMCpw;src=9330945;type=retar0;cat=allpa0;ord=447160977896;gtm=2wgba1;auiddc=1529059021.1637209689;ps=1;~oref=https%3A%2F%2Fwww.nortonsimon.org%2F Show response
9330945.fls.doubleclick.net/ Frame 4119
Redirect Chain

https://9330945.fls.doubleclick.net/activityi;src=9330945;type=retar0;cat=allpa0;ord=447160977896;gtm=2wgba1;auiddc=1529059021.1637209689;ps=1;~oref=https%3A%2F%2Fwww.nortonsimon.org%2F?
https://9330945.fls.doubleclick.net/activityi;dc_pre=CPz5qK-JofQCFafUEQgdjjMCpw;src=9330945;type=retar0;cat=allpa0;ord=447160977896;gtm=2wgba1;auiddc=1529059021.1637209689;ps=1;~oref=https%3A%2F%2F...

488 B
566 B

19ms
19ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9330945.fls.doubleclick.net/activityi;dc_pre=CPz5qK-JofQCFafUEQgdjjMCpw;src=9330945;type=retar0;cat=allpa0;ord=447160977896;gtm=2wgba1;auiddc=1529059021.1637209689;ps=1;~oref=https%3A%2F%2Fwww.nortonsimon.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WDFJ7M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

62d2c6965b140b969697b4c174a348705cbedb884adde77950432b5e28bf2249

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 18 Nov 2021 04:28:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 389
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 18 Nov 2021 04:28:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9330945.fls.doubleclick.net/activityi;dc_pre=CPz5qK-JofQCFafUEQgdjjMCpw;src=9330945;type=retar0;cat=allpa0;ord=447160977896;gtm=2wgba1;auiddc=1529059021.1637209689;ps=1;~oref=https%3A%2F%2Fwww.nortonsimon.org%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WDFJ7M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5221
date: Thu, 18 Nov 2021 03:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 18 Nov 2021 05:01:07 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 26ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: dciUb9YOJKlcJ8DhKPffF6fzFzxSCPPJBJ56K5vWIzLtyndCkDjGCvhlmtoxjB7uXExj9kuHySpiMuuMh3mQvA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 18 Nov 2021 04:28:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 activityi;register_conversion=1;src=9330945;type=retar0;cat=allpa0;ord=447160977896;gtm=2wgba1;auiddc=1529059021.1637209689;ps=1;~oref=https%3A%2F%2Fwww.nortonsimon.org%2F
9330945.fls.doubleclick.net/ 0
0 66ms
24ms Image
text/html 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9330945.fls.doubleclick.net/activityi;register_conversion=1;src=9330945;type=retar0;cat=allpa0;ord=447160977896;gtm=2wgba1;auiddc=1529059021.1637209689;ps=1;~oref=https%3A%2F%2Fwww.nortonsimon.org%2F?
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
261 B 112ms
35ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=ozgv0vi&ct=0:la8opdc&fmt=3
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Nov 2021 04:28:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 204 result Show response
www.nortonsimon.org/cdn-cgi/bm/cv/ 0
499 B 39ms
9ms XHR
text/plain 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nortonsimon.org/cdn-cgi/bm/cv/result?req_id=6afe7334be4e430f
Requested by: Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nortonsimon.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLACcPX9ljXG8%2Bi2u4cCkfuJ2%2FosWOgpAhEseIi%2F7VD0x2gtw8E8sYh9hykNtv7douMx%2FAW5u0jQjuPbQs1I%2FfwC1zfXinCvKFw2CQTTv92YamzZt8VTm3%2F2ISpeKxVQmevFAE74NSJtPqHxZe5EHTE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6afe734a8ed7430f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 204 collect
www.google-analytics.com/g/ 0
174 B 14ms
13ms Ping
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-MQL31MRQMK&gtm=2oeba1&_p=1333877978&sr=1600x1200&ul=en-us&cid=514413892.1637209689&_s=1&dl=https%3A%2F%2Fwww.nortonsimon.org%2F&dt=Home%20%C2%BB%20Norton%20Simon%20Museum&sid=1637209688&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MQL31MRQMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nortonsimon.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 18 Nov 2021 04:28:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nortonsimon.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 312963669375093 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 71ms
70ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/312963669375093?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

114d23a0250418d371ff7db65216849c168c3b6b4ee073f79e01c86188401c35

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: ANFi6qi7ZUQBeQgdycCyslvfo2ywaVwWW5YhS/hUHuFGn6ebhL3ti0vIZD6VsXlDYimPGphzbIlIJU7wQJ+Dgg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 18 Nov 2021 04:28:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 13ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1333877978&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nortonsimon.org%2F&ul=en-us&de=UTF-8&dt=Home%20%C2%BB%20Norton%20Simon%20Museum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=1723721625&gjid=1673174920&cid=514413892.1637209689&tid=UA-1283769-1&_gid=1272241774.1637209689&_r=1&gtm=2wgba15WDFJ7M&tc=x&z=1312645966

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nortonsimon.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Nov 2021 04:28:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nortonsimon.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPz5qK-JofQCFafUEQgdjjMCpw;src=9330945;type=retar0;cat=allpa0;ord=447160977896;gtm=2wgba1;auiddc=1529059021.1637209689;ps=1;~oref=https%3A%2F%2Fwww.nortonsimon.org%2F Show response
adservice.google.com/ddm/fls/i/ Frame D84D 487 B
857 B 68ms
47ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPz5qK-JofQCFafUEQgdjjMCpw;src=9330945;type=retar0;cat=allpa0;ord=447160977896;gtm=2wgba1;auiddc=1529059021.1637209689;ps=1;~oref=https%3A%2F%2Fwww.nortonsimon.org%2F

Requested by

Host: 9330945.fls.doubleclick.net
URL: https://9330945.fls.doubleclick.net/activityi;dc_pre=CPz5qK-JofQCFafUEQgdjjMCpw;src=9330945;type=retar0;cat=allpa0;ord=447160977896;gtm=2wgba1;auiddc=1529059021.1637209689;ps=1;~oref=https%3A%2F%2Fwww.nortonsimon.org%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d83a456678c0d4864064f01ca2968d595599f35e0d38302e486378d2cc59a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9330945.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 18 Nov 2021 04:28:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 388
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
442 B 46ms
15ms XHR
text/plain 2a00:1450:400c:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1283769-1&cid=514413892.1637209689&jid=1723721625&gjid=1673174920&_gid=1272241774.1637209689&_u=YADAAEAAAAAAAC~&z=766055761

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nortonsimon.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 18 Nov 2021 04:28:08 GMT
content-type: text/plain
access-control-allow-origin: https://www.nortonsimon.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 22ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=312963669375093&ev=PageView&dl=https%3A%2F%2Fwww.nortonsimon.org%2F&rl=&if=false&ts=1637209688853&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637209688851.458651158&it=1637209688737&coo=false&exp=p0&rqm=GET

Requested by

Host: www.nortonsimon.org
URL: https://www.nortonsimon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 18 Nov 2021 04:28:08 GMT

GET
H2 200 dc_pre=CPz5qK-JofQCFafUEQgdjjMCpw;src=9330945;type=retar0;cat=allpa0;ord=447160977896;gtm=2wgba1;auiddc=1529059021.1637209689;ps=1;~oref=https%3A%2F%2Fwww.nortonsimon.org%2F Show response
adservice.google.de/ddm/fls/i/ Frame D20C 194 B
870 B 96ms
75ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CPz5qK-JofQCFafUEQgdjjMCpw;src=9330945;type=retar0;cat=allpa0;ord=447160977896;gtm=2wgba1;auiddc=1529059021.1637209689;ps=1;~oref=https%3A%2F%2Fwww.nortonsimon.org%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPz5qK-JofQCFafUEQgdjjMCpw;src=9330945;type=retar0;cat=allpa0;ord=447160977896;gtm=2wgba1;auiddc=1529059021.1637209689;ps=1;~oref=https%3A%2F%2Fwww.nortonsimon.org%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 18 Nov 2021 04:28:08 GMT
expires: Thu, 18 Nov 2021 04:28:08 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H2 200 rum Show response
www.nortonsimon.org/cdn-cgi/ 0
237 B 10ms
10ms XHR
text/plain 2606:4700:20::ac43:4680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nortonsimon.org/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4680 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.nortonsimon.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: application/json

Response headers

date: Thu, 18 Nov 2021 04:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.nortonsimon.org
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6afe73503887430f-FRA
vary: Origin

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=312963669375093&ev=Microdata&dl=https%3A%2F%2Fwww.nortonsimon.org%2F&rl=&if=false&ts=1637209690357&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20%C2%BB%20Norton%20Simon%20Museum%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1637209688851.458651158&it=1637209688737&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nortonsimon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:28:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 18 Nov 2021 04:28:10 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nortonsimon.org/	1970-01-20 00:56:25	Name: _gcl_au Value: 1.1.1529059021.1637209689
.doubleclick.net/	1970-01-19 22:46:50	Name: test_cookie Value: CheckForPermission
.nortonsimon.org/	1970-01-20 16:18:01	Name: _ga_MQL31MRQMK Value: GS1.1.1637209688.1.0.1637209688.0
.nortonsimon.org/	1970-01-19 22:46:51	Name: __cf_bm Value: fvtNgIbFnZkIdH7.uMgPUSr5GRZ4yIfsYq8oNpuxmo4-1637209688-0-ATiAZw0ydsNk/3He8scpxjA9kJsNNQlPRB5U7xmM68ravoyRw4RM1wx9nJLjtlYdlnim/sd+wTDrk69gja9GKKlb41yan93PVIQhpimGmtsWmeyclwpc5C+C10bmldwbMQ==
.nortonsimon.org/	1970-01-20 16:18:01	Name: _ga Value: GA1.2.514413892.1637209689
.nortonsimon.org/	1970-01-19 22:48:16	Name: _gid Value: GA1.2.1272241774.1637209689
.nortonsimon.org/	1970-01-19 22:46:49	Name: _gat_UA-1283769-1 Value: 1
.nortonsimon.org/	1970-01-20 00:56:25	Name: _fbp Value: fb.1.1637209688851.458651158

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9330945.fls.doubleclick.net
adservice.google.com
adservice.google.de
connect.facebook.net
insight.adsrvr.org
nortonsimon.org
static.cloudflareinsights.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.nortonsimon.org
142.250.74.198
2606:4700:20::681a:520
2606:4700:20::ac43:4680
2606:4700::6810:5e41
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c01::9a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.33.220.150
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114d23a0250418d371ff7db65216849c168c3b6b4ee073f79e01c86188401c35
1250a76c921131ebebc4e924ca91aa67bd96318c8c351dd738d74235be23e44d
1264893c6f7b197da9f4be9abeeba9f2213abcc86deb0ef11c9716998c64b14d
1b8ce6e3591d2419b3ab0c445ec0764a146812491d25b8d130aa0716fab0c146
216ac045b0b10d9689bc43613cc796c43f2a00bd43ef673a485b5bd426fe86a3
2c93573ca090fb272b25f7c84ec6e77ce9e56c68fca5e6a614da3b32b97346b8
3078567e6df4c9a7317d8789c3da5c276b3602b6f548758709ab62b8307e129a
333c1aaf9c13dd66e487d8c14e218adaf5a2f0b2fcc943b3c0991351b3cdc065
3f2f5e4058a1adf75b3790d8e4e99a599bb5a3ffc739f7c390646ec1efcac319
43734c72bde9df82ebfb76b99b937af9d576e45a839e635c96d25740a0fc8a0d
5415321525708cb521d79f111ca0517e4bcb4ee18f9e9698f5ab52a036a56728
55c11f60a9cf95aa9dc05cc50b697d32fcd7a0d27399d9edb26cc7f48e4a72cd
56aca3d9d5def9cf2992284a3d49990239645bcf35c0ad9baf7dcf9b67d80187
573a01f447f799f27a5a7966f9d194e8696c515776f35be53f02dfb304274caa
5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6
5ea0619e3ae75e03111ef752e1a8dad817a05ce317c42332f1814e7e4419262c
62d2c6965b140b969697b4c174a348705cbedb884adde77950432b5e28bf2249
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
85d3f0184561843009ffb8ef8a5b31a2d24c7a6f9404be7dacd6d34649ea036e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d83a456678c0d4864064f01ca2968d595599f35e0d38302e486378d2cc59a67
9400102723d1b23df8de757a09bfa3f9e705566dfa5ca08b8e9376ae7b7709cd
942d66da8e97894634cc530a5e042def1d17722ed25704edbe5f52705a85540e
9f65e53918883fe01d1b8ee6e0f5403212d1527b9195a69bca3cc0484afc7e55
a0b8dd030e83ca7982c86933d76bade43f6067ae23c0063597bf51c721d86679
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ad9024e1bb6d4ffecbba973a6f146095267b84c51b280f2c9affc2a49f6a38be
ae46e15072d61a8684b571cc1d6d43d45ad0100b767d63ddfabfbe9c706fe3e8
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b3ab6669c86641abcfe8ced6f2ea3421b6b0d82d15d3eb4f0641c98e69e067f2
b47f3730c0779e73f96c43e484f0a2bb12d442fa82d2c4a98cef835339d28263
c11db826d58beb556c38054c76f76e768e5c59af9c9d6b8fa805b9b0a1e45562
c7b1ebd5a24964563a535fa8c9d1194fd3f47f47a7a006f7c78e922dd0d6bf18
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54f226bfc9a2a1fa45d5b1c14ab7d3dca2e61a02c0b6b02f23d11f5ba46ccab
eb0ce790e689f5b7fac36d74defef29b7bf3e24eec2f0e76fc3c8dd474a5c5e0
fb891a8a222be7a3f00849b0b7e9b5868a007e8c3036ec992a3d2567288e2af9

www.nortonsimon.org Open in urlscan Pro 2606:4700:20::ac43:4680 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

45 Requests

100 %HTTPS

83 %IPv6

10 Domains

12 Subdomains

11 IPs

3 Countries

2481 kBTransfer

3601 kBSize

8 Cookies

6 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nortonsimon.org Open in urlscan Pro
2606:4700:20::ac43:4680 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

83 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

2481 kB
Transfer

3601 kB
Size

8
Cookies

45 HTTP transactions
0 data transactions