urlscan.io logo urlscan.io
SecurityTrails logo

client-tool.definedprotection.com Open in urlscan Pro
40.112.187.241  Public Scan

Go To Rescan Add Verdict Report
URL: https://client-tool.definedprotection.com/
Submission: On July 06 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 17 domains to perform 60 HTTP transactions. The main IP is 40.112.187.241, located in San Jose, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is client-tool.definedprotection.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on July 6th 2024. Valid for: 6 months.
This is the only time client-tool.definedprotection.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 40.112.187.241 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.213.161.219 20940 (AKAMAI-ASN1)
8 99.86.90.76 16509 (AMAZON-02)
2 54.155.49.201 16509 (AMAZON-02)
3 2600:9000:218... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 142.250.181.230 15169 (GOOGLE)
1 142.250.186.166 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 44.234.198.184 16509 (AMAZON-02)
2 35.201.112.186 396982 (GOOGLE-CL...)
2 35.186.194.58 15169 (GOOGLE)
2 40.112.184.16 8075 (MICROSOFT...)
13 20.60.233.66 8075 (MICROSOFT...)
60 21
6    40.112.187.241 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
client-tool.definedprotection.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    23.213.161.219 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-219.deploy.static.akamaitechnologies.com
tags.nationwide.com
8    99.86.90.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-90-76.cdg50.r.cloudfront.net
cdn.segment.com
2    54.155.49.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-49-201.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    2600:9000:218c:c200:2:8f43:5780:93a1 (United States)

ASN16509 (AMAZON-02, US)
nexus.ensighten.com
4    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
4246221.fls.doubleclick.net
1    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
ad.doubleclick.net
4    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    44.234.198.184 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-234-198-184.us-west-2.compute.amazonaws.com
api.segment.io
2    35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
2    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
2    40.112.184.16 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dpatool-api.definedprotection.com
13    20.60.233.66 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
nationwide1.blob.core.windows.net
Apex Domain
Subdomains		 Transfer
13 windows.net
nationwide1.blob.core.windows.net
935 KB
8 segment.com
cdn.segment.com — Cisco Umbrella Rank: 2151
97 KB
8 definedprotection.com
client-tool.definedprotection.com
dpatool-api.definedprotection.com
2 MB
4 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2980
rs.fullstory.com — Cisco Umbrella Rank: 2767
78 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 82
22 KB
4 doubleclick.net
4246221.fls.doubleclick.net — Cisco Umbrella Rank: 445226
ad.doubleclick.net — Cisco Umbrella Rank: 194
stats.g.doubleclick.net — Cisco Umbrella Rank: 158
1019 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 85
314 KB
3 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 4923
68 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 216
86 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 279
1 KB
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1410
186 B
1 google.de
www.google.de — Cisco Umbrella Rank: 7165
63 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2408
1 nationwide.com
tags.nationwide.com — Cisco Umbrella Rank: 137466
celebrus-test.nationwide.com Failed
87 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 277
4 KB
0 polyfill.io Failed
cdn.polyfill.io Failed
60 17
Domain Requested by
13 nationwide1.blob.core.windows.net client-tool.definedprotection.com
8 cdn.segment.com client-tool.definedprotection.com
cdn.segment.com
6 client-tool.definedprotection.com client-tool.definedprotection.com
4 www.google-analytics.com tags.nationwide.com
www.google-analytics.com
www.googletagmanager.com
4 www.googletagmanager.com tags.nationwide.com
www.googletagmanager.com
client-tool.definedprotection.com
3 nexus.ensighten.com tags.nationwide.com
2 dpatool-api.definedprotection.com client-tool.definedprotection.com
2 rs.fullstory.com edge.fullstory.com
2 edge.fullstory.com cdn.segment.com
edge.fullstory.com
2 www.facebook.com client-tool.definedprotection.com
2 connect.facebook.net nexus.ensighten.com
connect.facebook.net
2 4246221.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 dpm.demdex.net tags.nationwide.com
1 api.segment.io cdn.segment.com
1 www.google.de client-tool.definedprotection.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 ad.doubleclick.net client-tool.definedprotection.com
1 tags.nationwide.com client-tool.definedprotection.com
1 cdnjs.cloudflare.com client-tool.definedprotection.com
0 celebrus-test.nationwide.com Failed nexus.ensighten.com
0 cdn.polyfill.io Failed client-tool.definedprotection.com
60 22

This site contains no links.

Subject Issuer Validity Valid
client-tool.definedprotection.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-07-06 -
2025-01-06		 6 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
tags.nationwide.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-04 -
2025-05-11		 a year crt.sh
*.segment.com
Amazon RSA 2048 M03		 2023-11-14 -
2024-12-13		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
nexus.ensighten.com
Amazon RSA 2048 M02		 2023-09-29 -
2024-10-27		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-15 -
2024-07-14		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.de
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.segment.io
Amazon RSA 2048 M03		 2023-12-13 -
2025-01-11		 a year crt.sh
edge.fullstory.com
WR3		 2024-06-28 -
2024-09-27		 3 months crt.sh
rs.fullstory.com
WR3		 2024-06-29 -
2024-09-27		 3 months crt.sh
dpatool-api.definedprotection.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-07-06 -
2025-01-06		 6 months crt.sh
*.blob.core.windows.net
Microsoft Azure RSA TLS Issuing CA 04		 2024-03-25 -
2025-03-20		 a year crt.sh

This page contains 2 frames:

Primary Page: https://client-tool.definedprotection.com/
Frame ID: 5157B0C3AA3CB04A583064D92B3D2EE8
Requests: 59 HTTP requests in this frame

Frame: https://4246221.fls.doubleclick.net/activityi;dc_pre=CPKZqofDk4cDFdhaHgIdsggkVg;src=4246221;type=nfxnfss;cat=ppt-lppv;ord=6492448977084;npa=1;auiddc=466087615.1720307021;u3=https%3A%2F%2Fclient-tool.definedprotection.com%2F;ps=1;pcor=1233520897;pscdl=noapi;frm=0;gtm=45fe4730v9135074151za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fclient-tool.definedprotection.com%2F
Frame ID: 039AB324E48A24861D855FCE66A11027
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nationwide DPA 2.0 Client Tool

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

60
Requests

97 %
HTTPS

45 %
IPv6

17
Domains

22
Subdomains

21
IPs

4
Countries

4151 kB
Transfer

6227 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://4246221.fls.doubleclick.net/activityi;src=4246221;type=nfxnfss;cat=ppt-lppv;ord=6492448977084;npa=1;auiddc=466087615.1720307021;u3=https%3A%2F%2Fclient-tool.definedprotection.com%2F;ps=1;pcor=1233520897;pscdl=noapi;frm=0;gtm=45fe4730v9135074151za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fclient-tool.definedprotection.com%2F HTTP 302
  • https://4246221.fls.doubleclick.net/activityi;dc_pre=CPKZqofDk4cDFdhaHgIdsggkVg;src=4246221;type=nfxnfss;cat=ppt-lppv;ord=6492448977084;npa=1;auiddc=466087615.1720307021;u3=https%3A%2F%2Fclient-tool.definedprotection.com%2F;ps=1;pcor=1233520897;pscdl=noapi;frm=0;gtm=45fe4730v9135074151za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fclient-tool.definedprotection.com%2F

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
client-tool.definedprotection.com/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://client-tool.definedprotection.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.112.187.241 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d6dca480f8f5d2592557af1a1909b621828ba2fd06f626e98c8887f885c80467
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache, no-store
Content-Length
3763
Content-Type
text/html
Date
Sat, 06 Jul 2024 23:03:39 GMT
ETag
"1dab86c4685b1b3"
Expires
-1
Last-Modified
Thu, 06 Jun 2024 23:50:14 GMT
Server
Kestrel
Strict-Transport-Security
max-age=2592000
fonts.css
client-tool.definedprotection.com/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client-tool.definedprotection.com/fonts.css
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.112.187.241 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
328784ddbeb8a3b9a65b422ee43be1d3f288e65f52c3f395cf8426c0a523e698
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Jul 2024 23:03:39 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Thu, 06 Jun 2024 23:50:14 GMT
Server
Kestrel
ETag
"1dab86c4685b34d"
Content-Type
text/css
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
3149
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:03:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
267288
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3279
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-ce35"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5LRxNNg5JmEpY5u9OUiRBa%2BEFclAR97WlP8PXKF77f9k%2Bt29A7TL7%2BlVqf2qbo1BsIn29lfo5Ggxl2w3X0yGDS%2B5YOef4%2BbSV1u6WT%2FGjro1sThoIKdg82n62e6CnQMDlOz9eRqFuv%2BkksMdAxycXksf"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89f33abc6e559b77-FRA
expires
Thu, 26 Jun 2025 23:03:40 GMT
polyfill.min.js
cdn.polyfill.io/v2/ 		0
0
Bootstrap.js
tags.nationwide.com/test/ 		283 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.nationwide.com/test/Bootstrap.js
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-219.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
5a1ab6ff0827cb6f1424352224d30ac3e6e1a9ce003b110b0f44efbdcec333eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
yDU9evQIPg.INaQdJXEqxq6yoGYhDU90
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 Jul 2024 23:03:40 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-amz-cf-pop
IAD12-P2, ATL56-P1
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=MISS, edge; dur=366, origin; dur=10, ak_p; desc="1720307020269_399876315_610749414_37553_8133_5_155_219";dur=1
content-length
88614
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Wed, 03 Jul 2024 15:13:05 GMT
server
CloudFront
etag
W/"1f943f9318ec1cfb4c33d04426d16503"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store
x-amz-cf-id
O9heGpI4RBalvJLQLmfieWd-rnimjIVAMOq9jpEvS7LVKta5C2KN3Q==
expires
Sat, 06 Jul 2024 23:03:40 GMT
index-7_M_3_az.js
client-tool.definedprotection.com/assets/ 		251 KB
251 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client-tool.definedprotection.com/assets/index-7_M_3_az.js
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.112.187.241 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
0d256c5f09ea9105a277c5489b18e8982386869e65165683333469d035fba06b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Origin
https://client-tool.definedprotection.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Jul 2024 23:03:40 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Thu, 06 Jun 2024 23:50:14 GMT
Server
Kestrel
ETag
"1dab86c468655c7"
Content-Type
application/javascript
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
256711
vendor-Dll_MiH4.js
client-tool.definedprotection.com/assets/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://client-tool.definedprotection.com/assets/vendor-Dll_MiH4.js
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.112.187.241 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d6dd3abedfffbf96474447df20151a9b45d5ace1a3580fa890f11153dcd97ed4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Origin
https://client-tool.definedprotection.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Jul 2024 23:03:40 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Thu, 06 Jun 2024 23:50:14 GMT
Server
Kestrel
ETag
"1dab86c46982426"
Content-Type
application/javascript
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
1940262
index-D2hF3LzH.css
client-tool.definedprotection.com/assets/ 		300 KB
300 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client-tool.definedprotection.com/assets/index-D2hF3LzH.css
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.112.187.241 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
abf32abad3d51b8be3d229028a5114614f6d39ea693e5d315df8f91819789d9c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Origin
https://client-tool.definedprotection.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Jul 2024 23:03:40 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Thu, 06 Jun 2024 23:50:14 GMT
Server
Kestrel
ETag
"1dab86c468110aa"
Content-Type
text/css
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
307114
analytics.min.js
cdn.segment.com/analytics.js/v1/tmkLc4o1ihqwCcsLV3qmGDwHtgjgXh4B/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/tmkLc4o1ihqwCcsLV3qmGDwHtgjgXh4B/analytics.min.js
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-90-76.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f9890015e804725850f823dd283c2a6521ab7a3fb71aa65efd948db7f40cd880

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:03:42 GMT
x-amz-version-id
8ky4TPuz9LZKtNmLmZSaLRtyCMvbwJ3C
content-encoding
br
via
1.1 834f63af56be39c339db32b1eb931e1a.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 30 May 2024 18:00:23 GMT
server
AmazonS3
etag
W/"de51e75d59f893b5c28610b0bc6fb597"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
VMoPRkWLbn4ctrl3481wqrHWix2jhVktSsOhvrH5G8Tuz_z0dy-W8w==
id
dpm.demdex.net/ 		129 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1B3AA45570643167F000101%40AdobeOrg&d_nsid=0&ts=1720307020961
Requested by
Host: tags.nationwide.com
URL: https://tags.nationwide.com/test/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.155.49.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-49-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
57519014b711613de95bbe375fb3a2421b8fcbcfd0859bf1732ab7fb1a12190a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-irl1-1-v062-0e7d3f901.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Sat, 06 Jul 2024 23:03:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
Lgymd+eqTk0=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://client-tool.definedprotection.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
x-error
2
content-length
146
expires
Thu, 01 Jan 1970 00:00:00 UTC
serverComponent.php
nexus.ensighten.com/nationwide/test/ 		423 B
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/nationwide/test/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/nationwide/test/code/&publishedOn=Wed%20Jul%2003%2015:12:58%20GMT%202024&ClientID=402&PageID=https%3A%2F%2Fclient-tool.definedprotection.com%2F%3F_d%3D%5Bobject%20Object%5D
Requested by
Host: tags.nationwide.com
URL: https://tags.nationwide.com/test/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218c:c200:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
1fef635a26906681e611401a9ae7ae556d088a259dc187400fc209660a4b1902

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:03:41 GMT
via
1.1 98856bd09231d01c667222ebf203b580.cloudfront.net (CloudFront)
x-nexus-testspace
test
server
CloudFront
x-amz-cf-pop
CDG50-P1
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
no-cache
x-nexus-test-active
1
alt-svc
h3=":443"; ma=86400
content-length
423
x-amz-cf-id
4GmTTX6Qi3msLvJtD5B_QuU6hiPID3Io8cLGrj3DCePpua2zo-lGRg==
expires
Sat, 06 Jul 2024 23:03:40 GMT
id
dpm.demdex.net/ 		129 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1B3AA45570643167F000101%40AdobeOrg&d_nsid=0&d_mid=92206201389826171435277776531261565366&ts=1720307021097
Requested by
Host: tags.nationwide.com
URL: https://tags.nationwide.com/test/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.155.49.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-49-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
57519014b711613de95bbe375fb3a2421b8fcbcfd0859bf1732ab7fb1a12190a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-irl1-2-v062-0d101b49c.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Sat, 06 Jul 2024 23:03:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
QuWWFz4pQ0U=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://client-tool.definedprotection.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
x-error
2
content-length
146
expires
Thu, 01 Jan 1970 00:00:00 UTC
5b56d35d643806df2d0dcdaec1faf519.js
nexus.ensighten.com/nationwide/test/code/ 		398 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/nationwide/test/code/5b56d35d643806df2d0dcdaec1faf519.js?conditionId0=4903764
Requested by
Host: tags.nationwide.com
URL: https://tags.nationwide.com/test/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218c:c200:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
3c6f810a8bf801bf341b648417e8d063929a0c4286f16e34d88803a94fd1cd5e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 00:53:16 GMT
x-amz-version-id
sD9USACSx6VTMj3LyxHpzuInKyZmu3F7
content-encoding
br
via
1.1 98856bd09231d01c667222ebf203b580.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P1
age
79826
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 05 Jun 2024 16:54:37 GMT
server
CloudFront
etag
W/"8c5b105b68fc6327f5e6784e9d12fa2d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
sZ7R4iL8OzdxsMja0KRhK8iQ6KFJR7nRkawtCe4_I9W0IX0pKigdmg==
a6ff582c19e69a96a6d592b7fa0ea58d.js
nexus.ensighten.com/nationwide/test/code/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/nationwide/test/code/a6ff582c19e69a96a6d592b7fa0ea58d.js?conditionId0=422940
Requested by
Host: tags.nationwide.com
URL: https://tags.nationwide.com/test/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218c:c200:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
3a13b001783f3f4b4f8febaaa903cfa88f1cf064acd2b5955dbfc8aadb593c24

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 19:52:27 GMT
x-amz-version-id
vi_9EkUj9E8j3bsFDGhVbXutf9r40hTE
content-encoding
br
via
1.1 98856bd09231d01c667222ebf203b580.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P1
age
875475
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 26 Jun 2024 19:40:58 GMT
server
CloudFront
etag
W/"0d04d13ded7d3b50e8310fa80e0f0143"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
9HFXadiuF3m1fvCf1AXeUGbnMDfDYpC-vNHqw6MT-ypkd59NhBfs0w==
session.json
celebrus-test.nationwide.com/1122/js/events/v10/ 		0
0
js
www.googletagmanager.com/gtag/ 		211 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-4246221
Requested by
Host: tags.nationwide.com
URL: https://tags.nationwide.com/test/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d1cd66aad6e8934a7c8a06eacc81562ae4d49918dbcf86ddd6a70fc1f6c98398
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:03:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77848
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jul 2024 23:03:41 GMT
activityi;dc_pre=CPKZqofDk4cDFdhaHgIdsggkVg;src=4246221;type=nfxnfss;cat=ppt-lppv;ord=6492448977084;npa=1;auiddc=466087615.1720307021;u3=https%3A%2F%2Fclient-tool.definedprotection.com%2F;ps=1;pcor...
4246221.fls.doubleclick.net/ Frame 039A
Redirect Chain
  • https://4246221.fls.doubleclick.net/activityi;src=4246221;type=nfxnfss;cat=ppt-lppv;ord=6492448977084;npa=1;auiddc=466087615.1720307021;u3=https%3A%2F%2Fclient-tool.definedprotection.com%2F;ps=1;pc...
  • https://4246221.fls.doubleclick.net/activityi;dc_pre=CPKZqofDk4cDFdhaHgIdsggkVg;src=4246221;type=nfxnfss;cat=ppt-lppv;ord=6492448977084;npa=1;auiddc=466087615.1720307021;u3=https%3A%2F%2Fclient-too...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://4246221.fls.doubleclick.net/activityi;dc_pre=CPKZqofDk4cDFdhaHgIdsggkVg;src=4246221;type=nfxnfss;cat=ppt-lppv;ord=6492448977084;npa=1;auiddc=466087615.1720307021;u3=https%3A%2F%2Fclient-tool.definedprotection.com%2F;ps=1;pcor=1233520897;pscdl=noapi;frm=0;gtm=45fe4730v9135074151za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fclient-tool.definedprotection.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4246221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://client-tool.definedprotection.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
320
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jul 2024 23:03:41 GMT
expires
Sat, 06 Jul 2024 23:03:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jul 2024 23:03:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://4246221.fls.doubleclick.net/activityi;dc_pre=CPKZqofDk4cDFdhaHgIdsggkVg;src=4246221;type=nfxnfss;cat=ppt-lppv;ord=6492448977084;npa=1;auiddc=466087615.1720307021;u3=https%3A%2F%2Fclient-tool.definedprotection.com%2F;ps=1;pcor=1233520897;pscdl=noapi;frm=0;gtm=45fe4730v9135074151za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fclient-tool.definedprotection.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=4246221;type=nfxnfss;cat=ppt-lppv;ord=6492448977084;npa=1;auiddc=466087615.1720307021;u3=https%3A%2F%2Fclient-tool.definedprotection.com%2F;ps=1;pcor=1233520897;p...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=4246221;type=nfxnfss;cat=ppt-lppv;ord=6492448977084;npa=1;auiddc=466087615.1720307021;u3=https%3A%2F%2Fclient-tool.definedprotection.com%2F;ps=1;pcor=1233520897;pscdl=noapi;frm=0;gtm=45fe4730v9135074151za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fclient-tool.definedprotection.com%2F?
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 23:03:41 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"4062519826171830869"}],"aggregatable_trigger_data":[{"filters":[{"14":["11084647"]}],"key_piece":"0x6a1d6ae26fc49e21","source_keys":["12","13","14","15","16","17","18","19","20","21","15674240","15674241","15674242","15674243","15683164","15683165","15683166","15683167","628468188","628468189","628468190","628468191","628569380","628569381","628569382","628569383","634786280","634786281","634786282","634786283","634796588","634796589","634796590","634796591","634797612","634797613","634797614","634797615"]},{"key_piece":"0x69b8616b9dac2869","not_filters":{"14":["11084647"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","15674240","15674241","15674242","15674243","15683164","15683165","15683166","15683167","628468188","628468189","628468190","628468191","628569380","628569381","628569382","628569383","634786280","634786281","634786282","634786283","634796588","634796589","634796590","634796591","634797612","634797613","634797614","634797615"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"15674240":36,"15674241":36,"15674242":36,"15674243":3530,"15683164":40,"15683165":40,"15683166":40,"15683167":3973,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628468188":34,"628468189":34,"628468190":34,"628468191":3345,"628569380":38,"628569381":38,"628569382":38,"628569383":3739,"634786280":46,"634786281":46,"634786282":46,"634786283":4540,"634796588":54,"634796589":54,"634796590":54,"634796591":5297,"634797612":36,"634797613":36,"634797614":36,"634797615":3530},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"14450577775948861970","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"4062519826171830869","filters":[{"14":["11084647"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"4062519826171830869","filters":[{"14":["11084647"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"4062519826171830869","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"4062519826171830869","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["4246221"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tags.nationwide.com
URL: https://tags.nationwide.com/test/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 Jul 2024 21:41:01 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4960
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 06 Jul 2024 23:41:01 GMT
js
www.googletagmanager.com/gtag/ 		196 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-47687635-25&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4246221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d2b32e220ad8dff63287027f5426aa4bba32ecb24bb73246851f7f35a1183d25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:03:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72794
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jul 2024 23:03:41 GMT
js
www.googletagmanager.com/gtag/ 		270 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LL9L8XC6SH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4246221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fc34b01e99e81bb51d26d5906524ff56fcd5259badb023bf3222cca451443563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:03:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95741
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jul 2024 23:03:41 GMT
fbevents.js
connect.facebook.net/en_US/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/nationwide/test/code/a6ff582c19e69a96a6d592b7fa0ea58d.js?conditionId0=422940
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 06 Jul 2024 23:03:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
lrcnhJMdoaH5nmq2nSNPc0bTGfKv2aI5uEDUt7GYnq4NnbVbC2HU4oDH+vX57iPsIrL4BikuirDZQL/C+YfvLQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-LL9L8XC6SH&gtm=45je4730v894382647za200zb9135074151&_p=1720307021338&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=423426637.1720307022&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720307021&sct=1&seg=0&dl=https%3A%2F%2Fclient-tool.definedprotection.com%2F&dt=Nationwide%20DPA%202.0%20Client%20Tool&dp=%2F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.link_attribution=true&tfd=2295&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LL9L8XC6SH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 23:03:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://client-tool.definedprotection.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
266 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LL9L8XC6SH&cid=423426637.1720307022&gtm=45je4730v894382647za200zb9135074151&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LL9L8XC6SH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 23:03:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://client-tool.definedprotection.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LL9L8XC6SH&cid=423426637.1720307022&gtm=45je4730v894382647za200zb9135074151&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=285682339
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 23:03:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 22:24:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2347
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 06 Jul 2024 23:24:34 GMT
175966709547629
connect.facebook.net/signals/config/ 		176 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/175966709547629?v=2.9.160&r=stable&domain=client-tool.definedprotection.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
25ab5a94fc97efb247522246f697893ef2ecd686ede871deb9c8a162152b3cab
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 06 Jul 2024 23:03:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=64, mss=1328, tbw=63827, tp=-1, tpl=-1, uplat=107, ullat=0
pragma
public
x-fb-debug
cPCwSKkl7TaUv9iq/9seCqs+1Eq9IkjSTSRxgkE7sNF8In++4wLLc5tQOLfS7DVO58Z9A1wgWGYk+QdTpO/bMw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1125415411&t=pageview&_s=1&dl=https%3A%2F%2Fclient-tool.definedprotection.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=Nationwide%20DPA%202.0%20Client%20Tool&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CDAAUIhAAAAACAAI~&jid=865365524&gjid=1214991119&cid=423426637.1720307022&tid=UA-47687635-25&_gid=567031002.1720307022&_r=1&gtm=457e4730za200zb9135074151&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&cd9=&cd10=&cd130=&cd152=&jsscut=1&npa=1&z=1914269591
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 23:03:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://client-tool.definedprotection.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=175966709547629&ev=PageView&dl=https%3A%2F%2Fclient-tool.definedprotection.com&rl=&if=false&ts=1720307021726&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=28&cs_est=true&pm=1&hrl=68c871&ler=empty&cdl=API_unavailable&it=1720307021588&coo=false&dpo=LDU&dpoco=0&dpost=0&cs_cc=1&cas=7462887740485822%2C25261107580203435%2C25163191163326451%2C7369858566463527%2C8187561167939408%2C7322035667893238%2C7302663053156417%2C7444410462301797&rqm=GET
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1328, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Jul 2024 23:03:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=175966709547629&ev=PageView&dl=https%3A%2F%2Fclient-tool.definedprotection.com&rl=&if=false&ts=1720307021726&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=28&cs_est=true&pm=1&hrl=68c871&ler=empty&cdl=API_unavailable&it=1720307021588&coo=false&dpo=LDU&dpoco=0&dpost=0&cs_cc=1&cas=7462887740485822%2C25261107580203435%2C25163191163326451%2C7369858566463527%2C8187561167939408%2C7322035667893238%2C7302663053156417%2C7444410462301797&rqm=FGET
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x42e89a3a872e9423","source_keys":["1","2"]},{"key_piece":"0x7444fff0627e18f1","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sat, 06 Jul 2024 23:03:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7388662394477696452", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1328, tbw=3102, tp=-1, tpl=-1, uplat=32, ullat=0
pragma
no-cache
x-fb-debug
maK62gbyDxDrEWWyn314Kps8ZA22Os7Bqgax+/r1NGvMsM7hcRwEaGnnY8kzKtcGHtiLPJeRAStHp9dTIJfLOw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7388662394477696452"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
settings
cdn.segment.com/v1/projects/tmkLc4o1ihqwCcsLV3qmGDwHtgjgXh4B/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/tmkLc4o1ihqwCcsLV3qmGDwHtgjgXh4B/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/tmkLc4o1ihqwCcsLV3qmGDwHtgjgXh4B/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-90-76.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d048692bd03b3bb7b61a635e1f0a090689ff52d7468c9d5ee6c975a86e663c4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:03:43 GMT
x-amz-version-id
iSwEB0cIN5C5jiKZsqCxYS__sw_dKCCi
content-encoding
br
via
1.1 ec0e2f034bee82259de23281111aa344.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 14 Jun 2024 17:38:46 GMT
server
AmazonS3
etag
W/"8cedcdd89b2c533df68d624892e1865b"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
N_F9Bw2WEpFk_XO1aid_07GtUQYxqQB1xv5biDzIC-4Rj5S1N4lm1Q==
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/tmkLc4o1ihqwCcsLV3qmGDwHtgjgXh4B/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-90-76.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 21:21:45 GMT
x-amz-version-id
EYTGyvtcMO7xiv0aLjUrtjyzwCLVwVFl
content-encoding
br
via
1.1 834f63af56be39c339db32b1eb931e1a.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-C1
age
4066918
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 20 May 2024 19:24:04 GMT
server
AmazonS3
etag
W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
Kb5ilnKuXKzAC3rxkbSzXKGnX8LAx8HT_CPMgLgLx3l-8adHeMYYBQ==
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/tmkLc4o1ihqwCcsLV3qmGDwHtgjgXh4B/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-90-76.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 09:16:29 GMT
x-amz-version-id
GkXsOKuTiXl4MZOgOPAQ2PHoPu34pyRP
content-encoding
br
via
1.1 834f63af56be39c339db32b1eb931e1a.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-C1
age
3851233
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 22 May 2024 17:49:11 GMT
server
AmazonS3
etag
W/"3867b2388b619ff7fddc29ef359fc9aa"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
M7BmanKllrEouBzTwM0oQTsaHZBCcv9dShHpUljbtdLdwxWkLfu5kQ==
visual-tagger.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/visual-tagger.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/tmkLc4o1ihqwCcsLV3qmGDwHtgjgXh4B/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-90-76.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f908387823175b7d9097817c5f9cef879593f7eb9dbdc2ec8a218d688e405bae

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 13 Oct 2023 05:40:11 GMT
content-encoding
gzip
via
1.1 834f63af56be39c339db32b1eb931e1a.cloudfront.net (CloudFront)
x-amz-version-id
BoZc5J4vUfOIO.4GDJdSm6lWcY39e_Wn
x-amz-cf-pop
CDG50-C1
age
23131412
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15523
last-modified
Tue, 10 Oct 2023 12:17:24 GMT
server
AmazonS3
etag
"22f964b449ca210bdea17404f4624ac9"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
s_zXji-BVIsK9jecLro07q9rHsre7-0y27E06kI6LFR0hYCKbdV_DA==
fullstory.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/fullstory/3.1.0/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/fullstory/3.1.0/fullstory.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/tmkLc4o1ihqwCcsLV3qmGDwHtgjgXh4B/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-90-76.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9fda204818eb76752b45ba07f2a3357507dfbd1ffac18a8badebda6f96feab7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 09:59:51 GMT
content-encoding
gzip
via
1.1 834f63af56be39c339db32b1eb931e1a.cloudfront.net (CloudFront)
x-amz-version-id
oPHfKDIg3jvUi4BGP8xSSh5eX6u0MY0C
x-amz-cf-pop
CDG50-C1
age
7304632
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2166
last-modified
Fri, 05 Apr 2024 16:42:47 GMT
server
AmazonS3
etag
"5ab49a383e9cf7b93c013d369b1b30f7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
cviS2ctWRQkaHby6jWolnZ3SnjkLOiXVgtAMdVtR_boMWX50q8F6Aw==
p
api.segment.io/v1/ 		21 B
186 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/tmkLc4o1ihqwCcsLV3qmGDwHtgjgXh4B/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.234.198.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-234-198-184.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://client-tool.definedprotection.com
date
Sat, 06 Jul 2024 23:03:42 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
commons.c42222c4cb2f8913500f.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/tmkLc4o1ihqwCcsLV3qmGDwHtgjgXh4B/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-90-76.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Jan 2024 21:51:57 GMT
content-encoding
gzip
via
1.1 834f63af56be39c339db32b1eb931e1a.cloudfront.net (CloudFront)
x-amz-version-id
uOfxQOMLwdt.eKHcMs4MBn7QUxA0mLtL
x-amz-cf-pop
CDG50-C1
age
15383506
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22177
last-modified
Wed, 18 Oct 2023 10:36:32 GMT
server
AmazonS3
etag
"befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
uLTjhoTx1eTAxiwJTm59Nrb50wxb-l0MEw_uGH23YbMp_Uvsh9LlBA==
commons.a61d7bea37d2de5d4b69.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/tmkLc4o1ihqwCcsLV3qmGDwHtgjgXh4B/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-90-76.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 16:51:43 GMT
content-encoding
gzip
via
1.1 834f63af56be39c339db32b1eb931e1a.cloudfront.net (CloudFront)
x-amz-version-id
1Y99HfuTczPsGIDdcPhw1L1EusEviR19
x-amz-cf-pop
CDG50-C1
age
7971120
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21911
last-modified
Fri, 05 Apr 2024 16:42:46 GMT
server
AmazonS3
etag
"c467a63b2e7c3a99be423ace649014d8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
n6PdlJtHmqCSo-NcfjMZ4QBwwE1i3n01CSRDYfFaq94mjHgIs5zCsw==
fs.js
edge.fullstory.com/s/ 		277 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3437f195c3f03e93049d9ef9c9e79b2ebeb8b97339a268cf2d6e4ab38aee09c5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Origin
https://client-tool.definedprotection.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 22:41:57 GMT
content-encoding
br
age
1305
x-guploader-uploadid
ACJd0NrSADPj53mkW0g6Ex-vx6_3rDx6RBOOMu5S9TrTzPP_cXDjuskGwzIO49q1Cy33m1kgYEo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76394
last-modified
Wed, 03 Jul 2024 18:36:55 GMT
server
UploadServer
etag
"f79ad65695b94b39d47799af56fbd7e3"
vary
Accept-Encoding
x-goog-generation
1720031815755225
x-goog-hash
crc32c=wtOMAQ==, md5=95rWVpW5SznUd5mvVvvX4w==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
76394
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 06 Jul 2024 23:41:57 GMT
web
edge.fullstory.com/s/settings/o-1HJTVJ-na1/v1/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/settings/o-1HJTVJ-na1/v1/web
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1e3cbc0bb25f0535fc838c55380560b58705195371a6d270f336d1239ed12609

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:03:42 GMT
content-encoding
gzip
x-guploader-uploadid
ACJd0NpvOVIwtxI6zWVCi4jQ9shDBhUnBQu5N9M0ByAk9vs6GcAnyRSkDSB6aVnziREr_B8WoXs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1234
last-modified
Sat, 06 Jul 2024 23:03:22 GMT
server
UploadServer
etag
"dfe8f5962eb4f7305b5653c5d78f450a"
x-goog-generation
1720307002839528
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=W/KSDQ==, md5=3+j1li609zBbVlPF149FCg==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
1234
accept-ranges
bytes
expires
Sat, 06 Jul 2024 23:18:42 GMT
page
rs.fullstory.com/rec/ 		1 KB
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
44c35bed2f921fbce8d8303ef92b961d5fe0e7341e2dfa8791b4b246c443905f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jul 2024 23:03:42 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json; charset=utf-8
access-control-allow-origin
https://client-tool.definedprotection.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
554
protectionlevel
dpatool-api.definedprotection.com/api/v1/ 		48 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpatool-api.definedprotection.com/api/v1/protectionlevel
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/assets/vendor-Dll_MiH4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.112.184.16 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
77dd56f6bf0c73a59c2f1a594d9a8307a54ab5a66f233115d0be61a2e0074e00
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Jul 2024 23:03:43 GMT
Strict-Transport-Security
max-age=300; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Content-Length
48
X-XSS-Protection
1
configurations
dpatool-api.definedprotection.com/api/v1/main/ 		128 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpatool-api.definedprotection.com/api/v1/main/configurations
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/assets/vendor-Dll_MiH4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.112.184.16 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
39d3aede35744b7a8fb367d23f1f094a3898c6942aa3f9ad425c4f7cebf35391
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Jul 2024 23:03:43 GMT
Strict-Transport-Security
max-age=300; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Content-Length
128
X-XSS-Protection
1
favicon.ico
client-tool.definedprotection.com/ 		874 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://client-tool.definedprotection.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.112.187.241 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
336801677fd7aeb293a7f64a9abcb9a5edd6a5d353385cc54f1dd0c26904b089
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Jul 2024 23:03:42 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Thu, 06 Jun 2024 23:50:14 GMT
Server
Kestrel
ETag
"1dab86c4685bc6a"
Content-Type
image/x-icon
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
874
gtm.js
www.googletagmanager.com/ 		201 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K8QLD9H&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
759824406cc75c16174e26fb6e597c884cb7d850ee97dfc74a0f07f5a965f626
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 23:03:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74389
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jul 2024 23:03:43 GMT
Gotham-Book.woff
nationwide1.blob.core.windows.net/nationwide-dpa/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nationwide1.blob.core.windows.net/nationwide-dpa/Gotham-Book.woff
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.233.66 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
49c01c20ef51773d1f5534a8c5aca6c706d90a46621b528f727ec11d3a7c182f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Origin
https://client-tool.definedprotection.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 06 Jul 2024 23:03:43 GMT
Last-Modified
Mon, 25 Nov 2019 19:43:40 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D771DFC5DD4115
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
x-ms-request-id
c681fb84-a01e-001f-1ff8-cfb5dc000000
Access-Control-Expose-Headers
Access-Control-Allow-Origin
x-ms-version
2009-09-19
Content-Length
21044
Gotham-Bold.woff
nationwide1.blob.core.windows.net/nationwide-dpa/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nationwide1.blob.core.windows.net/nationwide-dpa/Gotham-Bold.woff
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.233.66 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
54d783a988611f6db7e25a5f62562441ca3730247be858f6ad67682ebc0381d0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Origin
https://client-tool.definedprotection.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 06 Jul 2024 23:03:43 GMT
Last-Modified
Mon, 25 Nov 2019 19:43:40 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D771DFC5D96F96
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
x-ms-request-id
cb4ff80d-201e-002e-3ff8-cf54cf000000
Access-Control-Expose-Headers
Access-Control-Allow-Origin
x-ms-version
2009-09-19
Content-Length
50336
Gotham-Medium.woff
nationwide1.blob.core.windows.net/nationwide-dpa/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nationwide1.blob.core.windows.net/nationwide-dpa/Gotham-Medium.woff
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.233.66 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3f907921ebd5d479ec14331d9e9ba06fdec4862c18878bf9d96f633c6479d9a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Origin
https://client-tool.definedprotection.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 06 Jul 2024 23:03:44 GMT
Last-Modified
Mon, 25 Nov 2019 19:43:40 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D771DFC5F849D6
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
x-ms-request-id
39fb2151-601e-003f-3df8-cfce7b000000
Access-Control-Expose-Headers
Access-Control-Allow-Origin
x-ms-version
2009-09-19
Content-Length
21836
Gotham-Light.woff
nationwide1.blob.core.windows.net/nationwide-dpa/ 		48 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nationwide1.blob.core.windows.net/nationwide-dpa/Gotham-Light.woff
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.233.66 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d5650225b30b5d9f4d3b484a8e290818813274825e5c8d5775d052fd731e7800

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Origin
https://client-tool.definedprotection.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 06 Jul 2024 23:03:44 GMT
Last-Modified
Mon, 25 Nov 2019 19:43:40 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D771DFC5E64401
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
x-ms-request-id
3b2ed25f-f01e-0012-1af8-cf7d08000000
Access-Control-Expose-Headers
Access-Control-Allow-Origin
x-ms-version
2009-09-19
Content-Length
49604
Chronicle-Text-G1-Italic.otf
nationwide1.blob.core.windows.net/nationwide-dpa/ 		138 KB
138 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nationwide1.blob.core.windows.net/nationwide-dpa/Chronicle-Text-G1-Italic.otf
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.233.66 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b115aaa91fd02f1f91a30e797581fb5930af64e4e8da18d7b098f5aced9d4e8f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Origin
https://client-tool.definedprotection.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 06 Jul 2024 23:03:44 GMT
Last-Modified
Mon, 25 Nov 2019 19:55:48 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D771E177A8916A
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
x-ms-request-id
c681fcdd-a01e-001f-54f8-cfb5dc000000
Access-Control-Expose-Headers
Access-Control-Allow-Origin
x-ms-version
2009-09-19
Content-Length
141272
ProximaNova-Regular.otf
nationwide1.blob.core.windows.net/nationwide-dpa/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nationwide1.blob.core.windows.net/nationwide-dpa/ProximaNova-Regular.otf
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.233.66 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Origin
https://client-tool.definedprotection.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 06 Jul 2024 23:03:44 GMT
Last-Modified
Mon, 25 Nov 2019 19:56:27 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D771E18EBA8A7B
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
x-ms-request-id
12a640e3-401e-005a-73f8-cf603f000000
Access-Control-Expose-Headers
Access-Control-Allow-Origin
x-ms-version
2009-09-19
Content-Length
62892
ProximaNova-Bold.otf
nationwide1.blob.core.windows.net/nationwide-dpa/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nationwide1.blob.core.windows.net/nationwide-dpa/ProximaNova-Bold.otf
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.233.66 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b9e81a47aecd3d05445ae775f48d08b3de46b2039f1d229a58a87be194e327ec

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Origin
https://client-tool.definedprotection.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 06 Jul 2024 23:03:44 GMT
Last-Modified
Thu, 01 Oct 2020 22:19:16 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
crbyyZkL09N7gBOlnteJAg==
ETag
0x8D8665809051427
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
x-ms-request-id
a75fccca-e01e-0053-39f8-cf25ec000000
Access-Control-Expose-Headers
Access-Control-Allow-Origin
x-ms-version
2009-09-19
Content-Length
63808
analytics.js
www.google-analytics.com/ 		52 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8QLD9H&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 21:41:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4960
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 06 Jul 2024 23:41:01 GMT
panel_1_desktop.jpg
nationwide1.blob.core.windows.net/nationwide-dpa/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nationwide1.blob.core.windows.net/nationwide-dpa/panel_1_desktop.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.233.66 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d00e3d81635bab4cf3df6b173881fc7f7c0735b0761c2e5ed2e2c41e8b1e173a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 06 Jul 2024 23:03:45 GMT
Last-Modified
Wed, 03 Jan 2024 20:03:53 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
VD3fC4KeDV7dNZQBCRXudA==
ETag
0x8DC0C971C9584CF
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
29c8d54b-c01e-006b-0cf8-cf812c000000
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Cache-Control
no-cache
x-ms-version
2009-09-19
Content-Length
108832
v2
rs.fullstory.com/rec/bundle/ 		29 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle/v2?OrgId=o-1HJTVJ-na1&UserId=cf800e46-2fa3-4762-a1cf-4c32438df66f&SessionId=d9fa7c8c-ce26-42f8-9a29-8316a727b0e7&PageId=63a7e19f-fe3d-4c21-931e-35cd5fe18cda&Seq=1&ClientTime=1720307025648&PageStart=1720307023135&PrevBundleTime=0&LastActivity=2360&IsNewSession=true&ContentEncoding=gzip
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
c49c201c2ac6c0c9b31fc75f457dfdb07e1ed9d825bda9369be91da9134d52df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://client-tool.definedprotection.com
date
Sat, 06 Jul 2024 23:03:45 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8
panel_2_desktop.jpg
nationwide1.blob.core.windows.net/nationwide-dpa/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nationwide1.blob.core.windows.net/nationwide-dpa/panel_2_desktop.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.233.66 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
eab520fb59815cdbbaf81f5678b685511876d7ede46ad3ad93cc0a4260da1b51

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 06 Jul 2024 23:03:45 GMT
Last-Modified
Wed, 03 Jan 2024 20:04:20 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
m+zCnq4TGhIwZOm27Tav+w==
ETag
0x8DC0C972C5A7B6A
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
29c8d621-c01e-006b-49f8-cf812c000000
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Cache-Control
no-cache
x-ms-version
2009-09-19
Content-Length
88564
panel_3_desktop.jpg
nationwide1.blob.core.windows.net/nationwide-dpa/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nationwide1.blob.core.windows.net/nationwide-dpa/panel_3_desktop.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.233.66 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0ffe19e1aa233694ab7693c1ae6b692e6363f41440f4f3d5bb7c082c4c7859eb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 06 Jul 2024 23:03:45 GMT
Last-Modified
Wed, 03 Jan 2024 20:04:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
sKIarEVAr79FdpBS8eQX8w==
ETag
0x8DC0C9732DEAC5E
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
29c8d6c7-c01e-006b-05f8-cf812c000000
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Cache-Control
no-cache
x-ms-version
2009-09-19
Content-Length
94503
panel_1_desktop_blurred.jpg
nationwide1.blob.core.windows.net/nationwide-dpa/ 		195 KB
195 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nationwide1.blob.core.windows.net/nationwide-dpa/panel_1_desktop_blurred.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.233.66 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
127b127b2d34c6b2d8eb4d957e966ec02ee5b523200c32b7495e085c64441cfb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 06 Jul 2024 23:03:45 GMT
Last-Modified
Wed, 03 Jan 2024 20:03:39 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
lJmAFwJQkopQZi9pfX3S6Q==
ETag
0x8DC0C9713B6CDDA
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
29c8d71e-c01e-006b-4bf8-cf812c000000
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Cache-Control
no-cache
x-ms-version
2009-09-19
Content-Length
199257
panel_1_desktop.jpg
nationwide1.blob.core.windows.net/nationwide-dpa/ 		106 KB
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nationwide1.blob.core.windows.net/nationwide-dpa/panel_1_desktop.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.233.66 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d00e3d81635bab4cf3df6b173881fc7f7c0735b0761c2e5ed2e2c41e8b1e173a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 06 Jul 2024 23:03:46 GMT
Last-Modified
Wed, 03 Jan 2024 20:03:53 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
VD3fC4KeDV7dNZQBCRXudA==
ETag
0x8DC0C971C9584CF
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
29c8d761-c01e-006b-01f8-cf812c000000
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Cache-Control
no-cache
x-ms-version
2009-09-19
Content-Length
108832
tiempos-headline-web-semibold.woff
nationwide1.blob.core.windows.net/fonts/ 		48 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nationwide1.blob.core.windows.net/fonts/tiempos-headline-web-semibold.woff
Requested by
Host: client-tool.definedprotection.com
URL: https://client-tool.definedprotection.com/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.233.66 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e56aef8225aa1931bb35e407957a553b566ece6cb779ed0a8dcb0df7a2d377bb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client-tool.definedprotection.com/
Origin
https://client-tool.definedprotection.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 06 Jul 2024 23:03:46 GMT
Last-Modified
Wed, 01 Feb 2023 00:06:37 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
eoFAnFQW3ad7CPxijjY+Fg==
ETag
0x8DB03E82FF77F42
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
x-ms-request-id
c68204f4-a01e-001f-60f8-cfb5dc000000
Access-Control-Expose-Headers
Access-Control-Allow-Origin
x-ms-version
2009-09-19
Content-Length
49418

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.polyfill.io
URL
https://cdn.polyfill.io/v2/polyfill.min.js
Domain
celebrus-test.nationwide.com
URL
https://celebrus-test.nationwide.com/1122/js/events/v10/session.json

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| analytics object| ensBootstraps object| Bootstrapper function| $data function| $globals function| $getData function| cArray object| adobe function| Visitor object| s_c_il number| s_c_in object| visitor string| k object| CelebrusDataPrivacy string| nwcsadevuseCors string| nwcsadevuseSecureCookies function| nwcsadevonContentReady function| nwcsadevgHW object| nwcsadevRTEHandler object| nwcsadevVisibilityManager object| nwcsadevLogger function| nwcsadevoptIn function| nwcsadevoptOut function| nwcsadevanonymous function| nwcsadevdoReInit function| nwcsadevstop function| nwcsadevclearStoppedState function| nwcsadevexecuteJsonResponse function| nwcsadevexecuteReInitNow function| nwcsadevstart function| nwcsadeveQI function| nwcsadevfindCookieVal function| nwcsadevaddCookie function| nwcsadevcontentResponse function| nwcsadevevent function| nwcsadevclick function| nwcsadevselect function| nwcsadevtextchange function| nwcsadevformsubmit function| nwcsadevSendJsonData function| nwcsadevonInitialSessionInformationResponse function| nwcsadevonInPageSessionInformationResponse function| nwcsadevtrackYouTubeIframePlayer function| nwcsadevstopTrackingYouTubeIframePlayer function| nwcsadevgetSessionNumber function| nwcsadevgetSessionKey function| nwcsadevgetRealTimeId function| nwcsadevgetLoadBalancerId function| nwcsadevsetHttpRequestHeader function| nwcsadevqueueUserEvent function| nwcsadevgetOptOutStatus object| nwcsadevCelebrusApi object| nwcsadevInstance function| nwcsadevCelebrusVersion function| nwcsadevSystemUuid function| nwcsadevGo string| nwcsadevwindowID object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| getNameContent function| dcsMultiTrack function| fbq function| _fbq string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| visual-taggerDeps function| visual-taggerLoader object| fullstoryDeps function| fullstoryLoader object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate object| core function| visual-taggerIntegration function| Tracktor function| fullstoryIntegration boolean| _fs_is_outer_script boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS string| _fs_loaded function| _fs_shutdown object| regeneratorRuntime

14 Cookies

Domain/Path Name / Value
.definedprotection.com/ Name: AMCVS_1B3AA45570643167F000101%40AdobeOrg
Value: 1
.definedprotection.com/ Name: AMCV_1B3AA45570643167F000101%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19911%7CMCMID%7C92206201389826171435277776531261565366%7CMCOPTOUT-1720314221s%7CNONE%7CvVersion%7C5.1.1
.definedprotection.com/ Name: nwcsadevsession
Value: _17203070212360.4923764f2e88ba5f1d8ee8ec093096a4_1122
.definedprotection.com/ Name: _gcl_au
Value: 1.1.466087615.1720307021
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnFjlj_R981MGd1sm2hD52q3T8z6cQRN_ACQqcO33JtYLzu4QmJpj9hGdRfvX0
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.definedprotection.com/ Name: _ga_LL9L8XC6SH
Value: GS1.1.1720307021.1.0.1720307021.60.0.0
.definedprotection.com/ Name: _ga
Value: GA1.2.423426637.1720307022
.definedprotection.com/ Name: _gid
Value: GA1.2.567031002.1720307022
.definedprotection.com/ Name: _gat_gtag_UA_47687635_25
Value: 1
.definedprotection.com/ Name: ajs_anonymous_id
Value: 98827acb-2822-4602-be5c-ca380eae4e09
.definedprotection.com/ Name: fs_lua
Value: 1.1720307023134
.definedprotection.com/ Name: fs_uid
Value: #o-1HJTVJ-na1#cf800e46-2fa3-4762-a1cf-4c32438df66f:d9fa7c8c-ce26-42f8-9a29-8316a727b0e7:1720307023134::1#/1751843024

3 Console Messages

Source Level URL
Text
network error URL: https://cdn.polyfill.io/v2/polyfill.min.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://client-tool.definedprotection.com/
Message:
Access to XMLHttpRequest at 'https://celebrus-test.nationwide.com/1122/js/events/v10/session.json' from origin 'https://client-tool.definedprotection.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://celebrus-test.nationwide.com/1122/js/events/v10/session.json
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4246221.fls.doubleclick.net
ad.doubleclick.net
api.segment.io
cdn.polyfill.io
cdn.segment.com
cdnjs.cloudflare.com
celebrus-test.nationwide.com
client-tool.definedprotection.com
connect.facebook.net
dpatool-api.definedprotection.com
dpm.demdex.net
edge.fullstory.com
nationwide1.blob.core.windows.net
nexus.ensighten.com
region1.analytics.google.com
rs.fullstory.com
stats.g.doubleclick.net
tags.nationwide.com
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
cdn.polyfill.io
celebrus-test.nationwide.com
142.250.181.230
142.250.186.166
20.60.233.66
2001:4860:4802:34::36
23.213.161.219
2600:9000:218c:c200:2:8f43:5780:93a1
2606:4700::6811:190e
2a00:1450:4001:80b::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:828::2008
2a00:1450:400c:c0c::9b
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
35.186.194.58
35.201.112.186
40.112.184.16
40.112.187.241
44.234.198.184
54.155.49.201
99.86.90.76
0d256c5f09ea9105a277c5489b18e8982386869e65165683333469d035fba06b
0ffe19e1aa233694ab7693c1ae6b692e6363f41440f4f3d5bb7c082c4c7859eb
127b127b2d34c6b2d8eb4d957e966ec02ee5b523200c32b7495e085c64441cfb
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1e3cbc0bb25f0535fc838c55380560b58705195371a6d270f336d1239ed12609
1fef635a26906681e611401a9ae7ae556d088a259dc187400fc209660a4b1902
25ab5a94fc97efb247522246f697893ef2ecd686ede871deb9c8a162152b3cab
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd
2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
328784ddbeb8a3b9a65b422ee43be1d3f288e65f52c3f395cf8426c0a523e698
336801677fd7aeb293a7f64a9abcb9a5edd6a5d353385cc54f1dd0c26904b089
3437f195c3f03e93049d9ef9c9e79b2ebeb8b97339a268cf2d6e4ab38aee09c5
39d3aede35744b7a8fb367d23f1f094a3898c6942aa3f9ad425c4f7cebf35391
3a13b001783f3f4b4f8febaaa903cfa88f1cf064acd2b5955dbfc8aadb593c24
3c6f810a8bf801bf341b648417e8d063929a0c4286f16e34d88803a94fd1cd5e
44c35bed2f921fbce8d8303ef92b961d5fe0e7341e2dfa8791b4b246c443905f
49c01c20ef51773d1f5534a8c5aca6c706d90a46621b528f727ec11d3a7c182f
54d783a988611f6db7e25a5f62562441ca3730247be858f6ad67682ebc0381d0
57519014b711613de95bbe375fb3a2421b8fcbcfd0859bf1732ab7fb1a12190a
5a1ab6ff0827cb6f1424352224d30ac3e6e1a9ce003b110b0f44efbdcec333eb
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
759824406cc75c16174e26fb6e597c884cb7d850ee97dfc74a0f07f5a965f626
77dd56f6bf0c73a59c2f1a594d9a8307a54ab5a66f233115d0be61a2e0074e00
8d048692bd03b3bb7b61a635e1f0a090689ff52d7468c9d5ee6c975a86e663c4
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abf32abad3d51b8be3d229028a5114614f6d39ea693e5d315df8f91819789d9c
b115aaa91fd02f1f91a30e797581fb5930af64e4e8da18d7b098f5aced9d4e8f
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b9e81a47aecd3d05445ae775f48d08b3de46b2039f1d229a58a87be194e327ec
c49c201c2ac6c0c9b31fc75f457dfdb07e1ed9d825bda9369be91da9134d52df
d00e3d81635bab4cf3df6b173881fc7f7c0735b0761c2e5ed2e2c41e8b1e173a
d1cd66aad6e8934a7c8a06eacc81562ae4d49918dbcf86ddd6a70fc1f6c98398
d2b32e220ad8dff63287027f5426aa4bba32ecb24bb73246851f7f35a1183d25
d5650225b30b5d9f4d3b484a8e290818813274825e5c8d5775d052fd731e7800
d6dca480f8f5d2592557af1a1909b621828ba2fd06f626e98c8887f885c80467
d6dd3abedfffbf96474447df20151a9b45d5ace1a3580fa890f11153dcd97ed4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f907921ebd5d479ec14331d9e9ba06fdec4862c18878bf9d96f633c6479d9a
e56aef8225aa1931bb35e407957a553b566ece6cb779ed0a8dcb0df7a2d377bb
e9fda204818eb76752b45ba07f2a3357507dfbd1ffac18a8badebda6f96feab7
eab520fb59815cdbbaf81f5678b685511876d7ede46ad3ad93cc0a4260da1b51
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f908387823175b7d9097817c5f9cef879593f7eb9dbdc2ec8a218d688e405bae
f9890015e804725850f823dd283c2a6521ab7a3fb71aa65efd948db7f40cd880
fc34b01e99e81bb51d26d5906524ff56fcd5259badb023bf3222cca451443563