developers.nationwidevisas.com Open in urlscan Pro
13.126.160.219  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response developers.nationwidevisas.com/	15 KB 4 KB	867ms 479ms	Document text/html	13.126.160.219 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://developers.nationwidevisas.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 13.126.160.219 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-126-160-219.ap-south-1.compute.amazonaws.com Software nginx / Resource Hash a26fff1a903ef896859f0a5deb77608c6cbc9bb978642dada79874222d820e82 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sun, 05 Mar 2023 04:40:51 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Accept-Encoding,User-Agent
GET H2	200	css fonts.googleapis.com/	5 KB 987 B	46ms 18ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:400,700,200 Requested by Host: developers.nationwidevisas.com URL: https://developers.nationwidevisas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 33515c6a54a8690c26353215ee0e4958c58522abd7715e2734718a1393b63c84 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 05 Mar 2023 04:40:52 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 05 Mar 2023 04:40:52 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 05 Mar 2023 04:40:52 GMT
GET H2	200	all.css use.fontawesome.com/releases/v5.0.6/css/	34 KB 8 KB	33ms 14ms	Stylesheet text/css	2606:4700:e2::ac40:850f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.0.6/css/all.css Requested by Host: developers.nationwidevisas.com URL: https://developers.nationwidevisas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed0f122470c4d13d86bbabdc38046d743d0228204a56d786d2e17bd83fd358ce Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 05 Mar 2023 04:40:52 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 6GF6GFAX51KSW5H3 age 661647 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 +yV8O6VJI3aQ821+PjTZTnAmUb6TtSs678v23fmvVtm0VpfFetG/PkRgIksoSmNGXDfHHsItUnY= last-modified Wed, 30 Jun 2021 15:27:49 GMT server cloudflare etag W/"42eaa52604673b64d6b356c2fd7f87e3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Op93JB6cWr6zImBJ401NLBiatNQXGRBHNr95nGbL080LGC1u7YdCxoKbx99%2BMWbB2s5AcdClmV0axUuWGPwtjf9smQOai9m0Gx0G1cMqu47tTegybhOanAkKw8LcJEMb70iKU2Hl9zkxe1%2Br0SrHGR4t"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31556926 cf-ray 7a2faeedba7c5b8c-FRA
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/	158 KB 24 KB	38ms 7ms	Stylesheet text/css	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css Requested by Host: developers.nationwidevisas.com URL: https://developers.nationwidevisas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 05 Mar 2023 04:40:52 GMT x-content-type-options nosniff content-encoding gzip age 937212 x-jsd-version 4.6.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 24176 x-served-by cache-fra-eddf8230063-FRA, cache-hhn-etou8220065-HHN x-jsd-version-type version etag W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	jquery.slim.min.js Show response cdn.jsdelivr.net/npm/jquery@3.6.1/dist/	71 KB 24 KB	47ms 16ms	Script application/javascript	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/jquery@3.6.1/dist/jquery.slim.min.js Requested by Host: developers.nationwidevisas.com URL: https://developers.nationwidevisas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c3c0af845b3b88735552d9d23f460a120d34a7d221d77ae52fdcc6aaf2dd78f0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 05 Mar 2023 04:40:52 GMT x-content-type-options nosniff content-encoding gzip age 937209 x-jsd-version 3.6.1 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 24725 x-served-by cache-fra-eddf8230087-FRA, cache-hhn-etou8220065-HHN x-jsd-version-type version etag W/"11b57-UFBN2V43SI65hxvuZhxYj4TgTJw" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	popper.min.js Show response cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/	21 KB 7 KB	40ms 9ms	Script application/javascript	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js Requested by Host: developers.nationwidevisas.com URL: https://developers.nationwidevisas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 05 Mar 2023 04:40:52 GMT x-content-type-options nosniff content-encoding gzip age 3417529 x-jsd-version 1.16.1 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 7503 x-served-by cache-fra-eddf8230124-FRA, cache-hhn-etou8220065-HHN x-jsd-version-type version etag W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	bootstrap.bundle.min.js Show response cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/	81 KB 22 KB	40ms 9ms	Script application/javascript	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js Requested by Host: developers.nationwidevisas.com URL: https://developers.nationwidevisas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 05 Mar 2023 04:40:52 GMT x-content-type-options nosniff content-encoding gzip age 937214 x-jsd-version 4.6.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 22129 x-served-by cache-fra-eddf8230069-FRA, cache-hhn-etou8220065-HHN x-jsd-version-type version etag W/"145b0-MjP9Adh/ukV+qtjcvCifdbFw+BQ" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	style.custom.css developers.nationwidevisas.com/css/	19 KB 4 KB	194ms 194ms	Stylesheet text/css	13.126.160.219 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://developers.nationwidevisas.com/css/style.custom.css Requested by Host: developers.nationwidevisas.com URL: https://developers.nationwidevisas.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 13.126.160.219 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-126-160-219.ap-south-1.compute.amazonaws.com Software nginx / Resource Hash d2f3b1f0a019c4198896447a6cddd0c1982247d5c24ff232f6a3ae8c53d1e47d Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Sun, 05 Mar 2023 04:40:52 GMT Content-Encoding gzip Last-Modified Thu, 05 Jan 2023 17:03:12 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding,User-Agent Content-Type text/css Connection keep-alive
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	76 KB 27 KB	56ms 33ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: developers.nationwidevisas.com URL: https://developers.nationwidevisas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d36c602b014703bd043f8b502094e23cb1e64cb453973f1e09ad7cb7d847d3e7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 05 Mar 2023 04:40:52 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26763 x-xss-protection 0 server sffe etag "1501 / 605 of 1000 / last-modified: 1677884962" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sun, 05 Mar 2023 04:40:52 GMT
GET H/1.1	200 OK	developers-logo.png developers.nationwidevisas.com/images/	44 KB 45 KB	464ms 385ms	Image image/png	13.126.160.219 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://developers.nationwidevisas.com/images/developers-logo.png Requested by Host: developers.nationwidevisas.com URL: https://developers.nationwidevisas.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 13.126.160.219 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-126-160-219.ap-south-1.compute.amazonaws.com Software nginx / Resource Hash 9f4db97a789c9ab8bc57cd44772d1a4ad733c6d22037bbd0ed749bc12ec43dd8 Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Sun, 05 Mar 2023 04:40:52 GMT Last-Modified Thu, 29 Dec 2022 14:49:12 GMT Server nginx Connection keep-alive Accept-Ranges bytes Content-Length 45563 Content-Type image/png
GET H2	200	pubads_impl_2023030101.js Show response securepubads.g.doubleclick.net/gpt/	384 KB 130 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash de869187a4d605b599f75528a5d05a278c5e86faf8ba4c2ec7b20d1424716f4d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sat, 04 Mar 2023 12:21:32 GMT content-encoding gzip x-content-type-options nosniff age 58760 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 132573 x-xss-protection 0 last-modified Wed, 01 Mar 2023 09:35:23 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sun, 03 Mar 2024 12:21:32 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	63 B 75 B	34ms 18ms	XHR application/json	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=developers.nationwidevisas.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6a3c817dfdfe131fdf81340ff847e1e4705a4cb29b4c95deb82b4e8e1f2115ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 05 Mar 2023 04:40:52 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51 x-xss-protection 0 expires Sun, 05 Mar 2023 04:40:52 GMT
GET H2	200	nucleo-outline.woff2 raw.githack.com/creativetimofficial/now-ui-kit/master/assets/fonts/	15 KB 16 KB	153ms 91ms	Font application/font-woff2	2606:4700:3038::6815:eae7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://raw.githack.com/creativetimofficial/now-ui-kit/master/assets/fonts/nucleo-outline.woff2 Requested by Host: developers.nationwidevisas.com URL: https://developers.nationwidevisas.com/css/style.custom.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eae7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0736a7e34bc735fe9efa58311118fe0e4c15ed00dec0d1b81813bb8b52286cb8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://developers.nationwidevisas.com/ Origin https://developers.nationwidevisas.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-fastly-request-id f01d48a60043bd2785b4f0ae12f20e38ecf4e6ac date Sun, 05 Mar 2023 04:40:52 GMT via 1.1 varnish x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache-hits 0 x-cache MISS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15364 x-served-by cache-hel1410027-HEL server cloudflare x-github-request-id D7DF:5C6D:BFC2D0:D2EE26:63EA0094 x-timer S1676279956.179948,VS0,VE179 etag W/"f56732b1ebb75da3abe400d7e631a8954422d487e9eadb88fe22ef364ef6ca55" source-age 0 vary Authorization,Accept-Encoding,Origin x-githack-cache-status HIT content-type application/font-woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kznD8k7tWyEAK5o78rY74t2xVTKLPrzE0LIWwrHasnygR9yFaD7d30LNpvrQRu9i76hWb8jNGBJiSF1qiLZFmCoGJgIlXs%2FjvZoitrPwKtjtZaDwdmD3ehL2zuwsIb%2Ft4uAJLW5ZQF%2F5OmO%2BmM%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=300, max-age=300, public accept-ranges bytes x-robots-tag none cf-ray 7a2faeef48a5776e-LHR expires Sun, 05 Mar 2023 04:45:52 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 531 B	150ms 43ms	Script application/javascript	2a00:1450:400d:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=developers.nationwidevisas.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 05 Mar 2023 04:40:52 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	61ms 18ms	Script application/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=developers.nationwidevisas.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 05 Mar 2023 04:40:52 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	47 KB 17 KB	66ms 65ms	XHR text/plain	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1359876988568782&correlator=542938594112504&eid=31072700%2C31072702%2C31072790%2C44785064%2C44752585&output=ldjh&gdfp_req=1&vrg=2023030101&ptt=17&impl=fif&iu_parts=6355419%2CTravel%2CEurope%2CFrance%2CParis&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%7C300x600&ifi=1&adks=3785236001&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1677991252373&lmt=1677991252&dlt=1677991252087&idt=253&adxs=245&adys=1246&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdevelopers.nationwidevisas.com%2F&frm=20&vis=1&psz=1110x0&msz=1110x0&fws=4&ohw=1600&ga_vid=156641212.1677991252&ga_sid=1677991252&ga_hid=1581755990&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash eaab193a5574cbdc3f4f1cafa10cbfa46daa2a317dd07e95df6313e0160f5f27 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 05 Mar 2023 04:40:52 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17727 x-xss-protection 0 google-lineitem-id 14716739 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 21835919699 content-type text/plain; charset=UTF-8 access-control-allow-origin https://developers.nationwidevisas.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response c55a6265f038aa9c76f269c3976c6c62.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 104E	6 KB 3 KB	89ms 15ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c55a6265f038aa9c76f269c3976c6c62.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://developers.nationwidevisas.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 05 Mar 2023 04:40:52 GMT expires Mon, 04 Mar 2024 04:40:52 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame E9A1	0 0	46ms 45ms	Fetch image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQA7O3im0H37evWzgpopMxKfdHMnnRVEvlXCJ88VbRKCuEQjrqjS4Qv1Jl_iS1yWLHAbhEMCsiWMp59QmwyygDjYPSx7rH8q8qcXrA6k3kVE81vWzl1Mj1KYSZLj1yz56C-9s0WevhJnK3kRTqikuC4mzIGGUa1A-fYLsJ1lp-O02UtqKq1hWoQDqijqpxSuKiQixbWj2upr8wJUBjKOdL4qMuHpkGSRb7ZYN06XP4N2RI1nq3yXcuZEMr9FqKq9PRSKRBiTGVbxUqHoOnhB_ZDpVA9e_VfvlOh9_XRfB0BTttiyFVVYe6fofeuQsnBEZndjRX3t6VR3tkXnjvmqqgWSsefQih_9IJCA&sai=AMfl-YRxbpbgllN1QkfoFSx_hvpbT42oxehUBipj8I5SS3bwJMjvowxgL2Bbjkui0HuTjsKZV3gnlkiT8ATxSRQa_7K16621QhZYkWkHdTDEU3-h8BhSzYCqMAXnvPWP32aWwE3O2zwwBg_SLXKHKPU&sig=Cg0ArKJSzOKzASmTyLzqEAE&uach_m=[UACH]&adurl= Requested by Host: developers.nationwidevisas.com URL: https://developers.nationwidevisas.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 05 Mar 2023 04:40:52 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sun, 05 Mar 2023 04:40:52 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame E9A1	22 KB 9 KB	61ms 8ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sat, 04 Mar 2023 08:38:33 GMT content-encoding br x-content-type-options nosniff age 72139 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9103 x-xss-protection 0 server cafe etag 315661852888499207 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 18 Mar 2023 08:38:33 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame E9A1	3 KB 1 KB	62ms 9ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sat, 04 Mar 2023 11:44:55 GMT content-encoding br x-content-type-options nosniff age 60957 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 18 Mar 2023 11:44:55 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame E9A1	158 KB 49 KB	45ms 22ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 05 Mar 2023 04:40:52 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49545 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1677673803517815" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 05 Mar 2023 04:40:52 GMT
GET H2	200	15085728490906883539 tpc.googlesyndication.com/simgad/ Frame E9A1	25 KB 25 KB	62ms 9ms	Image image/jpeg	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/15085728490906883539 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7fc752aa99658032743d50fbb7827abf58e6f3bbd60dc0e44adbc045dd8bf4d0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 07:47:46 GMT x-content-type-options nosniff age 161586 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25727 x-xss-protection 0 last-modified Thu, 07 Mar 2013 16:06:03 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 02 Mar 2024 07:47:46 GMT
GET DATA	200 OK	truncated / Frame E9A1	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fec21e438944ba2b994fb586932354c40f9770a7c2f75bbeefc518f67df841e5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame E9A1	0 0	46ms 46ms	Fetch image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3TRqkgRoRxko7m7TPKSyHViaNYSBHJh5xq9K5qQEx5lhczmJGB0Ba-Fq-sq6rdXX2K4_JRNgJ5lU126jFC9F9HQ3N3YP-P74o5IBUFEyUdpR4cuQUVGwhU4OE4G5EmCcUwo2LLV209vmVYjGzqHnIzNTSmuVWrU45lM44Amk6Ya_lQFDWyDRQb5MJxkxhiDraVxXsZ2XKVgvUTLuoRQkFSUUYvbQUKwgv4BOfUdGEA1EEkINcV9zI-3zACO8h2_cw6iiX3UsNTJp5FyCRSowzqMebpwbMOl4LbM-xF3TQ7bdXscbLFbyHjpAp_j2phGUjS01ZzkjEC-r5vbNC0zG7KMdAN_aBLnuR4ePn&sai=AMfl-YTMliAiTaRRTTVcENry9Ud8A-SMD4avNOJ8EEzN_CNKmJ4BGTWkxQlelyOr4IoDwq9Iq_Op42XOueaqvTTfp_Zg0p7dDw6xKetxv3m3jdBM2dDSvtvaBl_WHf_OCxXoOZ82YRz_1BaT5FRu724&sig=Cg0ArKJSzOzphhz6EtRQEAE&uach_m=[UACH]&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 05 Mar 2023 04:40:52 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sun, 05 Mar 2023 04:40:52 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 11 KB	74ms 22ms	XHR application/json	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023030101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ad2397a7abaaedd27250b6c71ef0f7dd7c8f06ea4037ac82ccaf971cc1bb7072 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 05 Mar 2023 04:40:52 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11179 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	26ms 25ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 05 Mar 2023 04:40:52 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 05 Mar 2023 04:40:52 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame C186	13 KB 5 KB	8ms 8ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://developers.nationwidevisas.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 40982 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 04 Mar 2023 17:17:50 GMT expires Sun, 03 Mar 2024 17:17:50 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 87C9	783 B 1 KB	48ms 18ms	Document text/html	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 2d89e82526360e21d6e54de71ea974f1b2de813e629fdd2d2339de5489c0822b Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-oCCQnAci2UqJ2I_6SJPHCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://developers.nationwidevisas.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 512 content-security-policy script-src 'report-sample' 'nonce-oCCQnAci2UqJ2I_6SJPHCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 05 Mar 2023 04:40:53 GMT expires Sun, 05 Mar 2023 04:40:53 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js Show response pagead2.googlesyndication.com/bg/ Frame C186	36 KB 14 KB	27ms 8ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 11:14:42 GMT content-encoding br x-content-type-options nosniff age 149171 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14266 x-xss-protection 0 last-modified Tue, 28 Feb 2023 11:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 02 Mar 2024 11:14:42 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 87C9	0 0	42ms 42ms	Image text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023030101&jk=1359876988568782&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame C186	0 10 B	8ms 7ms	Image text/plain	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?irpEqg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 05 Mar 2023 04:40:53 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	46ms 45ms	Image text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023030101&jk=1359876988568782&bg=!fX6lfirNAAbv3-2Ez987ADkAdvg8WgmSKaSJKqskpo19qJn-W40ozYA91UcpDn_H1f9kRrGjBLlq40WqrpwS2X_KvPi86eRzVy8CAAAATFIAAAADaAEHmQK2ReLjCmqyQxZaiWTnha_BSjsTYsevTvcYR1pfhBc2RB-pJjjhnxSzhtxcL9VZD38doTftJpfsLMvoD7LYlHZzTrv3NyhgXreJHzAirluPY9MUkTGvziWCEMCkSgt8w5RtqLMaJjIjT0mKNKNg8don0PJaM28xbgyUrHwHGkyWJoI4LX7bTVKhrGvI-FozThVmtNfe-esJfxNEM3jJJXdKOQEEmAhkusDrExKXf9s4XRUEt4bePZ1uEdDy0yapLBLpsPMmWB0Ck7HARzhNuAzmg82WbTE4p3U59MVHbpyWT-aFe8NHbZboY0ODdYF2t3ZiHqKMBxT5RvZQlVnNxTLiTRn0Xdoj9PrXCkpIgRpAYOW1fpE3hEOtq8fSutVeLixYH5kWY2Sf8bwtFLPXN3l21NeuvjinZgs_IPolel063hZDsNn56x-6mMdjNqCCWmui4oEarjIGZB2y94ogeKaOrV1-2YLdMCxASw8RejC4Bh1f9lbm_9T_RDXO61rpj8TO_xcNn1Llw1217O5LbqaiXTd63bvNyMT7h9Gx4rVnUd09g0ZVoaRqmOSKSHSLTBqqSxncx5DfiwVwao1F44u9ZVYhSEKn9tMW5H9ziRAyiu-hj9iQ0Cvzp-FbnB9KVGdRkCBAGMDW3prWLpwhdrVQZy9ZwdSzpa3AKUinxVc2rXFi7FeJTaifGllhIDseSq3xyreyHrL2tYEazlawHuE57wB_TdxnePK-YxIG6hVKy-eQyEmSHWhBseofJJ7rTiDqaGMzrV9KDRHXgmx68pFb_ZhXFz5HoROtGdORet1f6YtCZWKvVuy19659YOAhnfSySkZIbZZOkPjqNrlPlnLrNVIUQKfdzCiYgedZGrUDaASxC-wh31x2ZP0p-6VuR_9OBlVqwPYNgbtJboqTcYvHFQ40P82T6w Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://developers.nationwidevisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless function| $ function| jQuery function| Popper object| bootstrap object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nationwidevisas.com/	1970-01-20 19:28:07	Name: __gads Value: ID=4adaf5807ed90937:T=1677991252:S=ALNI_MZQC947bpRCwQq4DjOSmeYy8uujAQ
			.nationwidevisas.com/	1970-01-20 19:28:07	Name: __gpi Value: UID=00000bbf30581853:T=1677991252:RT=1677991252:S=ALNI_Ma8KC9m1fX2jsJoZc9IdD3vvBPZnA
			.doubleclick.net/	1970-01-20 19:28:07	Name: IDE Value: AHWqTUl7y7U-c6hHyA-oKjvRwwdg43gAMw_KmMfBhg4SE6So9uACQzSxeD3st7VrG5g

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c55a6265f038aa9c76f269c3976c6c62.safeframe.googlesyndication.com
cdn.jsdelivr.net
developers.nationwidevisas.com
fonts.googleapis.com
pagead2.googlesyndication.com
raw.githack.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
use.fontawesome.com
www.google.com
www.googletagservices.com
13.126.160.219
2606:4700:3038::6815:eae7
2606:4700:e2::ac40:850f
2a00:1450:4001:802::2002
2a00:1450:4001:806::2004
2a00:1450:4001:811::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2001
2a00:1450:400d:808::2002
2a04:4e42::485
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
0736a7e34bc735fe9efa58311118fe0e4c15ed00dec0d1b81813bb8b52286cb8
19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49
236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0
2d89e82526360e21d6e54de71ea974f1b2de813e629fdd2d2339de5489c0822b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33515c6a54a8690c26353215ee0e4958c58522abd7715e2734718a1393b63c84
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a3c817dfdfe131fdf81340ff847e1e4705a4cb29b4c95deb82b4e8e1f2115ca
7fc752aa99658032743d50fbb7827abf58e6f3bbd60dc0e44adbc045dd8bf4d0
9f4db97a789c9ab8bc57cd44772d1a4ad733c6d22037bbd0ed749bc12ec43dd8
a26fff1a903ef896859f0a5deb77608c6cbc9bb978642dada79874222d820e82
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ad2397a7abaaedd27250b6c71ef0f7dd7c8f06ea4037ac82ccaf971cc1bb7072
c3c0af845b3b88735552d9d23f460a120d34a7d221d77ae52fdcc6aaf2dd78f0
d2f3b1f0a019c4198896447a6cddd0c1982247d5c24ff232f6a3ae8c53d1e47d
d36c602b014703bd043f8b502094e23cb1e64cb453973f1e09ad7cb7d847d3e7
de869187a4d605b599f75528a5d05a278c5e86faf8ba4c2ec7b20d1424716f4d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
eaab193a5574cbdc3f4f1cafa10cbfa46daa2a317dd07e95df6313e0160f5f27
ed0f122470c4d13d86bbabdc38046d743d0228204a56d786d2e17bd83fd358ce
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
fec21e438944ba2b994fb586932354c40f9770a7c2f75bbeefc518f67df841e5