urlscan.io logo urlscan.io
SecurityTrails logo

dfs.nm.com Open in urlscan Pro
162.159.133.81  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dfs.nm.com/
Effective URL: https://dfs.nm.com/
Submission: On February 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 4 countries across 18 domains to perform 125 HTTP transactions. The main IP is 162.159.133.81, located in and belongs to CLOUDFLARENET, US. The main domain is dfs.nm.com.
TLS certificate: Issued by E1 on February 7th 2024. Valid for: 3 months.
This is the only time dfs.nm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 162.159.134.81 13335 (CLOUDFLAR...)
23 162.159.133.81 13335 (CLOUDFLAR...)
6 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2600:9000:266... 16509 (AMAZON-02)
1 2600:9000:237... 16509 (AMAZON-02)
1 167.212.46.138 33166 (BFS-49-33166)
3 54.247.186.102 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 1 54.72.59.114 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
3 18.245.31.38 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 18.245.46.12 16509 (AMAZON-02)
1 108.138.26.44 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:249... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 63.140.62.222 15224 (OMNITURE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 3.236.169.69 14618 (AMAZON-AES)
19 143.204.215.108 16509 (AMAZON-02)
125 26
1    162.159.134.81 (None, )

ASN13335 (CLOUDFLARENET, US)
dfs.nm.com
23    162.159.133.81 (None, )

ASN13335 (CLOUDFLARENET, US)
dfs.nm.com
6    2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
2    2600:9000:266e:4000:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
1    2600:9000:237d:5400:1a:df04:500:93a1 (United States)

ASN16509 (AMAZON-02, US)
media.northwesternmutual.com
1    167.212.46.138 (United States)

ASN33166 (BFS-49-33166, US)
mediahandler.broadridgeadvisor.com
3    54.247.186.102 (Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-186-102.eu-west-1.compute.amazonaws.com
dpm.demdex.net
northwesternmutual.demdex.net
9    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    54.72.59.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-59-114.eu-west-1.compute.amazonaws.com
cm.everesttech.net
15    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    18.245.31.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-38.fra56.r.cloudfront.net
player.flipsnack.com
2    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    18.245.46.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-12.fra56.r.cloudfront.net
d1fpu6k62r548q.cloudfront.net
1    108.138.26.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-44.fra56.r.cloudfront.net
content-private.flipsnack.com
4    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
13    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    2600:9000:2491:5e00:e:bd9b:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
d3u72tnj701eui.cloudfront.net
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.gstatic.com
1    63.140.62.222 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-222.data.adobedc.net
metricssecure.northwesternmutual.com
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:81c::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    3.236.169.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-236-169-69.compute-1.amazonaws.com
sqs.us-east-1.amazonaws.com
19    143.204.215.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-108.fra53.r.cloudfront.net
d1dhn91mufybwl.cloudfront.net
Apex Domain
Subdomains		 Transfer
24 nm.com
dfs.nm.com
831 KB
22 cloudfront.net
d1fpu6k62r548q.cloudfront.net
d3u72tnj701eui.cloudfront.net
d1dhn91mufybwl.cloudfront.net
4 MB
17 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 360
jnn-pa.googleapis.com — Cisco Umbrella Rank: 217
288 KB
15 youtube.com
www.youtube.com — Cisco Umbrella Rank: 74
2 MB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
179 KB
8 gstatic.com
fonts.gstatic.com
maps.gstatic.com
www.gstatic.com
140 KB
6 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 442
72 KB
4 flipsnack.com
player.flipsnack.com — Cisco Umbrella Rank: 114657
content-private.flipsnack.com — Cisco Umbrella Rank: 83554
2 MB
3 amazonaws.com
sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5391
2 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
static.doubleclick.net — Cisco Umbrella Rank: 257
1 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
northwesternmutual.demdex.net — Cisco Umbrella Rank: 241354
5 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
21 KB
2 northwesternmutual.com
media.northwesternmutual.com — Cisco Umbrella Rank: 232273
metricssecure.northwesternmutual.com — Cisco Umbrella Rank: 188794
17 KB
2 osano.com
cmp.osano.com — Cisco Umbrella Rank: 5027
96 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 226
2 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 91
68 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1312
517 B
1 broadridgeadvisor.com
mediahandler.broadridgeadvisor.com — Cisco Umbrella Rank: 674836
80 KB
125 18
Domain Requested by
24 dfs.nm.com 1 redirects dfs.nm.com
19 d1dhn91mufybwl.cloudfront.net dfs.nm.com
15 www.youtube.com dfs.nm.com
cmp.osano.com
www.youtube.com
13 maps.googleapis.com www.google.com
maps.googleapis.com
dfs.nm.com
9 www.googletagmanager.com dfs.nm.com
cmp.osano.com
6 assets.adobedtm.com dfs.nm.com
assets.adobedtm.com
cmp.osano.com
4 jnn-pa.googleapis.com www.youtube.com
4 fonts.gstatic.com www.youtube.com
3 sqs.us-east-1.amazonaws.com player.flipsnack.com
3 player.flipsnack.com dfs.nm.com
player.flipsnack.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 maps.gstatic.com www.google.com
dfs.nm.com
2 d1fpu6k62r548q.cloudfront.net player.flipsnack.com
dfs.nm.com
2 www.google.com dfs.nm.com
www.youtube.com
2 dpm.demdex.net assets.adobedtm.com
dfs.nm.com
2 cmp.osano.com dfs.nm.com
cmp.osano.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 metricssecure.northwesternmutual.com dfs.nm.com
1 d3u72tnj701eui.cloudfront.net player.flipsnack.com
1 content-private.flipsnack.com player.flipsnack.com
1 northwesternmutual.demdex.net cmp.osano.com
1 cm.everesttech.net 1 redirects
1 mediahandler.broadridgeadvisor.com dfs.nm.com
1 media.northwesternmutual.com dfs.nm.com
125 27
Subject Issuer Validity Valid
dfs.nm.com
E1		 2024-02-07 -
2024-05-07		 3 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
*.osano.com
Amazon RSA 2048 M03		 2023-10-18 -
2024-11-15		 a year crt.sh
media.northwesternmutual.com
Amazon RSA 2048 M02		 2023-07-01 -
2024-07-29		 a year crt.sh
broadridgeadvisor.com
Entrust Certification Authority - L1K		 2024-01-04 -
2025-02-01		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
flipsnack.com
Amazon RSA 2048 M02		 2023-11-18 -
2024-12-15		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
content-private.flipsnack.com
Amazon RSA 2048 M02		 2023-07-17 -
2024-08-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
metricssecure.northwesternmutual.com
Entrust Certification Authority - L1K		 2023-05-12 -
2024-05-12		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
queue.amazonaws.com
Amazon RSA 2048 M01		 2024-01-18 -
2024-12-28		 a year crt.sh

This page contains 6 frames:

Primary Page: https://dfs.nm.com/
Frame ID: 1E8BC03F9AEABC259E72474250553540
Requests: 49 HTTP requests in this frame

Frame: https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP&enablejsapi=1&origin=https:%2F%2Fdfs.nm.com
Frame ID: B34D4E3B7F86B68565D4BC7011471AE4
Requests: 27 HTTP requests in this frame

Frame: https://player.flipsnack.com/?hash=NTg4QzlCRkY4RDYremNqNGkzdW83aw==
Frame ID: 693A9F2FADF79634FB37036EC2780D5B
Requests: 30 HTTP requests in this frame

Frame: https://www.google.com/maps/embed/v1/place?key=AIzaSyBzAY38I87M0EEVaswXgLLq863vCge5s3E&q=1+RiverwaySuite+900,Houston,TX&zoom=14
Frame ID: C0DDD85723EFEE553A4A0E56825A98B7
Requests: 16 HTTP requests in this frame

Frame: https://northwesternmutual.demdex.net/dest5.html?d_nsid=0
Frame ID: 426EC240B95112EAE69AFCF3AFCC8289
Requests: 1 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 4886D6BDAF3435524E581E5FBBEE0A4A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dawson Financial Services | Houston, TX

Page URL History Show full URLs

  1. http://dfs.nm.com/ HTTP 301
    https://dfs.nm.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

125
Requests

95 %
HTTPS

59 %
IPv6

18
Domains

27
Subdomains

26
IPs

4
Countries

9291 kB
Transfer

25074 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dfs.nm.com/ HTTP 301
    https://dfs.nm.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://cm.everesttech.net/cm/dd?d_uuid=41335522694626182392924897799696150946 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZcY2RQAAABy7ywNx
Request Chain 86
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

125 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dfs.nm.com/
Redirect Chain
  • http://dfs.nm.com/
  • https://dfs.nm.com/
40 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e2863ef272e823e85e0e39b6c0c1d66cf5def24398bb6dad7ccfd5aada71a64
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
852ccacc09345c92-FRA
content-encoding
br
content-security-policy
frame-ancestors 'none';
content-type
text/html; charset=utf-8
cteonnt-length
45283
date
Fri, 09 Feb 2024 14:27:16 GMT
server
cloudflare
server-timing
fct
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

CF-RAY
852ccac9ef2c71ac-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 09 Feb 2024 14:27:16 GMT
Expires
Fri, 09 Feb 2024 15:27:16 GMT
Location
https://dfs.nm.com/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
launch-16ba86374f36-staging.min.js
assets.adobedtm.com/84f7e94eaa36/5bfb8ef34a6b/ 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/84f7e94eaa36/5bfb8ef34a6b/launch-16ba86374f36-staging.min.js
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a8661a2d46284120fff3b09c418954b322326a5f00c910749b7377c4ed7e1e51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Feb 2024 14:27:16 GMT
content-encoding
gzip
last-modified
Wed, 20 Sep 2023 18:21:50 GMT
server
AkamaiNetStorage
etag
"e7e8efeb93692f63460c54300a18423a:1695234110.003362"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://dfs.nm.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
57129
expires
Fri, 09 Feb 2024 14:27:16 GMT
plugins.css
dfs.nm.com/mediahandler/media/plugins_css/ 		1 KB
518 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dfs.nm.com/mediahandler/media/plugins_css/plugins.css
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
341f3a7cd4d7158b78347ca1ee6d382950824173c340b2237f6b5ea0e50274dd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/css
cache-control
private
server-timing
fct
cf-ray
852ccacd2af55c92-FRA
expires
Fri, 09 Feb 2024 14:57:16 GMT
Bootstrap-Icon.css
dfs.nm.com/mediahandler/media/Bootstrap_Icon_css/ 		82 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dfs.nm.com/mediahandler/media/Bootstrap_Icon_css/Bootstrap-Icon.css
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0dce0489aed76e8745c69af16f81e482b02e6c968676ea4e05b52e7dcefc1a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
content-encoding
br
server
cloudflare
ntcoent-length
83653
vary
Accept-Encoding
content-type
text/css
cache-control
private
server-timing
fct
cf-ray
852ccacd2af95c92-FRA
expires
Fri, 09 Feb 2024 14:57:17 GMT
theme-pcg.css
dfs.nm.com/mediahandler/media/483182/ 		511 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dfs.nm.com/mediahandler/media/483182/theme-pcg.css?optimize=false
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d57299eaccaf1b4e2d5c61a62810df772f7d7adbe5124395ede727e666df8c98
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/css
cache-control
private
server-timing
fct
cf-ray
852ccacd2afb5c92-FRA
expires
Fri, 09 Feb 2024 14:57:16 GMT
dfs-team-profiles.css
dfs.nm.com/mediahandler/media/587109/ 		102 B
280 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dfs.nm.com/mediahandler/media/587109/dfs-team-profiles.css
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eb433a336105ab445314869dace3697f36b9312c351abf8aedf0d620e1c30ce
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/css
cache-control
private
server-timing
fct
cf-ray
852ccacd2afd5c92-FRA
expires
Fri, 09 Feb 2024 14:57:16 GMT
boostrap-jquery.bundle.js
dfs.nm.com/mediahandler/media/bootstrap_jquery_bundle_js/ 		169 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dfs.nm.com/mediahandler/media/bootstrap_jquery_bundle_js/boostrap-jquery.bundle.js
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d350e9443930a0a31af2c6236e4b4a92976a6ec79961dc84e33c2cd6cae6e109
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
server-timing
fct
cf-ray
852ccacd2afe5c92-FRA
expires
Fri, 09 Feb 2024 14:57:16 GMT
osano.js
cmp.osano.com/AzZmYaTM49r5k39W/8af4852b-f312-40c0-9851-3ec88b8e7075/ 		358 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/AzZmYaTM49r5k39W/8af4852b-f312-40c0-9851-3ec88b8e7075/osano.js
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:4000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
3edf86b952b21e1c5be33c87f4c28d357f2b8e2276739c71123f3cd3fad7d28f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
content-encoding
br
via
1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
96541
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 27 Jul 2023 15:55:33 GMT
server
CloudFront
etag
"22ad23fefb8a2cb1025638c49c4d5cf8"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id
y4jXSQc5PIptdJfS02grHDPGFaX82wvOWSOF0bAt9EHDDwEwGdkyDg==
62e9c822-238a-47f7-7bdb-f282048e7468.png
media.northwesternmutual.com/images/field/team/56/logos/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.northwesternmutual.com/images/field/team/56/logos/62e9c822-238a-47f7-7bdb-f282048e7468.png
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:5400:1a:df04:500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
659c2c79528ed249cc4ca114c0883b6dfc7bfffc947597324016ead601258392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:25:13 GMT
x-amz-version-id
wuxUlpSyairBUZBKzq83CTlLR8Fht72.
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
MUC50-P2
age
125
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
16191
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 07 Sep 2023 20:25:42 GMT
server
AmazonS3
etag
"3354e020ecd43e409f0fe054c97d87f5"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
AP1Um4_KFU_elDzkcsNeiXv_TCpivS2i2Hs2IRQ57oHE9gpHXuCMZQ==
PCG-logo-blue.png
dfs.nm.com/mediahandler/media/576534/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dfs.nm.com/mediahandler/media/576534/PCG-logo-blue.png
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33749537311a47482f88759954f304af7c9b86df69aaba466695c37ff99818ee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
server
cloudflare
etag
he9Hu9hMLcqkNJP70ZR1XQ==
vary
Accept-Encoding
content-type
image/png
cache-control
private
server-timing
fct
accept-ranges
bytes
cf-ray
852ccacd2aff5c92-FRA
content-length
6164
expires
Fri, 09 Feb 2024 14:57:16 GMT
houston-business-journal-award.png
mediahandler.broadridgeadvisor.com/media/585541/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediahandler.broadridgeadvisor.com/media/585541/houston-business-journal-award.png
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.212.46.138 , United States, ASN33166 (BFS-49-33166, US),
Reverse DNS
Software
/
Resource Hash
9b9501f1ae733ae8c42ce5c7f263e76a8783fde0cc439a6dfe1c6e04ac909ca7
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Expires
Fri, 09 Feb 2024 14:57:17 GMT
Content-Security-Policy
default-src 'self'
Cache-Control
private
Date
Fri, 09 Feb 2024 14:27:17 GMT
ETag
CCC970C479D4C792D0B40BCAC9D731C9
Content-Length
81251
Content-Type
image/png
plugins.js
dfs.nm.com/mediahandler/media/plugins_js_v2/ 		65 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dfs.nm.com/mediahandler/media/plugins_js_v2/plugins.js
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe561bfd378a8b98506af695679aab2eadbd6d03e76b78f98494c0efdc5bccc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
server-timing
fct
cf-ray
852ccad06f545c92-FRA
expires
Fri, 09 Feb 2024 14:57:17 GMT
jquery.validation.js
dfs.nm.com/mediahandler/media/jquery_validation_js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dfs.nm.com/mediahandler/media/jquery_validation_js/jquery.validation.js
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
550e94238924d8a1a750b147d847a75f45f6a8c146be283f370ba3868ee6b3e6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
server-timing
fct
cf-ray
852ccad06f575c92-FRA
expires
Fri, 09 Feb 2024 14:57:17 GMT
main.js
dfs.nm.com/mediahandler/media/main_js_v2/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dfs.nm.com/mediahandler/media/main_js_v2/main.js
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dbd9b26fcd9fcbdc6610c8022fa562cb91566e3fe8ac6db8f9066e03a377ce5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
server-timing
fct
cf-ray
852ccad06f585c92-FRA
expires
Fri, 09 Feb 2024 14:57:17 GMT
submitHandler.js
dfs.nm.com/mediahandler/media/submit_handler_js_v2/ 		953 B
504 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dfs.nm.com/mediahandler/media/submit_handler_js_v2/submitHandler.js
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6a8320b01517e89db1a9958ba3ebf318e96bd17b42032de78c9257d27c0662
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
server-timing
fct
cf-ray
852ccad06f5c5c92-FRA
expires
Fri, 09 Feb 2024 14:57:17 GMT
theme-pcg.js
dfs.nm.com/mediahandler/media/483183/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dfs.nm.com/mediahandler/media/483183/theme-pcg.js
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a071a9c76513d4791a2ddc114c06dc12c8f176f318ed1670cf03be835e77d450
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
server-timing
fct
cf-ray
852ccad06f5f5c92-FRA
expires
Fri, 09 Feb 2024 14:57:17 GMT
ec-site-public.js
dfs.nm.com/mediahandler/media/ec-site-public_js_root/ 		49 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dfs.nm.com/mediahandler/media/ec-site-public_js_root/ec-site-public.js
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2201224babbcff0aaa9b0ccce34a74dc19de01eb76c9775dee6e0b1e21233635
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
server-timing
fct
cf-ray
852ccad06f605c92-FRA
expires
Fri, 09 Feb 2024 14:57:17 GMT
ec-site-encryption.js
dfs.nm.com/mediahandler/media/ec-site-encryption_js_root/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dfs.nm.com/mediahandler/media/ec-site-encryption_js_root/ec-site-encryption.js
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2614953eedb9d2c6ef2171faeca72d6f91bbd3ad7fd9e0a706a47f16c63bff2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
server-timing
fct
cf-ray
852ccad06f615c92-FRA
expires
Fri, 09 Feb 2024 14:57:17 GMT
global.js
dfs.nm.com/mediahandler/media/global_js_v2/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dfs.nm.com/mediahandler/media/global_js_v2/global.js
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e9f1790245ae42f8f92af236c11fa9c07a88a74b1c1c08599e0d5d38ea230b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
server-timing
fct
cf-ray
852ccad06f625c92-FRA
expires
Fri, 09 Feb 2024 14:57:17 GMT
NM.js
dfs.nm.com/mediahandler/media/NM_js/ 		350 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dfs.nm.com/mediahandler/media/NM_js/NM.js
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb4bb0991f2b009502fb03ebc47599be67e12ae862154af001cc0c56f8be6739
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
server-timing
fct
cf-ray
852ccad06f635c92-FRA
expires
Fri, 09 Feb 2024 14:57:17 GMT
id
dpm.demdex.net/ 		377 B
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=96F7370453295EBB0A490D44%40AdobeOrg&d_nsid=0&ts=1707488836735
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/84f7e94eaa36/5bfb8ef34a6b/launch-16ba86374f36-staging.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.247.186.102 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-186-102.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
af15683045768a762e9d1fd1ed55a649728d385cb16293dc51f288970772e667
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dfs.nm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-irl1-1-v054-06695c737.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Fri, 09 Feb 2024 14:27:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
utCPi3ElRmE=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://dfs.nm.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
316
expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/84f7e94eaa36/5bfb8ef34a6b/launch-16ba86374f36-staging.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://dfs.nm.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12384
expires
Fri, 09 Feb 2024 15:27:17 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/84f7e94eaa36/5bfb8ef34a6b/launch-16ba86374f36-staging.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://dfs.nm.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1598
expires
Fri, 09 Feb 2024 15:27:17 GMT
gtm.js
www.googletagmanager.com/ 		266 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MZ3BX95
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b1f1ed06a4c5b0c8326e1adfc376bd788eb3d9f8533a97999675b2701e6ec5c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91115
x-xss-protection
0
last-modified
Fri, 09 Feb 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 09 Feb 2024 14:27:17 GMT
ibs:dpid=411&dpuuid=ZcY2RQAAABy7ywNx
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=41335522694626182392924897799696150946
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZcY2RQAAABy7ywNx
42 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZcY2RQAAABy7ywNx
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Server
54.247.186.102 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-186-102.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-0a4549a0d.edge-irl1.demdex.com 10 ms
pragma
no-cache
date
Fri, 09 Feb 2024 14:27:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
95+YBlF/QC8=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZcY2RQAAABy7ywNx
Date
Fri, 09 Feb 2024 14:27:17 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
3b99b850-1352-4dd8-a36c-baf15ca1f824
https://dfs.nm.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dfs.nm.com/3b99b850-1352-4dd8-a36c-baf15ca1f824
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
livljWXG6sk
www.youtube.com/embed/ Frame B34D 		93 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f82a921a2aa764b1f9c9ba80adced857d8e23d1aff027d52c14905e0a9fb2022
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dfs.nm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Feb 2024 14:27:17 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
/
player.flipsnack.com/ Frame 693A 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.flipsnack.com/?hash=NTg4QzlCRkY4RDYremNqNGkzdW83aw==
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-38.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
117559579c69d5c2aabdb3c33e619c27430bea4b653d02a0c75798a88f670ce3

Request headers

Referer
https://dfs.nm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21172
alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html
date
Fri, 09 Feb 2024 08:34:25 GMT
etag
W/"a3175d73a35f1790b6d95f12dbaf42ed"
last-modified
Thu, 08 Feb 2024 08:34:14 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
x-amz-cf-id
f_ZiWI-ImH66EdYFqx5UMOLERV7gbD27w_vK4fMyL6wLhwqljlU3zg==
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
x-amz-version-id
eM2h9WP9I8q.o7GOAthsOndLqRCZxFFM
x-cache
Hit from cloudfront
place
www.google.com/maps/embed/v1/ Frame C0DD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed/v1/place?key=AIzaSyBzAY38I87M0EEVaswXgLLq863vCge5s3E&q=1+RiverwaySuite+900,Houston,TX&zoom=14
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
97f4305a203854d16ff9f182460d9f39cb68a34fd883d426a1859d6c3f29b83d
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-rFmOWwhHBFYOpiLAH5_FZw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dfs.nm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
939
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-rFmOWwhHBFYOpiLAH5_FZw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Fri, 09 Feb 2024 14:27:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Accept-Language Origin X-Origin Referer
x-content-type-options
nosniff
x-xss-protection
0
dest5.html
northwesternmutual.demdex.net/ Frame 426E 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://northwesternmutual.demdex.net/dest5.html?d_nsid=0
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZmYaTM49r5k39W/8af4852b-f312-40c0-9851-3ec88b8e7075/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.247.186.102 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-186-102.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dfs.nm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 09 Feb 2024 14:27:17 GMT
dcs
dcs-prod-irl1-1-v054-01a4861f9.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Fri, 17 Nov 2023 11:52:54 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
1SWYK0HOSgM=
downtown-background.jpg
dfs.nm.com/mediahandler/media/523387/ 		345 KB
346 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dfs.nm.com/mediahandler/media/523387/downtown-background.jpg
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec5eda8ed681cfb55eb7d4a3dc4e798e6a1c6deca45260a5c430594111f62af
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
server
cloudflare
etag
EQMeEiTDBzx0myz4NqjpzQ==
vary
Accept-Encoding
content-type
image/jpeg
cache-control
private
server-timing
fct
accept-ranges
bytes
cf-ray
852ccad08f8a5c92-FRA
content-length
353655
expires
Fri, 09 Feb 2024 14:57:17 GMT
PCG-Blue.png
dfs.nm.com/mediahandler/media/pcg_blue_image/ 		131 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dfs.nm.com/mediahandler/media/pcg_blue_image/PCG-Blue.png
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/mediahandler/media/483182/theme-pcg.css?optimize=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0904b47d67bce0450be13a50d4ae66bd83321909b33badb65a7070122224847
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/mediahandler/media/483182/theme-pcg.css?optimize=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
server
cloudflare
etag
dzdLdEdnVwT4z5CgLbrynw==
vary
Accept-Encoding
content-type
image/png
cache-control
private
server-timing
fct
accept-ranges
bytes
cf-ray
852ccad09f8b5c92-FRA
content-length
134107
expires
Fri, 09 Feb 2024 14:57:17 GMT
GuardianSans-Light.woff2
dfs.nm.com/mediahandler/mediakit/theme_pcg_mediakit/theme-pcg/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dfs.nm.com/mediahandler/mediakit/theme_pcg_mediakit/theme-pcg/fonts/GuardianSans-Light.woff2
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/mediahandler/media/483182/theme-pcg.css?optimize=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07e18441fa38b8adc48aa308a19b0f4f6248aefe05d0b9c6320b6eb6716c4d38
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dfs.nm.com/mediahandler/media/483182/theme-pcg.css?optimize=false
Origin
https://dfs.nm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
server
cloudflare
etag
cSo+k3piafqxMFm+zzKhGw==
vary
Accept-Encoding
content-type
application/font-woff2
cache-control
private
server-timing
fct
accept-ranges
bytes
cf-ray
852ccad09f8e5c92-FRA
content-length
37268
expires
Fri, 09 Feb 2024 14:57:17 GMT
GuardianSans-Regular.woff2
dfs.nm.com/mediahandler/mediakit/theme_pcg_mediakit/theme-pcg/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dfs.nm.com/mediahandler/mediakit/theme_pcg_mediakit/theme-pcg/fonts/GuardianSans-Regular.woff2
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/mediahandler/media/483182/theme-pcg.css?optimize=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94f1ed9594aa9778a404dc31673ccfcb84f949f471277732228fa058a3846f8e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dfs.nm.com/mediahandler/media/483182/theme-pcg.css?optimize=false
Origin
https://dfs.nm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
server
cloudflare
etag
CMYLrJkKPtk/n7b7f/I4sQ==
vary
Accept-Encoding
content-type
application/font-woff2
cache-control
private
server-timing
fct
accept-ranges
bytes
cf-ray
852ccad09f915c92-FRA
content-length
35472
expires
Fri, 09 Feb 2024 14:57:17 GMT
GuardianSans-Bold.woff2
dfs.nm.com/mediahandler/mediakit/theme_pcg_mediakit/theme-pcg/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dfs.nm.com/mediahandler/mediakit/theme_pcg_mediakit/theme-pcg/fonts/GuardianSans-Bold.woff2
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/mediahandler/media/483182/theme-pcg.css?optimize=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e3e6740940d41c9a0e491dbbae4769ddb9acad7819c5018b02045223dba1f57
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dfs.nm.com/mediahandler/media/483182/theme-pcg.css?optimize=false
Origin
https://dfs.nm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
server
cloudflare
etag
HV0NOenAnAIS0uMOWNcdTw==
vary
Accept-Encoding
content-type
application/font-woff2
cache-control
private
server-timing
fct
accept-ranges
bytes
cf-ray
852ccad09f935c92-FRA
content-length
37300
expires
Fri, 09 Feb 2024 14:57:17 GMT
Tandelle-Regular.woff2
dfs.nm.com/mediahandler/mediakit/theme_pcg_mediakit/theme-pcg/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dfs.nm.com/mediahandler/mediakit/theme_pcg_mediakit/theme-pcg/fonts/Tandelle-Regular.woff2
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/mediahandler/media/483182/theme-pcg.css?optimize=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8d83dffd0c27cb0a184740d12319241c511eddb84801d18155d7c7ffcedd5d7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dfs.nm.com/mediahandler/media/483182/theme-pcg.css?optimize=false
Origin
https://dfs.nm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
server
cloudflare
etag
9OXKGbvbdCZXK9NJKyrc8A==
vary
Accept-Encoding
content-type
application/font-woff2
cache-control
private
server-timing
fct
accept-ranges
bytes
cf-ray
852ccad09f945c92-FRA
content-length
16796
expires
Fri, 09 Feb 2024 14:57:17 GMT
GuardianSans-Medium.woff2
dfs.nm.com/mediahandler/mediakit/theme_pcg_mediakit/theme-pcg/fonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dfs.nm.com/mediahandler/mediakit/theme_pcg_mediakit/theme-pcg/fonts/GuardianSans-Medium.woff2
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/mediahandler/media/483182/theme-pcg.css?optimize=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17faaef1337fd8db359d6cb29e4f24c76da134b74b07a51720ea9bde0bd30395
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dfs.nm.com/mediahandler/media/483182/theme-pcg.css?optimize=false
Origin
https://dfs.nm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
server
cloudflare
etag
aGpDlF/unHrWYHrS9M77EQ==
vary
Accept-Encoding
content-type
application/font-woff2
cache-control
private
server-timing
fct
accept-ranges
bytes
cf-ray
852ccad09f965c92-FRA
content-length
36640
expires
Fri, 09 Feb 2024 14:57:17 GMT
reader.gz.js
player.flipsnack.com/ Frame 693A 		9 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.flipsnack.com/reader.gz.js
Requested by
Host: player.flipsnack.com
URL: https://player.flipsnack.com/?hash=NTg4QzlCRkY4RDYremNqNGkzdW83aw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-38.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3cac3851e717ba9209f6fd3785e2de3f48dd9eea84f5ee04927a0c678ef13e39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/?hash=NTg4QzlCRkY4RDYremNqNGkzdW83aw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
cXHpC1I9Mr7TrVGKm07f6JJxyYdLT1wm
content-encoding
gzip
via
1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
date
Fri, 09 Feb 2024 08:34:26 GMT
x-amz-cf-pop
FRA56-P8
age
21172
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1704347
last-modified
Thu, 08 Feb 2024 08:34:15 GMT
server
AmazonS3
etag
"5e426975be73a968965495e41eb97aa3"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
Ta6OmS1UCi3rEBLFvBJq1ubcgvLzjrkeA_OenpLuOdtGYLYVv6oEPA==
handleUnsupportedBrowsers.gz.js
player.flipsnack.com/ Frame 693A 		827 B
847 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.flipsnack.com/handleUnsupportedBrowsers.gz.js
Requested by
Host: player.flipsnack.com
URL: https://player.flipsnack.com/?hash=NTg4QzlCRkY4RDYremNqNGkzdW83aw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-38.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3364f0b3a8390239ce287a57e41103afef8e8294cc90ae79402f500f391233d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/?hash=NTg4QzlCRkY4RDYremNqNGkzdW83aw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
oErKiS8bkeifpKYZhs_Gp91h4570vZjq
content-encoding
gzip
via
1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
date
Fri, 09 Feb 2024 08:34:26 GMT
x-amz-cf-pop
FRA56-P8
age
21172
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
395
last-modified
Thu, 08 Feb 2024 08:34:15 GMT
server
AmazonS3
etag
"c040a39d816f855e57e591a834fda70a"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
mYqYZrjupJeIFSMsmhEj9WiwHT10JGl1tFtlHk-DxWePgCnxHfEVtQ==
Roboto-Regular.ttf
d1fpu6k62r548q.cloudfront.net/css/fonts/ Frame 693A 		164 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1fpu6k62r548q.cloudfront.net/css/fonts/Roboto-Regular.ttf
Requested by
Host: player.flipsnack.com
URL: https://player.flipsnack.com/?hash=NTg4QzlCRkY4RDYremNqNGkzdW83aw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4e147ab64b9fdf6d89d01f6b8c3ca0b3cddc59d608a8e2218f9a2504b5c98e14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://player.flipsnack.com/
Origin
https://player.flipsnack.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:18 GMT
content-encoding
gzip
via
1.1 0b328de7c6916513ee4489477445f2e2.cloudfront.net (CloudFront)
x-amz-version-id
I1V8gNDnx8XnbIpc_JHhpcAlm0Kgz_gW
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
88450
last-modified
Wed, 24 Aug 2022 12:12:47 GMT
server
AmazonS3
etag
"9b5b6239d8b6a23d1847fe8781b82d94"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, PUT, POST
content-type
font/ttf
access-control-allow-origin
*
cache-control
315360000
accept-ranges
bytes
x-amz-cf-id
ESwXtTrVYhVBkri_HktQVvCQdxaldDG14xNa1C1LYQc03lWwJnWgEw==
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZmYaTM49r5k39W/8af4852b-f312-40c0-9851-3ec88b8e7075/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96469ec71636303e1b8e7ca9369b3fa55a2cf1712c9cb1a5b2064381522cae6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Fri, 09 Feb 2024 14:27:17 GMT
0136e35b-aa66-4600-83e0-ac6334be093e
https://dfs.nm.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dfs.nm.com/0136e35b-aa66-4600-83e0-ac6334be093e
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
f89ff841-8da5-4ab7-a820-94e1a92bf0f4
https://dfs.nm.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dfs.nm.com/f89ff841-8da5-4ab7-a820-94e1a92bf0f4
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
js
www.googletagmanager.com/gtag/ 		264 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XZB74B89SG&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZmYaTM49r5k39W/8af4852b-f312-40c0-9851-3ec88b8e7075/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0dc461290c49cfe195983b52bf1a55f2f6b22172fa4b6c6d06af86039caecc30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91461
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 09 Feb 2024 14:27:17 GMT
www-widgetapi.js
www.youtube.com/s/player/5e928255/www-widgetapi.vflset/ 		216 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5e928255/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZmYaTM49r5k39W/8af4852b-f312-40c0-9851-3ec88b8e7075/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266a29bf57b54d51f7289747197132d43179b4f024d61069dbaea01da8012d13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 10:55:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
12722
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68548
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 05:19:47 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 08 Feb 2025 10:55:15 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-XZB74B89SG&v=3&t=t&pid=1536763976&cv=1&rv=4270&tc=15&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=dfs.nm.com%2F&tdp=G-XZB74B89SG;85432488;1;6;0&z=0
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=G-XZB74B89SG&v=3&t=t&pid=1536763976&cv=1&rv=4270&tc=15&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=dfs.nm.com%2F&tdp=G-XZB74B89SG;85432488;1;6;0&z=0
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Feb 2024 14:27:17 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-XZB74B89SG&v=3&t=t&pid=1536763976&cv=1&rv=4270&tc=15&es=1&e=gtm.init&eid=0&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdautoredact.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-XZB74B89SG&v=3&t=t&pid=1536763976&cv=1&rv=4270&tc=15&es=1&e=*&eid=1&h=Ag&z=0
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-XZB74B89SG&v=3&t=t&pid=1536763976&cv=1&rv=4270&tc=15&es=1&e=gtag.config&eid=2&u=AAAAggAIAAAAACA&h=Ag&epr=1G.3G&tr=1gct&ti=1gct&z=0
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-XZB74B89SG&v=3&t=t&pid=1536763976&cv=1&rv=4270&tc=15&e=gtm.init&eid=0&u=AAAAggAIAAAAACA&h=Ag&tr=5ogt1pdatav2.5ccdgafirst.5setproductsettings.5ogtgooglesignals.5ccdgaregscope.5ccdemdownload.5ccdemoutboundclick.5ccdempageview.5ccdemscroll.5ccdemsitesearch.5ccdemvideo.5ccdconversionmarking.5ccdautoredact.5ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
authorization
content-private.flipsnack.com/ Frame 693A 		660 B
981 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content-private.flipsnack.com/authorization?hash=NTg4QzlCRkY4RDYremNqNGkzdW83aw==
Requested by
Host: player.flipsnack.com
URL: https://player.flipsnack.com/reader.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-44.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
33ef9e779639409c19c0d258367eb81b75230c04d48b4449216cc00377edd08d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
vary
Origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://player.flipsnack.com
alt-svc
h3=":443"; ma=86400
content-length
660
x-amz-cf-id
9MQgnmBnAsLoR6BXBdfNOs-JYeV9Nx-mlhzmBFhT6Wosv8q_WCQyeQ==
www-player.css
www.youtube.com/s/player/5e928255/ Frame B34D 		361 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5e928255/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fade87adb180b7d137c67f5c200574f11fb934a71d95b591eb40a26539a1e769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 05:29:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
32293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47709
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 05:19:47 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 08 Feb 2025 05:29:04 GMT
embed.js
www.youtube.com/s/player/5e928255/player_ias.vflset/de_DE/ Frame B34D 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5e928255/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4477cc1d3a00ba28e00eb28355765bcd1d0c69671b9f6fc7b929240cf3f75809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 08:33:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
280450
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17058
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 05:19:47 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 05 Feb 2025 08:33:07 GMT
www-embed-player.js
www.youtube.com/s/player/5e928255/www-embed-player.vflset/ Frame B34D 		319 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5e928255/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
426e7b6570795bc7db0f653c34b536c2a5d266d08b225a12a874e43097c33063
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 10:41:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
13543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97419
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 05:19:47 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 08 Feb 2025 10:41:34 GMT
base.js
www.youtube.com/s/player/5e928255/player_ias.vflset/de_DE/ Frame B34D 		2 MB
776 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5e928255/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b91a25704b26bbac73e73d60a9d63467c0cc3ad638c30058dc224097560692c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 23:55:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
794540
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 05:19:47 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 06 Feb 2025 23:55:01 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B34D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 05:31:50 GMT
x-content-type-options
nosniff
age
377727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Feb 2025 05:31:50 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B34D 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 09:09:14 GMT
x-content-type-options
nosniff
age
278283
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Feb 2025 09:09:14 GMT
/
cmp.osano.com/ Frame 4886 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZmYaTM49r5k39W/8af4852b-f312-40c0-9851-3ec88b8e7075/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:4000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d932915f06b485aab480eb817ad7e34c684cb9272fb3a1d6ec13372b15b80945
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dfs.nm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
73465
alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html
date
Thu, 08 Feb 2024 18:02:53 GMT
etag
W/"48a0e738f84f45eb10ccd17ff6e09429"
last-modified
Tue, 06 Feb 2024 18:00:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
x-amz-cf-id
-ZLWDnzPSIfs0R1onvrOiLRDzVlFWq5Slfl-Q9JUliqVN3g2KYSKsw==
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
x-amz-version-id
POJv8cLnvurN8PIkBGZX7_kfH6.eePMP
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
RCc75bcde55ddb4167be55000dbb30da01-source.min.js
assets.adobedtm.com/84f7e94eaa36/5bfb8ef34a6b/df2b3f05854a/ 		859 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/84f7e94eaa36/5bfb8ef34a6b/df2b3f05854a/RCc75bcde55ddb4167be55000dbb30da01-source.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZmYaTM49r5k39W/8af4852b-f312-40c0-9851-3ec88b8e7075/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3b361e014313eea7998fb0a6a5a25668dea8c514cac6d6f348da4866d6b52322

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
content-encoding
gzip
last-modified
Wed, 20 Sep 2023 18:21:50 GMT
server
AkamaiNetStorage
etag
"563d1a68c2956c2c8657d6d652e6a31d:1695234110.709897"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://dfs.nm.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
364
expires
Fri, 09 Feb 2024 15:27:17 GMT
RC7b1cb42bdcc945deae7814c75906d1d0-source.min.js
assets.adobedtm.com/84f7e94eaa36/5bfb8ef34a6b/df2b3f05854a/ 		414 B
518 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/84f7e94eaa36/5bfb8ef34a6b/df2b3f05854a/RC7b1cb42bdcc945deae7814c75906d1d0-source.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZmYaTM49r5k39W/8af4852b-f312-40c0-9851-3ec88b8e7075/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5d871135959bb17f0afd138ae294e7e7bde97a6ca46a57d0098dbdd40518ed4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
content-encoding
gzip
last-modified
Wed, 20 Sep 2023 18:21:50 GMT
server
AkamaiNetStorage
etag
"563d1a68c2956c2c8657d6d652e6a31d:1695234110.709897"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://dfs.nm.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
266
expires
Fri, 09 Feb 2024 15:27:17 GMT
livljWXG6sk
www.youtube.com/embed/ Frame B34D 		91 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP&enablejsapi=1&origin=https:%2F%2Fdfs.nm.com
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
39c84c97192ee5226f07a8a7b661d11cacbe357e342a3bcb7f452813be5fea41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dfs.nm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Feb 2024 14:27:18 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
RCea14a0a9dc274b7f9604b8a866d8b720-source.min.js
assets.adobedtm.com/84f7e94eaa36/5bfb8ef34a6b/df2b3f05854a/ 		370 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/84f7e94eaa36/5bfb8ef34a6b/df2b3f05854a/RCea14a0a9dc274b7f9604b8a866d8b720-source.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZmYaTM49r5k39W/8af4852b-f312-40c0-9851-3ec88b8e7075/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9b218f5adea306c5f271e05e6d75fbffe174aef549d0b7abc305018491cd92c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
content-encoding
gzip
last-modified
Wed, 20 Sep 2023 18:21:50 GMT
server
AkamaiNetStorage
etag
"563d1a68c2956c2c8657d6d652e6a31d:1695234110.709897"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://dfs.nm.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
240
expires
Fri, 09 Feb 2024 15:27:17 GMT
js
maps.googleapis.com/maps/api/ Frame C0DD 		187 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed/v1/place?key=AIzaSyBzAY38I87M0EEVaswXgLLq863vCge5s3E&q=1+RiverwaySuite+900,Houston,TX&zoom=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
c450afb9ba65e5c28d11b1473f3706e1cf46ed252868aa46096fc4761adb98e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65900
x-xss-protection
0
data.json
d3u72tnj701eui.cloudfront.net/588C9BFF8D6/collections/zcj4i3uo7k/ Frame 693A 		18 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d3u72tnj701eui.cloudfront.net/588C9BFF8D6/collections/zcj4i3uo7k/data.json?Signature=K1VwTOKUpn4gj9S8S5JCdJkBCnJK4JCm3vbkkFXWDtyc6XdEtL29u9mQ8Qmm-P4XWOW4AVhHIOLk8%7EQNzbi6U639GjusBcYyi3bZX6NRj5IiucskLbvDkz9QEaoFby5ygU4ExRW4Rqn4ArD2-gpStb2TOgqU5dY2pWIWsg310a0OlVU5xxuoi9ChPyMfSnNg9hC5A3gV8CQQiJjOyJ6pSjs14spA0%7EBqNfSWDkpckK7Em21fJy5-Oif5YnycM%7Epx3TxolhQTEjlIHTiBLRuGmRLLIwjyNG4r5IAfzdC8RPYI-33yIeXurF0dsVdugoJqe1iKfzmiZ8GUeZp1edrgvw__&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9kM3U3MnRuajcwMWV1aS5jbG91ZGZyb250Lm5ldC81ODhDOUJGRjhENi9jb2xsZWN0aW9ucy96Y2o0aTN1bzdrLyoiLCJDb25kaXRpb24iOnsiRGF0ZUxlc3NUaGFuIjp7IkFXUzpFcG9jaFRpbWUiOjE3MDc0ODg5NTd9fX1dfQ__&Key-Pair-Id=KKS5Y1MBXEN2R
Requested by
Host: player.flipsnack.com
URL: https://player.flipsnack.com/reader.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:5e00:e:bd9b:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd488cb90e9bfcacdf0aa5bf9e9d38bb6b218733ee0c518ec88b7f09c59f2da2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:19 GMT
content-encoding
gzip
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-version-id
LnuNLmVOdtRT4U4sDzwAuf7itP2I_DHo
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P7
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
6718
last-modified
Sat, 10 Jun 2023 22:46:03 GMT
server
AmazonS3
etag
"a0bb9f9c0615d70f01c39ce2b416eb5f"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
x-amz-cf-id
0FEzTm2jMiflRSTIZqJ_FckmWysC6lK1ym6BkCh9GU58P9mvbnypAw==
gen_204
maps.googleapis.com/maps/api/mapsjs/ Frame C0DD 		3 B
46 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.google.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
init_embed.js
maps.gstatic.com/maps-api-v3/embed/js/55/11/intl/de_ALL/ Frame C0DD 		227 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.gstatic.com/maps-api-v3/embed/js/55/11/intl/de_ALL/init_embed.js
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed/v1/place?key=AIzaSyBzAY38I87M0EEVaswXgLLq863vCge5s3E&q=1+RiverwaySuite+900,Houston,TX&zoom=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2c563c46ae28515dd7e9093b30c42f79c7850057251d4ffb9349e518a0db2be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 18:46:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
157251
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61478
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 18:44:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Feb 2025 18:46:26 GMT
s09333800742233
metricssecure.northwesternmutual.com/b/ss/nmdevglobaldata/1/JS-2.23.0-LDQM/ 		43 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metricssecure.northwesternmutual.com/b/ss/nmdevglobaldata/1/JS-2.23.0-LDQM/s09333800742233?AQB=1&ndh=1&pf=1&t=9%2F1%2F2024%2015%3A27%3A17%205%20-60&mid=39701250949135806022797499886043508711&aamlh=6&ce=UTF-8&g=https%3A%2F%2Fdfs.nm.com%2F&cc=USD&ch=Field%20Websites%20-%20Website%20Manager%20Platform&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&h1=%2F&l2=Universal_Global_Push-Data-Layer%20%2CAA_DL_global-page-rule%2C&c7=15&v7=15&c8=Friday&v8=Friday&c9=https%3A%2F%2Fdfs.nm.com%2F&v9=https%3A%2F%2Fdfs.nm.com%2F&v16=https%3A%2F%2Fdfs.nm.com&v17=%2F&v199=Client%20%26%20Consumer%3A%20Field%20Websites%20-%20Website%20Manager%20Platform%7Cstaging%7C2023-09-20T18%3A21%3A40Z&v200=AA_DL_global-page-rule&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=96F7370453295EBB0A490D44%40AdobeOrg&AQE=1
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.222 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-222.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Feb 2024 14:27:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Sat, 10 Feb 2024 14:27:18 GMT
server
jag
etag
3666804358949502976-4617748495278541121
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 08 Feb 2024 14:27:18 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/55/11/intl/de_ALL/ Frame C0DD 		255 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/11/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9dc83e305cd9df53f563b779a4400ca13252f7686303dc90579741276ebe523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 18:46:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
157252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56705
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 18:44:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Feb 2025 18:46:25 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/55/11/intl/de_ALL/ Frame C0DD 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/11/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b67fa9d9cea06d520cc18c812be2a501053afad7e18fc14d3496cc12198fc08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 18:46:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
157252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57065
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 18:44:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Feb 2025 18:46:25 GMT
map.js
maps.googleapis.com/maps-api-v3/api/js/55/11/intl/de_ALL/ Frame C0DD 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/11/intl/de_ALL/map.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14c3ac02945b29d6ea1e3a67b82362744395c22b931f1e4663ae7001f0f31602
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 18:46:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
157252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24016
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 18:44:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Feb 2025 18:46:25 GMT
overlay.js
maps.googleapis.com/maps-api-v3/api/js/55/11/intl/de_ALL/ Frame C0DD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/11/intl/de_ALL/overlay.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1af296f7dbae52d107b841150ae8458af99faea48a47d73bd70efde51940a6fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 18:46:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
157252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1291
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 18:44:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Feb 2025 18:46:25 GMT
truncated
/ Frame C0DD 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame C0DD 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i984693&2i1733551&2e1&3u14&4m2&1u475&2u250&5m5&1e0&5sde-DE&6sus&10b1&12b1&client=google-maps-embed&token=101525
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
a5fb5fd24b5f3c7f96e39badc850018e5d9e2654683f50df8b0cb47244107688
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:18 GMT
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=86400
server-timing
gfet4t7; dur=197
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34406
x-xss-protection
0
expires
Sat, 10 Feb 2024 14:27:18 GMT
onion.js
maps.googleapis.com/maps-api-v3/api/js/55/11/intl/de_ALL/ Frame C0DD 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/11/intl/de_ALL/onion.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce53f20a1ab3ce0af89f14e8c7b66dc782ae26f40903717f8b0735b94cde6f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 18:46:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
157252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9033
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 18:44:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Feb 2025 18:46:25 GMT
search_impl.js
maps.googleapis.com/maps-api-v3/api/js/55/11/intl/de_ALL/ Frame C0DD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/11/intl/de_ALL/search_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2634007df1d9905483b5d756f0949bfa8314b41dc4996a9d64339518e699655
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 18:46:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
157252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1256
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 18:44:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Feb 2025 18:46:25 GMT
openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame C0DD 		326 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/openhand_8_8.cur
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:17 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/bmp
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Fri, 09 Feb 2024 14:27:17 GMT
GetViewportInfo
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ Frame C0DD 		19 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
10584d37200c976483af050be542bef331e25bb51daf5c62685a9ab673ba16dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Maps-Channel-Id
X-User-Agent
grpc-web-javascript/0.1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json+protobuf
X-Goog-Maps-Client-Id
google-maps-embed
Referer
https://www.google.com/
X-Goog-Api-Key
X-Goog-Maps-API-Signature
24257
X-Goog-Maps-API-Salt
f9mnq63FU

Response headers

date
Fri, 09 Feb 2024 14:27:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.google.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2961
x-xss-protection
0
GetViewportInfo
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-channel-id,x-goog-maps-client-id,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-channel-id,x-goog-maps-client-id,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.google.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 09 Feb 2024 14:27:17 GMT
server
scaffolding on HTTPServer2
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
www-player.css
www.youtube.com/s/player/5e928255/ Frame B34D 		361 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5e928255/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP&enablejsapi=1&origin=https:%2F%2Fdfs.nm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fade87adb180b7d137c67f5c200574f11fb934a71d95b591eb40a26539a1e769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP&enablejsapi=1&origin=https:%2F%2Fdfs.nm.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 05:29:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
32294
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47709
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 05:19:47 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 08 Feb 2025 05:29:04 GMT
embed.js
www.youtube.com/s/player/5e928255/player_ias.vflset/de_DE/ Frame B34D 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5e928255/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP&enablejsapi=1&origin=https:%2F%2Fdfs.nm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4477cc1d3a00ba28e00eb28355765bcd1d0c69671b9f6fc7b929240cf3f75809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP&enablejsapi=1&origin=https:%2F%2Fdfs.nm.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 08:33:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
280451
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17058
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 05:19:47 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 05 Feb 2025 08:33:07 GMT
www-embed-player.js
www.youtube.com/s/player/5e928255/www-embed-player.vflset/ Frame B34D 		319 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5e928255/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP&enablejsapi=1&origin=https:%2F%2Fdfs.nm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
426e7b6570795bc7db0f653c34b536c2a5d266d08b225a12a874e43097c33063
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP&enablejsapi=1&origin=https:%2F%2Fdfs.nm.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 10:41:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
13544
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97419
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 05:19:47 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 08 Feb 2025 10:41:34 GMT
base.js
www.youtube.com/s/player/5e928255/player_ias.vflset/de_DE/ Frame B34D 		2 MB
776 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5e928255/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP&enablejsapi=1&origin=https:%2F%2Fdfs.nm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b91a25704b26bbac73e73d60a9d63467c0cc3ad638c30058dc224097560692c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP&enablejsapi=1&origin=https:%2F%2Fdfs.nm.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 23:55:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138737
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
794540
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 05:19:47 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 06 Feb 2025 23:55:01 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B34D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP&enablejsapi=1&origin=https:%2F%2Fdfs.nm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 05:31:50 GMT
x-content-type-options
nosniff
age
377728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Feb 2025 05:31:50 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B34D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP&enablejsapi=1&origin=https:%2F%2Fdfs.nm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 09:09:14 GMT
x-content-type-options
nosniff
age
278284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Feb 2025 09:09:14 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame C0DD 		62 B
84 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&2sgoogle-maps-embed&7m2&1e0&5e0&8b1&callback=_xdc_._d3n312&client=google-maps-embed&token=88110
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/55/11/intl/de_ALL/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
6e4775246df842ebbb24475d2fbc20cefbce7ff329c9fd24d59e8856f8afff8e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Feb 2024 14:27:18 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
QuotaService.RecordEvent
maps.googleapis.com/maps/api/js/ Frame C0DD 		62 B
83 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&2sgoogle-maps-embed&7seqrni0&10e1&11b1&callback=_xdc_._n61i4s&client=google-maps-embed&token=102295
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/55/11/intl/de_ALL/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
9b718f44e5e962e39afc40ba2b386fe054247a912067b58c9432f14045400a1c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Feb 2024 14:27:18 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=10
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame B34D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP&enablejsapi=1&origin=https:%2F%2Fdfs.nm.com
Protocol
H2
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
552e4189318317258fee5dc733e532d89e0c7a8c9c29a05c5171f30a8b5a204f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 09 Feb 2024 14:27:18 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame B34D 		29 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:26:44 GMT
x-content-type-options
nosniff
age
34
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 09 Feb 2024 14:41:44 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 09 Feb 2024 14:27:18 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame B34D 		86 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
05e2143abbc01d9af38607349b584efa625cd51e087cfe7ca08a03e4bc5e0b37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 09 Feb 2024 14:27:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40678
x-xss-protection
0
remote.js
www.youtube.com/s/player/5e928255/player_ias.vflset/de_DE/ Frame B34D 		118 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5e928255/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffe92518d1f7d4ef6e6996a45ef583dbb59013c0ef004e84eee9d8a915c8aa5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP&enablejsapi=1&origin=https:%2F%2Fdfs.nm.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 00:01:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
138344
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33978
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 05:19:47 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 07 Feb 2025 00:01:34 GMT
wAFWjcG1j0S59k6y9gmRkscrkcYt8sjUn-04af-yL2Q.js
www.google.com/js/th/ Frame B34D 		50 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/wAFWjcG1j0S59k6y9gmRkscrkcYt8sjUn-04af-yL2Q.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c001568dc1b58f44b9f64eb2f6099192c72b91c62df2c8d49fed3869ffb22f64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 18:58:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
70104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19705
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Feb 2025 18:58:54 GMT
maxresdefault.jpg
i.ytimg.com/vi/livljWXG6sk/ Frame B34D 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/livljWXG6sk/maxresdefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP&enablejsapi=1&origin=https:%2F%2Fdfs.nm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42051c09cda033328df34de5c76c9f07f71a27129b8592e69ebdbe0cdcdc85b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:18 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69512
x-xss-protection
0
server
sffe
etag
"1679583845"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 09 Feb 2024 16:27:18 GMT
truncated
/ Frame B34D 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/png
kEAn7WZencBhysyPp6A1FkwvI2QT-x295R1URzcWLWui_51jy7Dsji6ljFXHaJfqq8P8gPDOUw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame B34D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/kEAn7WZencBhysyPp6A1FkwvI2QT-x295R1URzcWLWui_51jy7Dsji6ljFXHaJfqq8P8gPDOUw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP&enablejsapi=1&origin=https:%2F%2Fdfs.nm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
be69441ca26824a4a72ba9b4c3f7020bca8331f0b7b6739c8ecfb2d5726bcb1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:18 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2011
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 10 Feb 2024 14:27:18 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame B34D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 09 Feb 2024 14:27:18 GMT
Roboto-Bold.ttf
d1fpu6k62r548q.cloudfront.net/css/fonts/ Frame 693A 		163 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1fpu6k62r548q.cloudfront.net/css/fonts/Roboto-Bold.ttf
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec685a46105296fe46c8744da4a11cf8118ba6c11271941766f7a546df6aa7c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://player.flipsnack.com/
Origin
https://player.flipsnack.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:19 GMT
content-encoding
gzip
via
1.1 0b328de7c6916513ee4489477445f2e2.cloudfront.net (CloudFront)
x-amz-version-id
SjKb3iBzhiBu4wRv.EW3POFtt0ZlcGrh
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
88968
last-modified
Wed, 24 Aug 2022 12:12:47 GMT
server
AmazonS3
etag
"9de7a4aade0c697c2db1960023afd922"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, PUT, POST
content-type
font/ttf
access-control-allow-origin
*
cache-control
315360000
accept-ranges
bytes
x-amz-cf-id
UdVHrZkrpK3CUU7E_TdaN1vOSQvl9CIb5sYsjZ3hQlimH_I3A4SuMw==
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 09 Feb 2024 14:27:18 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame B34D 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e690e8ba40c70c0ed3b23a569670ca5b0c21335bd898e6159197fa7dfc4ac847
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 09 Feb 2024 14:27:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
flip-sts
sqs.us-east-1.amazonaws.com/756737886395/ Frame 693A 		378 B
682 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sqs.us-east-1.amazonaws.com/756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%2239f3515d99664bbc9775e1248a930371%22%2C%22ch%22%3A%22zcj4i3uo7k%22%2C%22cih%22%3A%22d4b8936ce0827010cec83ei137907566%22%2C%22e%22%3A%5B%7B%22eid%22%3A1%7D%5D%2C%22ts%22%3A1707488838%7D
Requested by
Host: player.flipsnack.com
URL: https://player.flipsnack.com/reader.gz.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.236.169.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-236-169-69.compute-1.amazonaws.com
Software
/
Resource Hash
dec2d98d80c0dd09c5bb08461b4b2c5db2e36891d53d78c8f262d1e3faef74a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date
Fri, 09 Feb 2024 14:27:18 GMT
connection
keep-alive
x-amzn-RequestId
0f7f8096-da08-563f-97b1-ded6e28e78e4
Content-Length
378
Content-Type
text/xml
original
d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_1/ Frame 693A 		703 KB
704 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_1/original?version=1
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4323b11c96e4f62eb0c4a4878adfdfdb00b0e18862cf7db692d0901a2ddfa8e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 09:47:13 GMT
x-amz-version-id
t0JO3w7iRlK6QaW5HXSWc_vpuEH5dEvi
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
103206
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
STANDARD_IA
alt-svc
h3=":443"; ma=86400
content-length
719859
last-modified
Thu, 16 Feb 2023 21:37:56 GMT
server
AmazonS3
etag
"4721ecb866db72bda59702b56a4c59eb"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
aMtbD1JwLUfDOoMKKRR1619KYHMPLcBuM6Jb7gfg-ghjCfmSefW6EA==
original
d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_2/ Frame 693A 		461 KB
462 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_2/original?version=1
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87486324757d38d309c7c932bfc158fcaf9498dd865876217ea1aef7408a2c17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 09:47:13 GMT
x-amz-version-id
kf8I4p00MAHHzQkaoUYH7SCAhHiIUFIC
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
103205
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
STANDARD_IA
alt-svc
h3=":443"; ma=86400
content-length
472060
last-modified
Thu, 16 Feb 2023 21:37:56 GMT
server
AmazonS3
etag
"aab2505fcc1387528877a2fe2d20ac09"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WUAb98ydcjTdowhQW-EiaQiHO8qA4wBl0-MwMIdT2xNBzF_0ozw5yQ==
original
d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_3/ Frame 693A 		506 KB
507 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_3/original?version=1
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a128f6eb92b05cc2843ec8d0dc6d5da920a481b4d829e2e571729bc08de00413

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 09:47:15 GMT
x-amz-version-id
nnTH0.wYVeOVNP4o9Tt_hKTQzrDLoGzc
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
103204
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
STANDARD_IA
alt-svc
h3=":443"; ma=86400
content-length
517858
last-modified
Thu, 16 Feb 2023 21:37:56 GMT
server
AmazonS3
etag
"aa6164667e8e8d7fd6202ce864b45504"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
EyvvhOs0pj9kiLEFakefxbvRvb3vN3HJpx5zZARh5LylBYfDEIMvCw==
original
d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_4/ Frame 693A 		406 KB
407 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_4/original?version=1
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3522e967150fdd3614c62a46cceb3f78ca65dd6e680c5a78d42ce4903fd322c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 09:47:14 GMT
x-amz-version-id
wZjIC8V7Qxjndvc88IMDXlZZryN2kvAy
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
103204
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
STANDARD_IA
alt-svc
h3=":443"; ma=86400
content-length
415475
last-modified
Thu, 16 Feb 2023 21:37:56 GMT
server
AmazonS3
etag
"66f12731ad3a3e8200a3beb62171e89a"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
5ZYd7Fpuo8neDU4bOH5kmzbDn2krUAPAc7-vYPJGhoFOFMMw8cWhzA==
original
d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_5/ Frame 693A 		418 KB
419 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_5/original?version=1
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
876f628dd4e28661e5b29a31215e246112d95614de1be1407cd6552c02aa8cf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 09:47:15 GMT
x-amz-version-id
X7tUHeekMGuu47pb3GFEYJHkLqTA2R74
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
103203
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
STANDARD_IA
alt-svc
h3=":443"; ma=86400
content-length
427620
last-modified
Thu, 16 Feb 2023 21:37:56 GMT
server
AmazonS3
etag
"c5c5c4befa5af98830347851f131a147"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
69avr4ESl1mOrqSqS8zoyQi_SKJuECI7ubpspMzsPtsHpoaEcK0oHg==
flip-sts
sqs.us-east-1.amazonaws.com/756737886395/ Frame 693A 		378 B
682 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sqs.us-east-1.amazonaws.com/756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%2239f3515d99664bbc9775e1248a930371%22%2C%22ch%22%3A%22zcj4i3uo7k%22%2C%22cih%22%3A%22d4b8936ce0827010cec83ei137907566%22%2C%22e%22%3A%5B%7B%22eid%22%3A6%2C%22pid%22%3A%222%22%7D%5D%2C%22ts%22%3A1707488838%7D
Requested by
Host: player.flipsnack.com
URL: https://player.flipsnack.com/reader.gz.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.236.169.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-236-169-69.compute-1.amazonaws.com
Software
/
Resource Hash
335ba93b5e8150ead26fd82d85038ffa3a96c92902aa67956ad24a43d7fa8ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date
Fri, 09 Feb 2024 14:27:18 GMT
connection
keep-alive
x-amzn-RequestId
b2ddf631-e652-5704-a951-a871ded41c07
Content-Length
378
Content-Type
text/xml
small
d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_1/ Frame 693A 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_1/small?version=1
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95369ec7fbff4464b81aef3ecef9a97ff2aa298bc00cb2f9a98b042ec4ce83ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 09:47:16 GMT
x-amz-version-id
W8MMVN._MAirhd_NBQXKnCliz5Wv0mih
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
103203
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
66958
last-modified
Thu, 16 Feb 2023 21:37:56 GMT
server
AmazonS3
etag
"d288482c9f74b5a5aa0fd4b2ce8c4ae0"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Z4m3GKM7oiW9p-gs1Xr6pYkvLX23tdAZIT3hp98XyaZVQ7UILmTvVg==
small
d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_2/ Frame 693A 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_2/small?version=1
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cba86b067191d09251580cb38b1b93d9deec4caccc148a4ad5ee2c132f0e673e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 09:47:16 GMT
x-amz-version-id
imUoY5BRthywyWnRU8nMdZNFjGoxkqC6
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
103203
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
35801
last-modified
Thu, 16 Feb 2023 21:37:56 GMT
server
AmazonS3
etag
"5291bbe1fb9a3218d52c0e9f1b6b92fd"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
0ZPiVhPJcFyo_eO66WcL-p-ikR1z6qAdmnx01K1SbD47x85nLbLrJg==
small
d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_3/ Frame 693A 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_3/small?version=1
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f884e3e6f790c3d3e2b43e01f6d9b3698e05d38a61ad124e7954993fde726fa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 09:47:17 GMT
x-amz-version-id
5OOY9VNb1kUYJUnjZqBEWVktp_ISdd7C
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
103202
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
47336
last-modified
Thu, 16 Feb 2023 21:37:56 GMT
server
AmazonS3
etag
"774255c25c53173891501d1921f83c7c"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
XqMnSemv8ez2BPS9Qq9koKh41b77P_pNfk61QdXmcakXAWUyRMgRvw==
small
d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_4/ Frame 693A 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_4/small?version=1
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84f8e1caa4fa50b348e685ef10dbf5e9898d160a1702275dcf7321e6cc988721

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 09:47:17 GMT
x-amz-version-id
bMXh._OQcCoMPaadkz8hTSto0RbaScAb
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
103202
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
38343
last-modified
Thu, 16 Feb 2023 21:37:56 GMT
server
AmazonS3
etag
"5e56255dfb949652919b2282bf459b74"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
b9_uFqy_mwHAB3KZ6bjYzsEUY7vJI7zUun8mdeg4OqdxY7StlST0Ng==
small
d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_5/ Frame 693A 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_5/small?version=1
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66ac8452068f211a8002cb604b6bf4e68bcf5a5b629087e0ef210fa19de90460

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 09:47:17 GMT
x-amz-version-id
vof2yOfZqlSQKlr7qZJYWj8Uq8Up7SU2
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
103202
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
39988
last-modified
Thu, 16 Feb 2023 21:37:57 GMT
server
AmazonS3
etag
"6be1b036c8b71990d32589980c4b7699"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
5rl0EgfjD5HrZWLMLsG6KU70vcdYb0XxK-aTr4FaUH17NUPWYFTdRg==
cast_sender.js
www.gstatic.com/eureka/clank/121/ Frame B34D 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/121/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 00:08:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 16:05:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 10 Feb 2024 00:08:23 GMT
generate_204
www.youtube.com/ Frame B34D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?3D1RGw
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP&enablejsapi=1&origin=https:%2F%2Fdfs.nm.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
original
d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_5/ Frame 693A 		298 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_5/original?version=1
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 09:47:15 GMT
x-amz-version-id
X7tUHeekMGuu47pb3GFEYJHkLqTA2R74
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
age
103203
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
STANDARD_IA
alt-svc
h3=":443"; ma=86400
content-length
427620
last-modified
Thu, 16 Feb 2023 21:37:56 GMT
server
AmazonS3
etag
"c5c5c4befa5af98830347851f131a147"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
XTqz2Kz8U0l8XKsPoPlmIvrwYpIrBuMgTRMouKy7LDEiMJQ9i4Z8LA==
original
d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_4/ Frame 693A 		398 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_4/original?version=1
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 09:47:14 GMT
x-amz-version-id
wZjIC8V7Qxjndvc88IMDXlZZryN2kvAy
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
age
103204
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
STANDARD_IA
alt-svc
h3=":443"; ma=86400
content-length
415475
last-modified
Thu, 16 Feb 2023 21:37:56 GMT
server
AmazonS3
etag
"66f12731ad3a3e8200a3beb62171e89a"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
XeeRDHsjL6zUmKjQLu7XwI1hT9dQUd7JwbylmVIoxMoKi1sTMJZ-bg==
small
d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_1/ Frame 693A 		0
0
original
d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_3/ Frame 693A 		256 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_3/original?version=1
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 09:47:15 GMT
x-amz-version-id
nnTH0.wYVeOVNP4o9Tt_hKTQzrDLoGzc
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
age
103204
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
STANDARD_IA
alt-svc
h3=":443"; ma=86400
content-length
517858
last-modified
Thu, 16 Feb 2023 21:37:56 GMT
server
AmazonS3
etag
"aa6164667e8e8d7fd6202ce864b45504"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
JID7urirbwA-K7eg8SPYZRuas1TKgCpjIdEbL03cDb6sAXGBeuiOnw==
original
d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_2/ Frame 693A 		240 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_2/original?version=1
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 09:47:13 GMT
x-amz-version-id
kf8I4p00MAHHzQkaoUYH7SCAhHiIUFIC
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
age
103205
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
STANDARD_IA
alt-svc
h3=":443"; ma=86400
content-length
472060
last-modified
Thu, 16 Feb 2023 21:37:56 GMT
server
AmazonS3
etag
"aab2505fcc1387528877a2fe2d20ac09"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
SBM3stO2YEhpwh02W-IiAOV_iE6Z_ONcsnF7QDkCl-J5C-bmCdWM9A==
original
d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_1/ Frame 693A 		703 KB
704 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_1/original?version=1
Requested by
Host: dfs.nm.com
URL: https://dfs.nm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4323b11c96e4f62eb0c4a4878adfdfdb00b0e18862cf7db692d0901a2ddfa8e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 09:47:13 GMT
x-amz-version-id
t0JO3w7iRlK6QaW5HXSWc_vpuEH5dEvi
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
age
103206
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
STANDARD_IA
alt-svc
h3=":443"; ma=86400
content-length
719859
last-modified
Thu, 16 Feb 2023 21:37:56 GMT
server
AmazonS3
etag
"4721ecb866db72bda59702b56a4c59eb"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WGB2LFrreuBP1BZNVziHBm9bF6W09djLeVdcpTAHW6RYPm1SKrM4JA==
small
d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_2/ Frame 693A 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_2/small?version=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cba86b067191d09251580cb38b1b93d9deec4caccc148a4ad5ee2c132f0e673e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 09:47:16 GMT
x-amz-version-id
imUoY5BRthywyWnRU8nMdZNFjGoxkqC6
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
age
103203
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
35801
last-modified
Thu, 16 Feb 2023 21:37:56 GMT
server
AmazonS3
etag
"5291bbe1fb9a3218d52c0e9f1b6b92fd"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
H8yx3i57U3DlGI5q5GXygdFo7_2eakkW6PyNo-vc1DhUuivw59uGhg==
small
d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_3/ Frame 693A 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_3/small?version=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f884e3e6f790c3d3e2b43e01f6d9b3698e05d38a61ad124e7954993fde726fa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 09:47:17 GMT
x-amz-version-id
5OOY9VNb1kUYJUnjZqBEWVktp_ISdd7C
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
age
103202
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
47336
last-modified
Thu, 16 Feb 2023 21:37:56 GMT
server
AmazonS3
etag
"774255c25c53173891501d1921f83c7c"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Lh87UV7gcolAtnZ9TN5De3M2uTjztC0Znp36Fv8uEXq0kqu8Uf4IUg==
small
d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_4/ Frame 693A 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_4/small?version=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84f8e1caa4fa50b348e685ef10dbf5e9898d160a1702275dcf7321e6cc988721

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 09:47:17 GMT
x-amz-version-id
bMXh._OQcCoMPaadkz8hTSto0RbaScAb
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
age
103202
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
38343
last-modified
Thu, 16 Feb 2023 21:37:56 GMT
server
AmazonS3
etag
"5e56255dfb949652919b2282bf459b74"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WboqUqErsHqbp0mbxAeaCELRu89Yu57EVfqkh8uMNRaIjyxHYlpnBA==
small
d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_5/ Frame 693A 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_5/small?version=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66ac8452068f211a8002cb604b6bf4e68bcf5a5b629087e0ef210fa19de90460

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 09:47:17 GMT
x-amz-version-id
vof2yOfZqlSQKlr7qZJYWj8Uq8Up7SU2
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
age
103202
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
39988
last-modified
Thu, 16 Feb 2023 21:37:57 GMT
server
AmazonS3
etag
"6be1b036c8b71990d32589980c4b7699"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Z55s2mfeHy1YQhxvMrklacX8KrLSFHIlBFUxFLapnQZnemsuQy_lIA==
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-XZB74B89SG&v=3&t=t&pid=1536763976&cv=1&rv=4270&tc=15&es=1&e=gtm.load&eid=12&u=AgAAggAIAAAAACA&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfs.nm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:27:21 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
log_event
www.youtube.com/youtubei/v1/ Frame B34D 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
X-Goog-Request-Time
1707488840339
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/livljWXG6sk?si=zSM2H0cUXAOtMOlP&enablejsapi=1&origin=https:%2F%2Fdfs.nm.com
X-YouTube-Client-Version
1.20240205.00.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtMb2FkTF93NlhlSSjF7JiuBjIKCgJERRIEEgAgOQ%3D%3D
X-YouTube-Ad-Signals
dt=1707488838087&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C682%2C384&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 09 Feb 2024 14:27:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Fri, 09 Feb 2024 14:27:21 GMT
flip-sts
sqs.us-east-1.amazonaws.com/756737886395/ Frame 693A 		378 B
682 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sqs.us-east-1.amazonaws.com/756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%2239f3515d99664bbc9775e1248a930371%22%2C%22ch%22%3A%22zcj4i3uo7k%22%2C%22cih%22%3A%22d4b8936ce0827010cec83ei137907566%22%2C%22e%22%3A%5B%7B%22eid%22%3A3%2C%22t%22%3A5001%7D%2C%7B%22eid%22%3A10%2C%22pid%22%3A%222%22%2C%22t%22%3A5001%7D%5D%2C%22ts%22%3A1707488843%7D
Requested by
Host: player.flipsnack.com
URL: https://player.flipsnack.com/reader.gz.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.236.169.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-236-169-69.compute-1.amazonaws.com
Software
/
Resource Hash
c0323186507e6cc6555f5c946159f5c04382045758fd7587579e371c6f93ee72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.flipsnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date
Fri, 09 Feb 2024 14:27:23 GMT
connection
keep-alive
x-amzn-RequestId
8f8d1fac-65d9-542f-bd36-41ec5d521f2c
Content-Length
378
Content-Type
text/xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d1dhn91mufybwl.cloudfront.net
URL
https://d1dhn91mufybwl.cloudfront.net/collections/items/d4b8936ce0827010cec83ei137907566/covers/page_1/small?version=1

Verdicts & Comments Add Verdict or Comment

226 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| _satellite boolean| __satelliteLoaded object| adobeDataLayer object| adobe function| Visitor object| s_c_il number| s_c_in object| dataLayer function| $ function| jQuery object| bootstrap function| Osano function| __uspapi function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| gaGlobal object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| a11yLinks function| a11yLists function| a11yBtns function| a11yAltTag function| a11yNewtab function| a11yHtags function| showMoreSections function| maxTextEllipses function| counter function| countAnimation function| modalFocus function| resourcesContent function| emptyInput function| selectbox function| checkbox function| accordionImgChange function| dismiss function| navigationActive function| connectMenu function| connectMenuResponsive function| toggleMenu function| toggleMenuResponsive function| stickyNav function| navBarBrandImg function| hTagBranding function| dropdownMenu function| heroResponsive function| heroClasses function| tabSwitch function| tabSideSwitch function| mapContainer function| a11yContactList function| leadForm function| GridFocus function| highlightsImgCover function| countVertical function| setCSS function| hideIt function| fadeIt function| simpleShow function| renameElement string| a11yTitleText object| $newElement object| $this number| resizedFinished function| formSuccess function| formError function| linkStyle function| modalClose function| toggleNav function| dropdownHover function| tabs function| team2col function| profileIcon function| formUpdates function| officeContact function| eventBanner function| resourceIcons function| highlightsHeight function| heroTheme function| heroSlider function| loadHero function| carouselSlider function| loadCarousels function| loadTheme function| showMoreSectionsSpecific object| $hgroup object| $subtitle function| validateXslt object| EC function| zeros function| zclip function| nbits function| badd function| bsub function| ip function| bsqr function| bmul function| toppart function| bdiv function| simplemod function| bmod function| bmod2 function| bexpmod function| bmodexp function| RSAencrypt function| RSAdecrypt function| mpi2b function| b2mpi function| B0 function| B1 function| B2 function| B3 function| F1 function| packBytes function| unpackBytes function| keyExpansion function| AESencrypt function| s2r function| r2s function| rc4Init function| rc4Next function| keyByte function| keyPressEntropy function| mouseByte function| mouseMoveEntropy function| eventsEnd function| eventsCollect function| randomByte function| timeByte function| rnTimer function| randomString function| hex2s function| crc24 function| GPGencrypt function| GPGpkt function| GPGpkesk function| GPGld function| GPGsed function| doEncrypt number| bs number| bx2 number| bm number| bx number| bd number| bdm number| log2 object| Rcon object| S object| T1 object| T2 object| T3 object| T4 number| maxkc number| maxrk string| b64s undefined| oldKeyHandler number| keyRead number| keyNext object| keyArray number| mouseMoveSkip undefined| oldMoveHandler number| mouseRead number| mouseNext object| mouseArray number| x number| y object| rnArray number| rnNext number| rnRead number| bpbl function| globalFormSuccess function| globalFormOnSubmit function| globalFormError function| formBinding function| initializeAdditionalFormValidation function| loadEventInfoIntoModal function| loadProfileInfoIntoModal string| agentId object| litHtmlVersions number| j object| adobeDataMap string| clean_name object| s_i_nmdevglobaldata number| navH

8 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 41335522694626182392924897799696150946
.nm.com/ Name: AMCVS_96F7370453295EBB0A490D44%40AdobeOrg
Value: 1
.nm.com/ Name: AMCV_96F7370453295EBB0A490D44%40AdobeOrg
Value: 1176715910%7CMCIDTS%7C19763%7CMCMID%7C39701250949135806022797499886043508711%7CMCAAMLH-1708093636%7C6%7CMCAAMB-1708093636%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1707496036s%7CNONE%7CvVersion%7C5.4.0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZcY2RQAAABy7ywNx
.dpm.demdex.net/ Name: dpm
Value: 41335522694626182392924897799696150946
.youtube.com/ Name: YSC
Value: eZz5yZKvPPk
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: LoadL_w6XeI
dfs.nm.com/ Name: nscookie
Value: 475ca3ddbf9180d3e0b47cf9eba21cf202a08fbfb543edb3d2fa660ef65860924fa94083

39 Console Messages

Source Level URL
Text
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/(Line 353)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/(Line 353)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/(Line 354)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/(Line 354)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/(Line 354)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/(Line 354)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/(Line 359)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/(Line 359)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dfs.nm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cm.everesttech.net
cmp.osano.com
content-private.flipsnack.com
d1dhn91mufybwl.cloudfront.net
d1fpu6k62r548q.cloudfront.net
d3u72tnj701eui.cloudfront.net
dfs.nm.com
dpm.demdex.net
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
maps.googleapis.com
maps.gstatic.com
media.northwesternmutual.com
mediahandler.broadridgeadvisor.com
metricssecure.northwesternmutual.com
northwesternmutual.demdex.net
player.flipsnack.com
sqs.us-east-1.amazonaws.com
static.doubleclick.net
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
d1dhn91mufybwl.cloudfront.net
108.138.26.44
143.204.215.108
162.159.133.81
162.159.134.81
167.212.46.138
18.245.31.38
18.245.46.12
2600:9000:237d:5400:1a:df04:500:93a1
2600:9000:2491:5e00:e:bd9b:5a80:93a1
2600:9000:266e:4000:3:b7e:8940:93a1
2a00:1450:4001:806::2002
2a00:1450:4001:811::2008
2a00:1450:4001:811::2016
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2006
2a00:1450:4001:81c::200a
2a00:1450:4001:827::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2004
2a02:26f0:3500:591::1e80
3.236.169.69
54.247.186.102
54.72.59.114
63.140.62.222
05e2143abbc01d9af38607349b584efa625cd51e087cfe7ca08a03e4bc5e0b37
07e18441fa38b8adc48aa308a19b0f4f6248aefe05d0b9c6320b6eb6716c4d38
0dc461290c49cfe195983b52bf1a55f2f6b22172fa4b6c6d06af86039caecc30
0e2863ef272e823e85e0e39b6c0c1d66cf5def24398bb6dad7ccfd5aada71a64
0e3e6740940d41c9a0e491dbbae4769ddb9acad7819c5018b02045223dba1f57
10584d37200c976483af050be542bef331e25bb51daf5c62685a9ab673ba16dd
117559579c69d5c2aabdb3c33e619c27430bea4b653d02a0c75798a88f670ce3
14c3ac02945b29d6ea1e3a67b82362744395c22b931f1e4663ae7001f0f31602
17faaef1337fd8db359d6cb29e4f24c76da134b74b07a51720ea9bde0bd30395
1a6a8320b01517e89db1a9958ba3ebf318e96bd17b42032de78c9257d27c0662
1af296f7dbae52d107b841150ae8458af99faea48a47d73bd70efde51940a6fb
1dbd9b26fcd9fcbdc6610c8022fa562cb91566e3fe8ac6db8f9066e03a377ce5
2201224babbcff0aaa9b0ccce34a74dc19de01eb76c9775dee6e0b1e21233635
266a29bf57b54d51f7289747197132d43179b4f024d61069dbaea01da8012d13
335ba93b5e8150ead26fd82d85038ffa3a96c92902aa67956ad24a43d7fa8ac5
3364f0b3a8390239ce287a57e41103afef8e8294cc90ae79402f500f391233d4
33749537311a47482f88759954f304af7c9b86df69aaba466695c37ff99818ee
33ef9e779639409c19c0d258367eb81b75230c04d48b4449216cc00377edd08d
341f3a7cd4d7158b78347ca1ee6d382950824173c340b2237f6b5ea0e50274dd
39c84c97192ee5226f07a8a7b661d11cacbe357e342a3bcb7f452813be5fea41
3b361e014313eea7998fb0a6a5a25668dea8c514cac6d6f348da4866d6b52322
3b67fa9d9cea06d520cc18c812be2a501053afad7e18fc14d3496cc12198fc08
3cac3851e717ba9209f6fd3785e2de3f48dd9eea84f5ee04927a0c678ef13e39
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3edf86b952b21e1c5be33c87f4c28d357f2b8e2276739c71123f3cd3fad7d28f
42051c09cda033328df34de5c76c9f07f71a27129b8592e69ebdbe0cdcdc85b8
426e7b6570795bc7db0f653c34b536c2a5d266d08b225a12a874e43097c33063
4323b11c96e4f62eb0c4a4878adfdfdb00b0e18862cf7db692d0901a2ddfa8e8
4477cc1d3a00ba28e00eb28355765bcd1d0c69671b9f6fc7b929240cf3f75809
4e147ab64b9fdf6d89d01f6b8c3ca0b3cddc59d608a8e2218f9a2504b5c98e14
4eb433a336105ab445314869dace3697f36b9312c351abf8aedf0d620e1c30ce
550e94238924d8a1a750b147d847a75f45f6a8c146be283f370ba3868ee6b3e6
552e4189318317258fee5dc733e532d89e0c7a8c9c29a05c5171f30a8b5a204f
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d871135959bb17f0afd138ae294e7e7bde97a6ca46a57d0098dbdd40518ed4e
659c2c79528ed249cc4ca114c0883b6dfc7bfffc947597324016ead601258392
66ac8452068f211a8002cb604b6bf4e68bcf5a5b629087e0ef210fa19de90460
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6e4775246df842ebbb24475d2fbc20cefbce7ff329c9fd24d59e8856f8afff8e
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
84f8e1caa4fa50b348e685ef10dbf5e9898d160a1702275dcf7321e6cc988721
87486324757d38d309c7c932bfc158fcaf9498dd865876217ea1aef7408a2c17
876f628dd4e28661e5b29a31215e246112d95614de1be1407cd6552c02aa8cf7
94f1ed9594aa9778a404dc31673ccfcb84f949f471277732228fa058a3846f8e
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108
95369ec7fbff4464b81aef3ecef9a97ff2aa298bc00cb2f9a98b042ec4ce83ea
96469ec71636303e1b8e7ca9369b3fa55a2cf1712c9cb1a5b2064381522cae6f
97f4305a203854d16ff9f182460d9f39cb68a34fd883d426a1859d6c3f29b83d
9b218f5adea306c5f271e05e6d75fbffe174aef549d0b7abc305018491cd92c2
9b718f44e5e962e39afc40ba2b386fe054247a912067b58c9432f14045400a1c
9b9501f1ae733ae8c42ce5c7f263e76a8783fde0cc439a6dfe1c6e04ac909ca7
a071a9c76513d4791a2ddc114c06dc12c8f176f318ed1670cf03be835e77d450
a128f6eb92b05cc2843ec8d0dc6d5da920a481b4d829e2e571729bc08de00413
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a5fb5fd24b5f3c7f96e39badc850018e5d9e2654683f50df8b0cb47244107688
a8661a2d46284120fff3b09c418954b322326a5f00c910749b7377c4ed7e1e51
aec5eda8ed681cfb55eb7d4a3dc4e798e6a1c6deca45260a5c430594111f62af
af15683045768a762e9d1fd1ed55a649728d385cb16293dc51f288970772e667
afe561bfd378a8b98506af695679aab2eadbd6d03e76b78f98494c0efdc5bccc
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b0904b47d67bce0450be13a50d4ae66bd83321909b33badb65a7070122224847
b1f1ed06a4c5b0c8326e1adfc376bd788eb3d9f8533a97999675b2701e6ec5c6
b91a25704b26bbac73e73d60a9d63467c0cc3ad638c30058dc224097560692c3
be69441ca26824a4a72ba9b4c3f7020bca8331f0b7b6739c8ecfb2d5726bcb1a
c001568dc1b58f44b9f64eb2f6099192c72b91c62df2c8d49fed3869ffb22f64
c0323186507e6cc6555f5c946159f5c04382045758fd7587579e371c6f93ee72
c450afb9ba65e5c28d11b1473f3706e1cf46ed252868aa46096fc4761adb98e1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb4bb0991f2b009502fb03ebc47599be67e12ae862154af001cc0c56f8be6739
cba86b067191d09251580cb38b1b93d9deec4caccc148a4ad5ee2c132f0e673e
cd488cb90e9bfcacdf0aa5bf9e9d38bb6b218733ee0c518ec88b7f09c59f2da2
ce53f20a1ab3ce0af89f14e8c7b66dc782ae26f40903717f8b0735b94cde6f73
d350e9443930a0a31af2c6236e4b4a92976a6ec79961dc84e33c2cd6cae6e109
d57299eaccaf1b4e2d5c61a62810df772f7d7adbe5124395ede727e666df8c98
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d932915f06b485aab480eb817ad7e34c684cb9272fb3a1d6ec13372b15b80945
dec2d98d80c0dd09c5bb08461b4b2c5db2e36891d53d78c8f262d1e3faef74a2
e0dce0489aed76e8745c69af16f81e482b02e6c968676ea4e05b52e7dcefc1a5
e2614953eedb9d2c6ef2171faeca72d6f91bbd3ad7fd9e0a706a47f16c63bff2
e2634007df1d9905483b5d756f0949bfa8314b41dc4996a9d64339518e699655
e2c563c46ae28515dd7e9093b30c42f79c7850057251d4ffb9349e518a0db2be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e9f1790245ae42f8f92af236c11fa9c07a88a74b1c1c08599e0d5d38ea230b
e690e8ba40c70c0ed3b23a569670ca5b0c21335bd898e6159197fa7dfc4ac847
e8d83dffd0c27cb0a184740d12319241c511eddb84801d18155d7c7ffcedd5d7
ec685a46105296fe46c8744da4a11cf8118ba6c11271941766f7a546df6aa7c7
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3522e967150fdd3614c62a46cceb3f78ca65dd6e680c5a78d42ce4903fd322c
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f82a921a2aa764b1f9c9ba80adced857d8e23d1aff027d52c14905e0a9fb2022
f884e3e6f790c3d3e2b43e01f6d9b3698e05d38a61ad124e7954993fde726fa0
f9dc83e305cd9df53f563b779a4400ca13252f7686303dc90579741276ebe523
fade87adb180b7d137c67f5c200574f11fb934a71d95b591eb40a26539a1e769
ffe92518d1f7d4ef6e6996a45ef583dbb59013c0ef004e84eee9d8a915c8aa5b