nordsterntales.com Open in urlscan Pro
71.19.248.80 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://nordsterntales.com/
Submission: On January 02 via api (January 2nd 2024, 8:46:43 am UTC) from US — Scanned from CA

Summary HTTP 72 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 72 HTTP transactions. The main IP is 71.19.248.80, located in Vancouver, Canada and belongs to ESECUREDATA, CA. The main domain is nordsterntales.com.

This is the only time nordsterntales.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	71.19.248.80 71.19.248.80	11831 (ESECUREDATA) (ESECUREDATA)
1 2	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	34.107.203.240 34.107.203.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.217.13.138 172.217.13.138	15169 (GOOGLE) (GOOGLE)
2	216.239.38.21 216.239.38.21	15169 (GOOGLE) (GOOGLE)
2	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	172.217.13.161 172.217.13.161	15169 (GOOGLE) (GOOGLE)
11	172.217.13.163 172.217.13.163	15169 (GOOGLE) (GOOGLE)
4	199.232.38.109 199.232.38.109	54113 (FASTLY) (FASTLY)
3	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.217.13.195 172.217.13.195	15169 (GOOGLE) (GOOGLE)
3	151.101.64.217 151.101.64.217	54113 (FASTLY) (FASTLY)
6	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	23.44.201.171 23.44.201.171	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
72	14

1 71.19.248.80 (Vancouver, Canada)

ASN11831 (ESECUREDATA, CA)
PTR: server.elitemembercenter.com

nordsterntales.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.202.21.90 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

vipaccess.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.138 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.38.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2615.1e100.net

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 172.217.13.161 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f1.1e100.net

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.13.163 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.38.109 (New York, United States)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.195 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.64.217 (United States)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player-telemetry.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.44.201.171 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-201-171.deploy.static.akamaitechnologies.com

150vod-adaptive.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 129	343 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	254 KB
11	vimeocdn.com f.vimeocdn.com — Cisco Umbrella Rank: 6162 i.vimeocdn.com — Cisco Umbrella Rank: 5761 fresnel.vimeocdn.com — Cisco Umbrella Rank: 5966	286 KB
10	akamaized.net 150vod-adaptive.akamaized.net — Cisco Umbrella Rank: 169816	1 MB
4	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 3217 player-telemetry.vimeo.com — Cisco Umbrella Rank: 12669 vimeo.com — Cisco Umbrella Rank: 3004	11 KB
3	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 63497	1 KB
3	leadpages.net static.leadpages.net — Cisco Umbrella Rank: 68577	169 KB
2	center.io js.center.io — Cisco Umbrella Rank: 70704	8 KB
2	lpages.co 1 redirects vipaccess.lpages.co	38 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	3 KB
1	nordsterntales.com nordsterntales.com	2 KB
72	11

	Domain	Requested by
24	lh3.googleusercontent.com	nordsterntales.com
11	fonts.gstatic.com	fonts.googleapis.com
10	150vod-adaptive.akamaized.net	f.vimeocdn.com
4	fresnel.vimeocdn.com	f.vimeocdn.com
4	f.vimeocdn.com	player.vimeo.com
3	i.vimeocdn.com
3	api.leadpages.io	js.center.io
3	static.leadpages.net	vipaccess.lpages.co static.leadpages.net
2	player-telemetry.vimeo.com	f.vimeocdn.com
2	js.center.io	nordsterntales.com js.center.io
2	vipaccess.lpages.co	1 redirects nordsterntales.com
1	vimeo.com	f.vimeocdn.com
1	www.gstatic.com	f.vimeocdn.com
1	player.vimeo.com	vipaccess.lpages.co
1	fonts.googleapis.com	vipaccess.lpages.co
1	nordsterntales.com
72	16

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.gem.xyz
discord.gg
opensea.io
www.imdb.com
www.facebook.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
static.leadpages.net GTS CA 1D4	`2023-12-14` - `2024-03-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
js.center.io GTS CA 1D4	`2023-11-08` - `2024-02-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-01` - `2024-02-29`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-22` - `2024-12-23`	a year	crt.sh
*.leadpages.io R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-10-19` - `2024-11-19`	a year	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2023-12-30` - `2024-03-29`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2023-08-23` - `2024-08-21`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://nordsterntales.com/
Frame ID: C647B588D9CB6F5A2680A9660B338CA2
Requests: 45 HTTP requests in this frame

Frame: https://player.vimeo.com/video/712264487?autoplay=1&loop=1&h=4c395e3c26
Frame ID: AC5AF3C1372A150FDFDC888CE88AB8A6
Requests: 26 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 7E3FDA033180C71A9D212667763EAD9E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nordstern TalesNordstern Tales

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

72
Requests

97 %
HTTPS

0 %
IPv6

11
Domains

16
Subdomains

14
IPs

3
Countries

2171 kB
Transfer

3484 kB
Size

5
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/KellyStronghart
Title: KELLY'S TWITTER

Search URL Search Domain Scan URL

URL: https://twitter.com/BillTheFeared
Title: BILL'S TWITTER

Search URL Search Domain Scan URL

URL: https://www.gem.xyz/collection/nordstern-tales
Title: GET NFT

Search URL Search Domain Scan URL

URL: https://discord.gg/scCTAy24YC
Title: MEMBERS

Search URL Search Domain Scan URL

URL: https://opensea.io/assets/ethereum/0xe75113d4a417c2d33c67fb127b419e5f47c5d62c/7645
Title: POTM #7645

Search URL Search Domain Scan URL

URL: https://opensea.io/assets/ethereum/0xcf163c260621bf4c3087bd2729716949f8333c40/1
Title: SNAG THIS NFT »

Search URL Search Domain Scan URL

URL: https://opensea.io/assets/ethereum/0xe75113d4a417c2d33c67fb127b419e5f47c5d62c/7117
Title: POTM #7117

Search URL Search Domain Scan URL

URL: https://opensea.io/assets/ethereum/0xcf163c260621bf4c3087bd2729716949f8333c40/2
Title: SNAG THIS NFT »

Search URL Search Domain Scan URL

URL: https://opensea.io/assets/ethereum/0xe75113d4a417c2d33c67fb127b419e5f47c5d62c/6578
Title: POTM #6578

Search URL Search Domain Scan URL

URL: https://opensea.io/assets/ethereum/0xcf163c260621bf4c3087bd2729716949f8333c40/3
Title: SNAG THIS NFT »

Search URL Search Domain Scan URL

URL: https://www.gem.xyz/collection/0xcf163c260621bf4c3087bd2729716949f8333c40/
Title: SAVE GAS ON GEMS.XYZ »

Search URL Search Domain Scan URL

URL: https://www.imdb.com/name/nm4540688/
Title: IMDB

Search URL Search Domain Scan URL

URL: https://www.facebook.com/iandelcarmen5432/videos
Title: .css-4e78w1{position:absolute;height:1px;width:1px;overflow:hidden;-webkit-clip:rect(1px 1px 1px 1px);clip:rect(1px 1px 1px 1px);-webkit-clip:rect(1px,1px,1px,1px);clip:rect(1px,1px,1px,1px);white-space:nowrap;}Share on Facebook.css-168f5rq{color:white;}

Search URL Search Domain Scan URL

URL: https://twitter.com/dcryptian
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/iandelcarmen/
Title: Share on LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/OfficialGrindhouse/videos
Title: Share on Youtube

Search URL Search Domain Scan URL

URL: https://opensea.io/collection/pirates-of-the-metaverse-by-drip-studios
Title: Pirates of the Metaverse NFT

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://vipaccess.lpages.co/_/js/nordstern-tales/ HTTP 301
https://vipaccess.lpages.co/_/js/nordstern-tales/

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
nordsterntales.com/ 2 KB
2 KB 256ms
156ms Document
text/html 71.19.248.80
ESECUREDATA

General

Check archive.org

Show headers Download Go to

Full URL: http://nordsterntales.com/
Protocol: HTTP/1.1
Server: 71.19.248.80 Vancouver, Canada, ASN11831 (ESECUREDATA, CA),
Reverse DNS: server.elitemembercenter.com
Software: Apache /
Resource Hash: 4470af4829bdc86c547134fa3a0b924bf6fa33567c1c33a777a9cc8fbf4b8942

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 02 Jan 2024 08:46:38 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H2

200

/ Show response
vipaccess.lpages.co/_/js/nordstern-tales/
Redirect Chain

http://vipaccess.lpages.co/_/js/nordstern-tales/
https://vipaccess.lpages.co/_/js/nordstern-tales/

283 KB
38 KB

175ms
81ms

Script
application/javascript

35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://vipaccess.lpages.co/_/js/nordstern-tales/

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

2e509715aa0aea6e8269e87428f4b65f9839e2517b80619dd13137ff2533a093

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
strict-transport-security: max-age=15768000
content-encoding: br
last-modified: Mon, 14 Nov 2022 08:54:24 GMT
server: Leadpages
etag: W/"66a60c8e52a6061e09bb3430eefe67c5"
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: application/javascript
cache-control: no-cache

Redirect headers

Location: https://vipaccess.lpages.co/_/js/nordstern-tales/
Date: Tue, 02 Jan 2024 08:46:38 GMT
Strict-Transport-Security: max-age=15768000
Server: Leadpages
Connection: keep-alive
Content-Length: 166
Content-Type: text/html

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ 58 KB
15 KB 104ms
22ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: vipaccess.lpages.co
URL: http://vipaccess.lpages.co/_/js/nordstern-tales/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:47:47 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 2030331
etag: "HsLdGg"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: b6ee0117fb022c1ae9273ae98fd7766e
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Sun, 08 Dec 2024 20:47:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 54 KB
3 KB 130ms
55ms Stylesheet
text/css 172.217.13.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: vipaccess.lpages.co
URL: http://vipaccess.lpages.co/_/js/nordstern-tales/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f10.1e100.net

Software

ESF /

Resource Hash

27de820851562733e48481880a581265611155295046c9e29385bd9ef9b87ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 Jan 2024 08:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 08:46:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Jan 2024 08:46:38 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 110ms
39ms Script
application/javascript 216.239.38.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: nordsterntales.com
URL: http://nordsterntales.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2615.1e100.net
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:43:42 GMT
content-encoding: gzip
server: Google Frontend
age: 176
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: 726971032cd7d65ae154128c216c8e81
cache-control: public, max-age=300
content-length: 5417
expires: Tue, 02 Jan 2024 08:48:42 GMT

GET
H/1.1 200
OK 712264487 Show response
player.vimeo.com/video/ Frame AC5A 20 KB
10 KB 178ms
120ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/712264487?autoplay=1&loop=1&h=4c395e3c26

Requested by

Host: vipaccess.lpages.co
URL: http://vipaccess.lpages.co/_/js/nordstern-tales/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f0b26129db9ce2f9f4f677bbdc5f71b86da702f64a0b9a957d08a335294fe9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nordsterntales.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 83f1bb92d87536ac-YYZ
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 02 Jan 2024 08:46:38 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-yyz4556-YYZ
X-Timer: S1704185199.545702,VS0,VE80
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-69bb9f6944-5cmqc
x-content-type-options: nosniff
x-host: player-backend-69bb9f6944-5cmqc
x-player-backend: g
x-xss-protection: 1; mode=block

GET
H2 200 aCsa9shkYRllFbomqTX28h4uOk8BmyeuDpYdPFmxnIr_Bo7MEG_71XGzA6sVy1E3bUGrmovLzcChuI-M5iCDiFPRjTYnTD3_GA=w16
lh3.googleusercontent.com/ 389 B
451 B 142ms
59ms Image
image/png 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/aCsa9shkYRllFbomqTX28h4uOk8BmyeuDpYdPFmxnIr_Bo7MEG_71XGzA6sVy1E3bUGrmovLzcChuI-M5iCDiFPRjTYnTD3_GA=w16

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

5260a6697e56dbe468218b871cef4bfd460ef18eb7b76d5dd32a3c0c625bd9e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 389
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 FXX1rOsUOduADcNGVWoagwpcctteeHfANcvmgqIiynCwi-8sPjm3aw9M-BfS_PGQAYOuhARuIYWUuAYgV3fyavWVexOxe9wobKQ=w16
lh3.googleusercontent.com/ 715 B
777 B 145ms
63ms Image
image/png 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/FXX1rOsUOduADcNGVWoagwpcctteeHfANcvmgqIiynCwi-8sPjm3aw9M-BfS_PGQAYOuhARuIYWUuAYgV3fyavWVexOxe9wobKQ=w16

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

4674585c2c5469ab0149f1616d5d697f8cacffe54d65e74f4cd863a79909a59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 715
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 77UfaorlBrsbZSnPIBZpNcUU5jqG5CXB7tvvIWUERAI1SvuBZHWGoiY7oUZdUQY-GCOSNaZq-grl2G5MZLOt6KImlK_yQphUb98=w16
lh3.googleusercontent.com/ 602 B
663 B 144ms
62ms Image
image/png 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/77UfaorlBrsbZSnPIBZpNcUU5jqG5CXB7tvvIWUERAI1SvuBZHWGoiY7oUZdUQY-GCOSNaZq-grl2G5MZLOt6KImlK_yQphUb98=w16

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

15ce592cfcc386be9148c2ccddca8456f4b26c6b86ec5f31a202cc76ee743454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 602
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 5wNHCYt84UiIiyjVXmebJzgWjnLK2LUG_Wg5tBVOu9gezONEXaP6yn93vkgm4Kj1YwAto1EGDrldiyb9-XiQVgXwH51P2Zscgo0=w16
lh3.googleusercontent.com/ 680 B
742 B 143ms
62ms Image
image/png 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/5wNHCYt84UiIiyjVXmebJzgWjnLK2LUG_Wg5tBVOu9gezONEXaP6yn93vkgm4Kj1YwAto1EGDrldiyb9-XiQVgXwH51P2Zscgo0=w16

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

3ae1400840e97c1d911115a6c0e0f1ff98d3ae41e40f09e27daa425cc514f183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 680
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 5Id78E9ffvHA8vM6VRLu7KFxLIfeBVLWnRhfa2ptRNZ1SwB5Jz13lwaiTz2Difz0oyNagtIl-J0Yb-NHbym8MOXeJcN8AIEUPVg=w16
lh3.googleusercontent.com/ 630 B
923 B 140ms
59ms Image
image/png 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/5Id78E9ffvHA8vM6VRLu7KFxLIfeBVLWnRhfa2ptRNZ1SwB5Jz13lwaiTz2Difz0oyNagtIl-J0Yb-NHbym8MOXeJcN8AIEUPVg=w16

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

19b1f3117de2206bcd5c5c434c61d237d9e873243eee00d9afbb805480838210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 630
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 anCxYViJPe2Un1md5-UOEql3mU1AcEkffJfYbwo0-9865dV9lH4zosz__S8e9tcsjJbewVh_Zkp9R9MYzecG3Drx-0kSPOnQYsg=w16
lh3.googleusercontent.com/ 598 B
660 B 142ms
61ms Image
image/png 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/anCxYViJPe2Un1md5-UOEql3mU1AcEkffJfYbwo0-9865dV9lH4zosz__S8e9tcsjJbewVh_Zkp9R9MYzecG3Drx-0kSPOnQYsg=w16

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

d54476ec4b8b3fb2861ff5eaf5025a0e6a1b4d351885353467ca240ac519ff09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 598
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 xLdweYmJdOqI9jbukYaTAbww5s_HqhrmG_oSDc0PXVMrfHN-gCGuI0cN_MeVlxOsTETVFOiu5L4tBmg3tr44iDWnMFHMzoKNeIQ=w16
lh3.googleusercontent.com/ 872 B
934 B 62ms
61ms Image
image/png 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/xLdweYmJdOqI9jbukYaTAbww5s_HqhrmG_oSDc0PXVMrfHN-gCGuI0cN_MeVlxOsTETVFOiu5L4tBmg3tr44iDWnMFHMzoKNeIQ=w16

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

2d7343b0a44f61a0667e6f270bc0169f0f853680349f095c2df499f4b898e47c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 872
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 ZNTNQ2q29yS4zFLu46a9_PfflEyGj_e9rwm-iS7suiKZbWwnR2Zg6fvJYUhTU1j4gFRMjqYBCBg0_PGudprL4sV4wBoCRnFSfg=w16
lh3.googleusercontent.com/ 918 B
989 B 77ms
76ms Image
image/png 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ZNTNQ2q29yS4zFLu46a9_PfflEyGj_e9rwm-iS7suiKZbWwnR2Zg6fvJYUhTU1j4gFRMjqYBCBg0_PGudprL4sV4wBoCRnFSfg=w16

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

9e422d47b467054b7e935f93b6608bda176699749cde0041e8e46e9ec543b93d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 918
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 sASOO2N79orCZoSzKhV2z1plQj4wzJ46t3p9_E-L4ZmrgfrWilWOXTrpww7CNFHVYImDtqNjn85EcWYVIbScKdMJcF7FD-2Mk5k=w16
lh3.googleusercontent.com/ 929 B
991 B 65ms
64ms Image
image/png 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/sASOO2N79orCZoSzKhV2z1plQj4wzJ46t3p9_E-L4ZmrgfrWilWOXTrpww7CNFHVYImDtqNjn85EcWYVIbScKdMJcF7FD-2Mk5k=w16

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

7e8ec02c11e45395b837c0abf7acec90a4f0d1f6f67424d50cf8ae7f59af8bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 929
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 C_5RX4XwWlzzOrGj1pbPZLoES6JBRTr2xD__0xl3Ompi9-MNe8B59yETDPCyy07sV_LDlo04JphGSWaIwpGHeL2IBUfwE-6SrDSb=w16
lh3.googleusercontent.com/ 963 B
1 KB 61ms
60ms Image
image/png 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/C_5RX4XwWlzzOrGj1pbPZLoES6JBRTr2xD__0xl3Ompi9-MNe8B59yETDPCyy07sV_LDlo04JphGSWaIwpGHeL2IBUfwE-6SrDSb=w16

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

e26d92147621a0bb2048596a33a693c9eb123a4a08302c8fe56078765f900b64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 963
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 UFhEj491ktOXC14kqQkxvv6L-O3DKVskfhwnm5BBRB_DFa881x1qT4ss2lIPNADGUKRO3R3PRloluKfhdVaWdwIMh2zhUbFxZIA=w16
lh3.googleusercontent.com/ 922 B
983 B 63ms
61ms Image
image/png 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/UFhEj491ktOXC14kqQkxvv6L-O3DKVskfhwnm5BBRB_DFa881x1qT4ss2lIPNADGUKRO3R3PRloluKfhdVaWdwIMh2zhUbFxZIA=w16

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

fb856dccfb9a722fee139a6b0d9b3c59a2a2318b57de3fb3a56276f98acdb379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 922
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 bZ-BZ8VVdLs8JrcxGF6rou6ltFgAt0r6RimGvLxSv64O2ub0ul-rKayskhV6rBDH0voy_gijbDuQRX4lVC2S3SFPuespKrcUmsn5=w16
lh3.googleusercontent.com/ 880 B
942 B 66ms
65ms Image
image/png 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/bZ-BZ8VVdLs8JrcxGF6rou6ltFgAt0r6RimGvLxSv64O2ub0ul-rKayskhV6rBDH0voy_gijbDuQRX4lVC2S3SFPuespKrcUmsn5=w16

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

94312fa8b498e14ab0cbd1f737cbc8ed8592cbc020ed7de28d00ae632f7c2b33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 880
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 oTkUhysPaVkvGSpUeWRjdfmrBgZZyX7NEp3sedqtQJ1wbOKLQgQGcU08DWjU6KZ23BCm4EumYacKBIaovYroryy2NYcr_u3MRkE=w16
lh3.googleusercontent.com/ 462 B
524 B 63ms
62ms Image
image/png 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/oTkUhysPaVkvGSpUeWRjdfmrBgZZyX7NEp3sedqtQJ1wbOKLQgQGcU08DWjU6KZ23BCm4EumYacKBIaovYroryy2NYcr_u3MRkE=w16

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

cba642c1c0c862aed406ef8ccc6b4eddadf35cc4937ebaddc376454b819e507d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 462
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 9AGp2LERAJoax78uZ_bGR5fF7IyIDbjLvDvfJUEjGJKnOTxwQuybTOhkSrKR8GFyE8xE2rT7Bw1oL7Z_Ud11EbKiLp2iy2P2Xg=w16
lh3.googleusercontent.com/ 883 B
945 B 65ms
64ms Image
image/png 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/9AGp2LERAJoax78uZ_bGR5fF7IyIDbjLvDvfJUEjGJKnOTxwQuybTOhkSrKR8GFyE8xE2rT7Bw1oL7Z_Ud11EbKiLp2iy2P2Xg=w16

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

1e5e17eb63b8bebc4da4de6da30d91b95f5bb77190f4d38d5b43f58f6c8ce8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 883
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 GA5Tfn9RIrzruOE5sYKMlNXK8uJhb5gFOqB9Cvmi0jkAvbHO9ZyWEZreYsDw979LWiKl092tQjLoVvQWq7cpbJftZw4s4XFCRxY=s0
lh3.googleusercontent.com/ 7 KB
7 KB 64ms
63ms Image
image/png 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/GA5Tfn9RIrzruOE5sYKMlNXK8uJhb5gFOqB9Cvmi0jkAvbHO9ZyWEZreYsDw979LWiKl092tQjLoVvQWq7cpbJftZw4s4XFCRxY=s0

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

293780eae03e6e07fb89b7d172e5dbd18ac5070f5d96f7ea407e93179ac12ac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7455
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 4WtpiVYL8eqiHuNcPxkUjHRuoQISdNOH-B6A1S-33uIiA0peDLJZYGhT9KnyvpQqY7Y_HvCGknbzvF8GLMLmq2D9h5MQYoII-vOh=w16
lh3.googleusercontent.com/ 1 KB
1 KB 64ms
63ms Image
image/jpeg 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/4WtpiVYL8eqiHuNcPxkUjHRuoQISdNOH-B6A1S-33uIiA0peDLJZYGhT9KnyvpQqY7Y_HvCGknbzvF8GLMLmq2D9h5MQYoII-vOh=w16

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

ec37e948878cd6f092ebda6f7714c1e6aeb677e07f183102f5f0861096080fa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1206
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 VmOQpXBgHsdjms5zbOTq_9xT8ysY4_s-SCoLJ-Hl_w2pdTRUh7a1hSrKyHlOtvvfGiwMi90HSYn_NqBU6uBgNJP9zpSQqNUscMY=w16
lh3.googleusercontent.com/ 4 KB
4 KB 65ms
64ms Image
image/jpeg 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/VmOQpXBgHsdjms5zbOTq_9xT8ysY4_s-SCoLJ-Hl_w2pdTRUh7a1hSrKyHlOtvvfGiwMi90HSYn_NqBU6uBgNJP9zpSQqNUscMY=w16

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

91bcc0f032f9565d09168214753e3c97750479cbb294ce711434d304b36a83b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4091
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 zhANiVjnpYOjD_TjWE1tu3_lsAhRSFuqiANHSUR3Adsx5WwdcL7Q1NF6KBoCuRWLHH4ACCXto7p1040wdIVLK9Kmb8YfnliAtECh=w16
lh3.googleusercontent.com/ 339 B
401 B 64ms
64ms Image
image/jpeg 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/zhANiVjnpYOjD_TjWE1tu3_lsAhRSFuqiANHSUR3Adsx5WwdcL7Q1NF6KBoCuRWLHH4ACCXto7p1040wdIVLK9Kmb8YfnliAtECh=w16

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

2274a69a9e8a8d7844d36a5dad8b7899c95577f982afa50f0c43f906e7a1ea46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 339
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 lHDe39DT1amc6Loxz5a7lfTr_5KY5LNKaPCPNyGdLDsHAmr8jm4g3Y3GrZMoypJdH2S9b_7ZcU_PJdushymNvBvmRp6b5QIVLjAN=w16
lh3.googleusercontent.com/ 437 B
499 B 63ms
63ms Image
image/jpeg 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/lHDe39DT1amc6Loxz5a7lfTr_5KY5LNKaPCPNyGdLDsHAmr8jm4g3Y3GrZMoypJdH2S9b_7ZcU_PJdushymNvBvmRp6b5QIVLjAN=w16

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

7d7a125ba9a7521eea59f10046917cccce1d929ef716e312b67e84f1ac8d36ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 437
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 tg7xYEdCVpz66PsBtzTGwlasEeEaraqM-ettfUye4O_FjAyMEQDzHIfdZLKefOCR12hUL-mdupvTa2Y0y8FpbuEp0tHORjrVSw=w16
lh3.googleusercontent.com/ 440 B
502 B 63ms
63ms Image
image/jpeg 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/tg7xYEdCVpz66PsBtzTGwlasEeEaraqM-ettfUye4O_FjAyMEQDzHIfdZLKefOCR12hUL-mdupvTa2Y0y8FpbuEp0tHORjrVSw=w16

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

42b73bbdee597951d2f36b518db5d68ea5605d7779b7dc8512208ca934535484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 440
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 fa-solid-900.woff2
static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/ 78 KB
79 KB 67ms
22ms Font
font/woff2 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/fa-solid-900.woff2
Requested by: Host: static.leadpages.net
URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

Referer: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Origin: http://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:07:12 GMT
via: 1.1 google
server: Google Frontend
age: 1949966
etag: "HsLdGg"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-cloud-trace-context: 92bb9b1ef71ec045e67a5358f8cf7ed1
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80148
expires: Mon, 09 Dec 2024 19:07:12 GMT

GET
H2 200 fa-brands-400.woff2
static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/ 76 KB
76 KB 94ms
50ms Font
font/woff2 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/fa-brands-400.woff2
Requested by: Host: static.leadpages.net
URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d

Request headers

Referer: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Origin: http://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:07:38 GMT
via: 1.1 google
server: Google Frontend
age: 2209140
etag: "HsLdGg"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-cloud-trace-context: c9d622ebeba839f45713cbbb4240a9f6
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77400
expires: Fri, 06 Dec 2024 19:07:38 GMT

GET
H2 200 4WtpiVYL8eqiHuNcPxkUjHRuoQISdNOH-B6A1S-33uIiA0peDLJZYGhT9KnyvpQqY7Y_HvCGknbzvF8GLMLmq2D9h5MQYoII-vOh=w1600
lh3.googleusercontent.com/ 44 KB
44 KB 63ms
60ms Image
image/jpeg 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/4WtpiVYL8eqiHuNcPxkUjHRuoQISdNOH-B6A1S-33uIiA0peDLJZYGhT9KnyvpQqY7Y_HvCGknbzvF8GLMLmq2D9h5MQYoII-vOh=w1600

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

6f51adc720ba79344ad8ef2fbf722ff0a2b2945068ea2344fa3dd31006971b34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45293
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 VmOQpXBgHsdjms5zbOTq_9xT8ysY4_s-SCoLJ-Hl_w2pdTRUh7a1hSrKyHlOtvvfGiwMi90HSYn_NqBU6uBgNJP9zpSQqNUscMY=w1600
lh3.googleusercontent.com/ 201 KB
201 KB 78ms
76ms Image
image/jpeg 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/VmOQpXBgHsdjms5zbOTq_9xT8ysY4_s-SCoLJ-Hl_w2pdTRUh7a1hSrKyHlOtvvfGiwMi90HSYn_NqBU6uBgNJP9zpSQqNUscMY=w1600

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

b75ee0fa7b2fc85897db05a369a4d23e19224f528b4f1b961359d7a07ef1c137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205800
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame 7E3F 4 KB
2 KB 33ms
30ms Document
text/html 216.239.38.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2615.1e100.net
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: http://nordsterntales.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 248
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Tue, 02 Jan 2024 08:42:30 GMT
etag: "OMWYXg"
expires: Tue, 02 Jan 2024 08:47:30 GMT
server: Google Frontend
x-cloud-trace-context: 945d333a0434fcc8c63b0834cb58f489

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 139ms
60ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 16:41:58 GMT
x-content-type-options: nosniff
age: 317080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Dec 2024 16:41:58 GMT

GET
H2 200 6aey4Ky-Vb8Ew8IROpI.woff2
fonts.gstatic.com/s/forum/v18/ 23 KB
23 KB 130ms
54ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/forum/v18/6aey4Ky-Vb8Ew8IROpI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

21eb0ef1c5f416bd7837e9bcf5c0ba1b026a9d56e5aed213871957ff442cae1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 02:41:09 GMT
x-content-type-options: nosniff
age: 281129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23820
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:21:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Dec 2024 02:41:09 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 124ms
49ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 16:05:31 GMT
x-content-type-options: nosniff
age: 232867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Dec 2024 16:05:31 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 160ms
86ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 05:20:37 GMT
x-content-type-options: nosniff
age: 271561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Dec 2024 05:20:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 159ms
88ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 16:17:33 GMT
x-content-type-options: nosniff
age: 232145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Dec 2024 16:17:33 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 99ms
33ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 09:01:37 GMT
x-content-type-options: nosniff
age: 258301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Dec 2024 09:01:37 GMT

GET
H2 200 If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2
fonts.gstatic.com/s/dancingscript/v25/ 42 KB
42 KB 119ms
69ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dancingscript/v25/If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

a29a97013ad393d493acb1e33515d103c2f6a2cf6634250faf7cc176720a6135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 13:50:35 GMT
x-content-type-options: nosniff
age: 240963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42672
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Dec 2024 13:50:35 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v53/ 28 KB
28 KB 101ms
64ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 16:05:39 GMT
x-content-type-options: nosniff
age: 232859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28512
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:44:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Dec 2024 16:05:39 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 106ms
75ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 05:20:39 GMT
x-content-type-options: nosniff
age: 271559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Dec 2024 05:20:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 7 KB
7 KB 117ms
87ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

daf51ab540602b2d0b87646621637bac38889bb34effb8a432ae739aca78b5c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 16:05:35 GMT
x-content-type-options: nosniff
age: 232863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7112
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Dec 2024 16:05:35 GMT

GET
H2 200 wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2
fonts.gstatic.com/s/crimsontext/v19/ 25 KB
25 KB 109ms
80ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

538c7067580f457dd3dd98ebaabeb19405c12bdd01674d3db8fd9948ee73c862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 20:46:12 GMT
x-content-type-options: nosniff
age: 475226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25184
x-xss-protection: 0
last-modified: Tue, 24 May 2022 18:26:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Dec 2024 20:46:12 GMT

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.26.16/js/ Frame AC5A 547 KB
132 KB 126ms
51ms Script
application/javascript 199.232.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.26.16/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/712264487?autoplay=1&loop=1&h=4c395e3c26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.38.109 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8f678762c804cbf81e0d898c55d923556b79cc9d7c66624d5d11b446c58733aa

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000098-IAD, cache-lga21958-LGA
date: Tue, 02 Jan 2024 08:46:38 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 304112
x-timer: S1704185199.797955,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 135095
x-cache-hits: 1, 2058

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.26.16/js/ Frame AC5A 410 KB
99 KB 96ms
21ms Script
application/javascript 199.232.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.26.16/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/712264487?autoplay=1&loop=1&h=4c395e3c26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.38.109 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1145a2f5b05b53ffc23553e16927833e89da2e9121e792afd9dff557a0d48de0

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000089-IAD, cache-lga21958-LGA
date: Tue, 02 Jan 2024 08:46:38 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 1011325
x-timer: S1704185199.797928,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 101192
x-cache-hits: 24, 189324

GET
H2 200 player.css
f.vimeocdn.com/p/4.26.16/css/ Frame AC5A 207 KB
22 KB 97ms
22ms Stylesheet
text/css 199.232.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.26.16/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/712264487?autoplay=1&loop=1&h=4c395e3c26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.38.109 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2f8617d6b5f2bbd3d3fdba3ec4807017f891f209584d9179e05786d278d1d169

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000175-IAD, cache-lga21963-LGA
date: Tue, 02 Jan 2024 08:46:38 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 1011325
x-timer: S1704185199.798153,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21891
x-cache-hits: 22, 195950

GET
H3 200 aCsa9shkYRllFbomqTX28h4uOk8BmyeuDpYdPFmxnIr_Bo7MEG_71XGzA6sVy1E3bUGrmovLzcChuI-M5iCDiFPRjTYnTD3_GA=w1062
lh3.googleusercontent.com/ 59 KB
59 KB 62ms
62ms Image
image/png 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/aCsa9shkYRllFbomqTX28h4uOk8BmyeuDpYdPFmxnIr_Bo7MEG_71XGzA6sVy1E3bUGrmovLzcChuI-M5iCDiFPRjTYnTD3_GA=w1062

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

b81465146c58b22c011cf4e65ec3808e0514617f895c36962d100391b083a895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60508
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H3 200 aCsa9shkYRllFbomqTX28h4uOk8BmyeuDpYdPFmxnIr_Bo7MEG_71XGzA6sVy1E3bUGrmovLzcChuI-M5iCDiFPRjTYnTD3_GA=w343
lh3.googleusercontent.com/ 13 KB
13 KB 60ms
59ms Image
image/png 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/aCsa9shkYRllFbomqTX28h4uOk8BmyeuDpYdPFmxnIr_Bo7MEG_71XGzA6sVy1E3bUGrmovLzcChuI-M5iCDiFPRjTYnTD3_GA=w343

Requested by

Host: nordsterntales.com
URL: http://nordsterntales.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

fife /

Resource Hash

df5fb52efaea3bd1f0c2a48044fc1456232f99abba073556af9d803148f60019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13028
x-xss-protection: 0
expires: Wed, 03 Jan 2024 08:46:38 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
666 B 151ms
51ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=kncE8Y9wNbNuKddXnAocf9&v=&e=&st=&lc=en-US&pid=vVHAqwQWtBPcHspQ4Z5AEe&uid=BiCfSXoi5rcMa5uyRCcoDm&sid=7xH8nNro3gEFEm9Rk54EL2&cid=lp-kncE8Y9wNbNuKddXnAocf9&uri=http%3A%2F%2Fnordsterntales.com%2F&rf=&rx=1600&ry=1200&tz=-08%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 08:46:38 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: http://nordsterntales.com
X-Forwarded-For: 185.213.80.240
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00fl8jfiu0b71i5lhrd0

GET
H/1.1 200
OK capture
api.leadpages.io/analytics/v1/observations/ 35 B
356 B 90ms
45ms Image
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=85,14,156,256,2,259,599,606,1006,1006
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 08:46:38 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 185.213.80.240
Content-Type: image/gif
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00fl8jfvo9ca3dfgbvsg

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame AC5A 2 KB
1 KB 22ms
22ms Script
application/javascript 199.232.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/712264487?autoplay=1&loop=1&h=4c395e3c26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.38.109 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000106-IAD, cache-lga21963-LGA
date: Tue, 02 Jan 2024 08:46:38 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 964812
x-timer: S1704185199.953437,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 985
x-cache-hits: 4, 149930

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame AC5A 4 KB
2 KB 133ms
54ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.16/js/vendor.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 02 Jan 2024 08:46:39 GMT

GET
H2 200 1436025415-ab83b97d720fb4b1b747e280c0925708193368a76edb3dee22f231cbd6bb5abd-d
i.vimeocdn.com/video/ Frame AC5A 15 KB
15 KB 158ms
96ms Image
image/avif 151.101.64.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1436025415-ab83b97d720fb4b1b747e280c0925708193368a76edb3dee22f231cbd6bb5abd-d?mw=600&mh=337
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b5887c95e4b30a1159dd6b12378becad4497db5fd8f3197ec3d771f0575243e4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:39 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 7
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 15026
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210108-DFW, cache-yul12830-YUL
x-timer: S1704185199.050968,VS0,VE82
etag: "eb6e23e7514a00f886456b0adb9528e5"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame AC5A 0
40 B 114ms
41ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=4a2951f942eede47efc96e946b98943cb669fca31704185198
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.16/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Tue, 02 Jan 2024 08:46:39 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame AC5A 0
142 B 90ms
40ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=4a2951f942eede47efc96e946b98943cb669fca31704185198
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.16/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Tue, 02 Jan 2024 08:46:39 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 play
player-telemetry.vimeo.com/player-events/log/ Frame AC5A 0
162 B 91ms
42ms Ping
text/html 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://player-telemetry.vimeo.com/player-events/log/play
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.16/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Tue, 02 Jan 2024 08:46:39 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 master.json Show response
150vod-adaptive.akamaized.net/exp=1704188798~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=3097cb556046860790c2e629b78427a3139b8abd16a20be31a7dc3512d2d0262/83cbf95e-9111-4976-aba3-d3604315... Frame AC5A 67 KB
12 KB 159ms
78ms XHR
application/json 23.44.201.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://150vod-adaptive.akamaized.net/exp=1704188798~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=3097cb556046860790c2e629b78427a3139b8abd16a20be31a7dc3512d2d0262/83cbf95e-9111-4976-aba3-d36043153f25/sep/video/3dcd3ea4,acfc198b,ad5249af,b14147a4/audio/1809cb3f,88ad2533,fe5ba53d/master.json?base64_init=1&query_string_ranges=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.16/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.171 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-201-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f9efd86c7e728eeca5ada46e63686e41ddfece4f5089dc37346840f85af0ca1e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:39 GMT
content-encoding: gzip
x-vim-cachebc: EP:H11,E:m,TD0:m,CW:h
akamai-grn: 0.6bc82c17.1704185199.aaa1b682
origin-retrieved-hour: 1692342000
akamai-mon-iucid-del: 877678
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 11343
pragma: no-cache
access-control-max-age: 86400
vary: Accept-Encoding
aka-c-hit: cache-hit
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-VIM-CACHEBC, Akamai-GRN, Akamai-Request-BC
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
akamai-request-bc: [a=23.44.200.107,b=2862724738,c=g,n=US_NJ_SECAUCUS,o=20940],[c=c,n=US_NY_NEWYORK,o=20940],[c=w,n=US_VA_ASHBURN,o=20940]
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 1436025415-ab83b97d720fb4b1b747e280c0925708193368a76edb3dee22f231cbd6bb5abd-d
i.vimeocdn.com/video/ Frame AC5A 2 KB
2 KB 15ms
14ms Image
image/avif 151.101.64.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1436025415-ab83b97d720fb4b1b747e280c0925708193368a76edb3dee22f231cbd6bb5abd-d?mw=80&q=85
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4f340571151ada1f11e163f07252f8f61a60d14a79dcf60fe33589bdb576da1d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:39 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 438840
x-viewmaster-lossless-format: automatic
x-cache: miss, MISS, HIT
x-backend-server: varnish
content-length: 1617
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdal2120075-DFW, cache-yul12830-YUL
x-timer: S1704185199.057871,VS0,VE1
etag: "d632ab3056cbf07fb36f1b784bc4ce18"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 0, 1

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame AC5A 0
916 B 132ms
98ms Ping
text/plain 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=4a2951f942eede47efc96e946b98943cb669fca31704185198

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Mon, 01 Jan 2024 20:46:39 GMT
Date: Tue, 02 Jan 2024 08:46:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kcgs7200051-IAD, cache-yul12832-YUL
x-ua-compatible: IE=edge
x-vimeo-device: d
Server: cloudflare
X-Timer: S1704185199.137751,VS0,VE46
x-backend-proxy: webproxy8
x-frame-options: sameorigin
Vary: User-Agent,x-http-method-override
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-bcc7f5684-hrhtn
Accept-Ranges: bytes
CF-RAY: 83f1bb9688e54bbe-YUL
X-Cache-Hits: 0, 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame AC5A 0
40 B 42ms
41ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=4a2951f942eede47efc96e946b98943cb669fca31704185198
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.16/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Tue, 02 Jan 2024 08:46:39 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 fe5ba53d.mp4 Show response
150vod-adaptive.akamaized.net/exp=1704188798~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=3097cb556046860790c2e629b78427a3139b8abd16a20be31a7dc3512d2d0262/83cbf95e-9111-4976-aba3-d3604315... Frame AC5A 49 KB
49 KB 36ms
36ms XHR
video/mp4 23.44.201.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://150vod-adaptive.akamaized.net/exp=1704188798~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=3097cb556046860790c2e629b78427a3139b8abd16a20be31a7dc3512d2d0262/83cbf95e-9111-4976-aba3-d36043153f25/parcel/audio/fe5ba53d.mp4?r=dXM%3D&range=1683-51504
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.16/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.171 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-201-171.deploy.static.akamaitechnologies.com
Software: parcel /
Resource Hash: e8f568158e76180299863dfce0a914b29b6c344c9a98091937fa191bb2872c27

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:39 GMT
x-vim-cachebc: EP:H11,E:m,TD0:m,CW:h
akamai-grn: 0.6bc82c17.1704185199.aaa1b709
origin-retrieved-hour: 1685062800
akamai-mon-iucid-del: 877678
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 49822
pragma: no-cache
last-modified: Sat, 21 May 2022 01:13:10 GMT
server: parcel
access-control-max-age: 86400
aka-c-hit: cache-hit
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: X-VIM-CACHEBC, Akamai-GRN, Akamai-Request-BC
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
akamai-request-bc: [a=23.44.200.107,b=2862724873,c=g,n=US_NJ_SECAUCUS,o=20940],[c=c,n=US_NJ_SECAUCUS,o=20940],[c=w,n=US_NY_NEWYORK,o=20940]
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 3dcd3ea4.mp4 Show response
150vod-adaptive.akamaized.net/exp=1704188798~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=3097cb556046860790c2e629b78427a3139b8abd16a20be31a7dc3512d2d0262/83cbf95e-9111-4976-aba3-d3604315... Frame AC5A 57 KB
58 KB 30ms
30ms XHR
video/mp4 23.44.201.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://150vod-adaptive.akamaized.net/exp=1704188798~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=3097cb556046860790c2e629b78427a3139b8abd16a20be31a7dc3512d2d0262/83cbf95e-9111-4976-aba3-d36043153f25/parcel/video/3dcd3ea4.mp4?r=dXM%3D&range=1681-60267
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.16/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.171 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-201-171.deploy.static.akamaitechnologies.com
Software: parcel /
Resource Hash: 1974198e6de8c9647e4a3a65438173297c923aa38cd916b874f882fdf92e64a3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:39 GMT
x-vim-cachebc: EP:H11,E:m,TD0:h
akamai-grn: 0.6bc82c17.1704185199.aaa1b758
origin-retrieved-hour: 1699948800
akamai-mon-iucid-del: 877678
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 58587
pragma: no-cache
last-modified: Sat, 21 May 2022 01:13:27 GMT
server: parcel
access-control-max-age: 86400
aka-c-hit: cache-hit
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: X-VIM-CACHEBC, Akamai-GRN, Akamai-Request-BC
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
akamai-request-bc: [a=23.44.200.107,b=2862724952,c=g,n=US_NJ_SECAUCUS,o=20940],[c=c,n=US_NJ_SECAUCUS,o=20940]
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 88ad2533.mp4 Show response
150vod-adaptive.akamaized.net/exp=1704188798~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=3097cb556046860790c2e629b78427a3139b8abd16a20be31a7dc3512d2d0262/83cbf95e-9111-4976-aba3-d3604315... Frame AC5A 72 KB
73 KB 45ms
45ms XHR
video/mp4 23.44.201.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://150vod-adaptive.akamaized.net/exp=1704188798~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=3097cb556046860790c2e629b78427a3139b8abd16a20be31a7dc3512d2d0262/83cbf95e-9111-4976-aba3-d36043153f25/parcel/audio/88ad2533.mp4?r=dXM%3D&range=1683-75543
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.16/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.171 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-201-171.deploy.static.akamaitechnologies.com
Software: parcel /
Resource Hash: d27e42cc5c94d36d438077ebd97a113ad398705e34878377ff29ac3184c8947c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:39 GMT
x-vim-cachebc: EP:H11,E:m,TD0:m,CW:h
akamai-grn: 0.6bc82c17.1704185199.aaa1b790
origin-retrieved-hour: 1685062800
akamai-mon-iucid-del: 877678
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 73861
pragma: no-cache
last-modified: Sat, 21 May 2022 01:13:16 GMT
server: parcel
access-control-max-age: 86400
aka-c-hit: cache-hit
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: X-VIM-CACHEBC, Akamai-GRN, Akamai-Request-BC
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
akamai-request-bc: [a=23.44.200.107,b=2862725008,c=g,n=US_NJ_SECAUCUS,o=20940],[c=c,n=US_NY_NEWYORK,o=20940],[c=w,n=US_PA_PHILADELPHIA,o=20940]
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 segment-1.m4s Show response
150vod-adaptive.akamaized.net/exp=1704188798~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=3097cb556046860790c2e629b78427a3139b8abd16a20be31a7dc3512d2d0262/83cbf95e-9111-4976-aba3-d3604315... Frame AC5A 202 KB
203 KB 68ms
68ms XHR
video/mp4 23.44.201.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://150vod-adaptive.akamaized.net/exp=1704188798~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=3097cb556046860790c2e629b78427a3139b8abd16a20be31a7dc3512d2d0262/83cbf95e-9111-4976-aba3-d36043153f25/sep/video/ad5249af/chop/segment-1.m4s?r=dXM%3D
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.16/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.171 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-201-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1d6eca18a6398d8e9267b3ae6b1434393c48852b7f3e8f3631bf11562e05c29e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:39 GMT
x-vim-cachebc: EP:H11,E:m,TD0:m,CW:h
akamai-grn: 0.6bc82c17.1704185199.aaa1b7ee
using-starlord: true
origin-retrieved-hour: 1699948800
akamai-mon-iucid-del: 877678
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 206672
pragma: no-cache
accept-range: bytes
access-control-max-age: 86400
aka-c-hit: cache-hit
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: X-VIM-CACHEBC, Akamai-GRN, Akamai-Request-BC
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
akamai-request-bc: [a=23.44.200.107,b=2862725102,c=g,n=US_NJ_SECAUCUS,o=20940],[c=c,n=US_NY_NEWYORK,o=20940],[c=w,n=US_VA_ASHBURN,o=20940]
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 1436025415-ab83b97d720fb4b1b747e280c0925708193368a76edb3dee22f231cbd6bb5abd-d
i.vimeocdn.com/video/ Frame AC5A 15 KB
15 KB 16ms
16ms Image
image/avif 151.101.64.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1436025415-ab83b97d720fb4b1b747e280c0925708193368a76edb3dee22f231cbd6bb5abd-d?mw=600&mh=337
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b5887c95e4b30a1159dd6b12378becad4497db5fd8f3197ec3d771f0575243e4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:39 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 7
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 15026
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210108-DFW, cache-yul12830-YUL
x-timer: S1704185199.470237,VS0,VE0
etag: "eb6e23e7514a00f886456b0adb9528e5"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

POST
H3 200 partial
player-telemetry.vimeo.com/player-events/log/ Frame AC5A 0
12 B 52ms
51ms Ping
text/html 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://player-telemetry.vimeo.com/player-events/log/partial
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.16/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Tue, 02 Jan 2024 08:46:39 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8

POST
H3 200 player-stats
fresnel.vimeocdn.com/add/ Frame AC5A 0
11 B 46ms
45ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=4a2951f942eede47efc96e946b98943cb669fca31704185198
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.16/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Tue, 02 Jan 2024 08:46:39 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

General

Check archive.org

Show headers Download Go to

Full URL: https://150vod-adaptive.akamaized.net/exp=1704188798~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=3097cb556046860790c2e629b78427a3139b8abd16a20be31a7dc3512d2d0262/83cbf95e-9111-4976-aba3-d36043153f25/parcel/audio/88ad2533.mp4?r=dXM%3D&range=75544-149238
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.16/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.171 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-201-171.deploy.static.akamaitechnologies.com
Software: parcel /
Resource Hash: 2f72133f8d0ca5866b6870b81bbe28db103c455d8931892c7d9309d3981091cb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:40 GMT
x-vim-cachebc: EP:H11,E:m,TD0:m,CW:h
akamai-grn: 0.6bc82c17.1704185200.aaa1bbd8
origin-retrieved-hour: 1699394400
akamai-mon-iucid-del: 877678
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 73695
pragma: no-cache
last-modified: Sat, 21 May 2022 01:13:16 GMT
server: parcel
access-control-max-age: 86400
aka-c-hit: cache-hit
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: X-VIM-CACHEBC, Akamai-GRN, Akamai-Request-BC
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
akamai-request-bc: [a=23.44.200.107,b=2862726104,c=g,n=US_NJ_SECAUCUS,o=20940],[c=c,n=US_NJ_PISCATAWAY,o=20940],[c=w,n=US_FL_MIAMI,o=20940]
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 segment-2.m4s Show response
150vod-adaptive.akamaized.net/exp=1704188798~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=3097cb556046860790c2e629b78427a3139b8abd16a20be31a7dc3512d2d0262/83cbf95e-9111-4976-aba3-d3604315... Frame AC5A 221 KB
222 KB 124ms
124ms XHR
video/mp4 23.44.201.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://150vod-adaptive.akamaized.net/exp=1704188798~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=3097cb556046860790c2e629b78427a3139b8abd16a20be31a7dc3512d2d0262/83cbf95e-9111-4976-aba3-d36043153f25/sep/video/ad5249af/chop/segment-2.m4s?r=dXM%3D
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.16/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.171 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-201-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 54bb42d13be1b98cf12ad2552c9f87121709499e801e195b44798bed5fc827b0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:40 GMT
x-vim-cachebc: EP:H11,E:m,TD0:m,CW:h
akamai-grn: 0.6bc82c17.1704185200.aaa1bd38
using-starlord: true
origin-retrieved-hour: 1699948800
akamai-mon-iucid-del: 877678
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 226690
pragma: no-cache
accept-range: bytes
access-control-max-age: 86400
aka-c-hit: cache-hit
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: X-VIM-CACHEBC, Akamai-GRN, Akamai-Request-BC
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
akamai-request-bc: [a=23.44.200.107,b=2862726456,c=g,n=US_NJ_SECAUCUS,o=20940],[c=c,n=US_NJ_PISCATAWAY,o=20940],[c=w,n=US_IL_CHICAGO,o=20940]
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

General

Check archive.org

Show headers Download Go to

Full URL: https://150vod-adaptive.akamaized.net/exp=1704188798~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=3097cb556046860790c2e629b78427a3139b8abd16a20be31a7dc3512d2d0262/83cbf95e-9111-4976-aba3-d36043153f25/parcel/audio/88ad2533.mp4?r=dXM%3D&range=149239-222652
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.16/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.171 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-201-171.deploy.static.akamaitechnologies.com
Software: parcel /
Resource Hash: 1beed69cb7e5f0063e9018d413be0849d69df332b934ad87433efca76542eb79

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:40 GMT
x-vim-cachebc: EP:H11,E:m,TD0:m,CW:h
akamai-grn: 0.6bc82c17.1704185200.aaa1be4e
origin-retrieved-hour: 1685062800
akamai-mon-iucid-del: 877678
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 73414
pragma: no-cache
last-modified: Sat, 21 May 2022 01:13:16 GMT
server: parcel
access-control-max-age: 86400
aka-c-hit: cache-hit
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: X-VIM-CACHEBC, Akamai-GRN, Akamai-Request-BC
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
akamai-request-bc: [a=23.44.200.107,b=2862726734,c=g,n=US_NJ_SECAUCUS,o=20940],[c=c,n=US_NY_NEWYORK,o=20940],[c=w,n=US_VA_ASHBURN,o=20940]
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 segment-3.m4s Show response
150vod-adaptive.akamaized.net/exp=1704188798~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=3097cb556046860790c2e629b78427a3139b8abd16a20be31a7dc3512d2d0262/83cbf95e-9111-4976-aba3-d3604315... Frame AC5A 221 KB
222 KB 38ms
37ms XHR
video/mp4 23.44.201.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://150vod-adaptive.akamaized.net/exp=1704188798~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=3097cb556046860790c2e629b78427a3139b8abd16a20be31a7dc3512d2d0262/83cbf95e-9111-4976-aba3-d36043153f25/sep/video/ad5249af/chop/segment-3.m4s?r=dXM%3D
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.16/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.171 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-201-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 30aebcbcf590db346c881546d08d8a7f27f8f484eef67516a1be386ff8e6f1e8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:40 GMT
x-vim-cachebc: EP:H11,E:m,TD0:m,CW:h
akamai-grn: 0.6bc82c17.1704185200.aaa1bea2
using-starlord: true
origin-retrieved-hour: 1699948800
akamai-mon-iucid-del: 877678
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 226060
pragma: no-cache
accept-range: bytes
access-control-max-age: 86400
aka-c-hit: cache-hit
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: X-VIM-CACHEBC, Akamai-GRN, Akamai-Request-BC
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
akamai-request-bc: [a=23.44.200.107,b=2862726818,c=g,n=US_NJ_SECAUCUS,o=20940],[c=c,n=US_NJ_PISCATAWAY,o=20940],[c=w,n=US_NY_NEWYORK,o=20940]
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

General

Check archive.org

Show headers Download Go to

Full URL: https://150vod-adaptive.akamaized.net/exp=1704188798~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=3097cb556046860790c2e629b78427a3139b8abd16a20be31a7dc3512d2d0262/83cbf95e-9111-4976-aba3-d36043153f25/parcel/audio/88ad2533.mp4?r=dXM%3D&range=222653-296441
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.16/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.171 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-201-171.deploy.static.akamaitechnologies.com
Software: parcel /
Resource Hash: f00986848f9eac9da0ec0fd2501ea036292808e777618f3d92c75240c2320ffd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:46:40 GMT
x-vim-cachebc: EP:H11,E:m,TD0:m,CW:h
akamai-grn: 0.6bc82c17.1704185200.aaa1bee7
origin-retrieved-hour: 1685062800
akamai-mon-iucid-del: 877678
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 73789
pragma: no-cache
last-modified: Sat, 21 May 2022 01:13:16 GMT
server: parcel
access-control-max-age: 86400
aka-c-hit: cache-hit
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: X-VIM-CACHEBC, Akamai-GRN, Akamai-Request-BC
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
akamai-request-bc: [a=23.44.200.107,b=2862726887,c=g,n=US_NJ_SECAUCUS,o=20940],[c=c,n=US_NJ_SECAUCUS,o=20940],[c=w,n=US_IL_CHICAGO,o=20940]
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
441 B 47ms
46ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=BCz7esxECbQeRUaDJsYoCh&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=112.4000015258789,135.60000610351562,1,152.39999389648438
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 08:46:43 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: http://nordsterntales.com
X-Forwarded-For: 185.213.80.240
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00fl8kflnki4dopginug

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| LeadPagesCenterObject function| center object| sup

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-20 17:24:31	Name: view.vVHAqwQWtBPcHspQ4Z5AEe.kncE8Y9wNbNuKddXnAocf9 Value: 1704185199000
.vimeo.com/	1970-01-20 17:23:06	Name: __cf_bm Value: zKUJlQn_Cg8V6bOWdI0SVfuwmOExfEMC_zGFE0a8DyI-1704185198-1-AWOFASDVM+DjxohWpgX7/VG/srAOvALYWX6zEsjMuHOIKuD2TXFj5HbhgQeILFkhBeefvjKw1rCEbvgW74mQa6A=
js.center.io/	1970-01-21 02:59:05	Name: centerVisitorId Value: BiCfSXoi5rcMa5uyRCcoDm
.vimeo.com/	1970-01-21 02:10:07	Name: player Value: ""
.vimeo.com/	1970-01-21 02:59:05	Name: vuid Value: pl1913599240.814075979

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://vipaccess.lpages.co/_/js/nordstern-tales/ Message: Allow attribute will take precedence over 'allowfullscreen'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

150vod-adaptive.akamaized.net
api.leadpages.io
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
i.vimeocdn.com
js.center.io
lh3.googleusercontent.com
nordsterntales.com
player-telemetry.vimeo.com
player.vimeo.com
static.leadpages.net
vimeo.com
vipaccess.lpages.co
www.gstatic.com
151.101.64.217
162.159.138.60
172.217.13.138
172.217.13.161
172.217.13.163
172.217.13.195
199.232.38.109
216.239.38.21
23.44.201.171
34.107.203.240
34.120.202.204
35.192.151.63
35.202.21.90
71.19.248.80
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
0f0b26129db9ce2f9f4f677bbdc5f71b86da702f64a0b9a957d08a335294fe9f
1145a2f5b05b53ffc23553e16927833e89da2e9121e792afd9dff557a0d48de0
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
15ce592cfcc386be9148c2ccddca8456f4b26c6b86ec5f31a202cc76ee743454
1974198e6de8c9647e4a3a65438173297c923aa38cd916b874f882fdf92e64a3
19b1f3117de2206bcd5c5c434c61d237d9e873243eee00d9afbb805480838210
1beed69cb7e5f0063e9018d413be0849d69df332b934ad87433efca76542eb79
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d
1d6eca18a6398d8e9267b3ae6b1434393c48852b7f3e8f3631bf11562e05c29e
1e5e17eb63b8bebc4da4de6da30d91b95f5bb77190f4d38d5b43f58f6c8ce8c8
21eb0ef1c5f416bd7837e9bcf5c0ba1b026a9d56e5aed213871957ff442cae1d
2274a69a9e8a8d7844d36a5dad8b7899c95577f982afa50f0c43f906e7a1ea46
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
27de820851562733e48481880a581265611155295046c9e29385bd9ef9b87ebb
293780eae03e6e07fb89b7d172e5dbd18ac5070f5d96f7ea407e93179ac12ac3
2d7343b0a44f61a0667e6f270bc0169f0f853680349f095c2df499f4b898e47c
2e509715aa0aea6e8269e87428f4b65f9839e2517b80619dd13137ff2533a093
2f72133f8d0ca5866b6870b81bbe28db103c455d8931892c7d9309d3981091cb
2f8617d6b5f2bbd3d3fdba3ec4807017f891f209584d9179e05786d278d1d169
30aebcbcf590db346c881546d08d8a7f27f8f484eef67516a1be386ff8e6f1e8
3ae1400840e97c1d911115a6c0e0f1ff98d3ae41e40f09e27daa425cc514f183
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
42b73bbdee597951d2f36b518db5d68ea5605d7779b7dc8512208ca934535484
4470af4829bdc86c547134fa3a0b924bf6fa33567c1c33a777a9cc8fbf4b8942
4674585c2c5469ab0149f1616d5d697f8cacffe54d65e74f4cd863a79909a59f
4f340571151ada1f11e163f07252f8f61a60d14a79dcf60fe33589bdb576da1d
5260a6697e56dbe468218b871cef4bfd460ef18eb7b76d5dd32a3c0c625bd9e5
538c7067580f457dd3dd98ebaabeb19405c12bdd01674d3db8fd9948ee73c862
54bb42d13be1b98cf12ad2552c9f87121709499e801e195b44798bed5fc827b0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f51adc720ba79344ad8ef2fbf722ff0a2b2945068ea2344fa3dd31006971b34
7d7a125ba9a7521eea59f10046917cccce1d929ef716e312b67e84f1ac8d36ef
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e8ec02c11e45395b837c0abf7acec90a4f0d1f6f67424d50cf8ae7f59af8bf6
8f678762c804cbf81e0d898c55d923556b79cc9d7c66624d5d11b446c58733aa
91bcc0f032f9565d09168214753e3c97750479cbb294ce711434d304b36a83b8
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94312fa8b498e14ab0cbd1f737cbc8ed8592cbc020ed7de28d00ae632f7c2b33
9e422d47b467054b7e935f93b6608bda176699749cde0041e8e46e9ec543b93d
a29a97013ad393d493acb1e33515d103c2f6a2cf6634250faf7cc176720a6135
b5887c95e4b30a1159dd6b12378becad4497db5fd8f3197ec3d771f0575243e4
b75ee0fa7b2fc85897db05a369a4d23e19224f528b4f1b961359d7a07ef1c137
b81465146c58b22c011cf4e65ec3808e0514617f895c36962d100391b083a895
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
cba642c1c0c862aed406ef8ccc6b4eddadf35cc4937ebaddc376454b819e507d
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d27e42cc5c94d36d438077ebd97a113ad398705e34878377ff29ac3184c8947c
d54476ec4b8b3fb2861ff5eaf5025a0e6a1b4d351885353467ca240ac519ff09
daf51ab540602b2d0b87646621637bac38889bb34effb8a432ae739aca78b5c0
df5fb52efaea3bd1f0c2a48044fc1456232f99abba073556af9d803148f60019
e26d92147621a0bb2048596a33a693c9eb123a4a08302c8fe56078765f900b64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f568158e76180299863dfce0a914b29b6c344c9a98091937fa191bb2872c27
ec37e948878cd6f092ebda6f7714c1e6aeb677e07f183102f5f0861096080fa5
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
f00986848f9eac9da0ec0fd2501ea036292808e777618f3d92c75240c2320ffd
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9efd86c7e728eeca5ada46e63686e41ddfece4f5089dc37346840f85af0ca1e
fb856dccfb9a722fee139a6b0d9b3c59a2a2318b57de3fb3a56276f98acdb379

nordsterntales.com Open in urlscan Pro 71.19.248.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

72 Requests

97 %HTTPS

0 %IPv6

11 Domains

16 Subdomains

14 IPs

3 Countries

2171 kBTransfer

3484 kBSize

5 Cookies

17 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nordsterntales.com Open in urlscan Pro
71.19.248.80 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

97 %
HTTPS

0 %
IPv6

11
Domains

16
Subdomains

14
IPs

3
Countries

2171 kB
Transfer

3484 kB
Size

5
Cookies

72 HTTP transactions
0 data transactions