urlscan.io logo urlscan.io
SecurityTrails logo

www.norddulac.com Open in urlscan Pro
2a02:26f0:e300::5f64:924b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://norddulac.com/
Effective URL: https://www.norddulac.com/en/
Submission: On September 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 5 countries across 24 domains to perform 65 HTTP transactions. The main IP is 2a02:26f0:e300::5f64:924b, located in Prague, Czech Republic and belongs to AKAMAI-ASN1, NL. The main domain is www.norddulac.com.
TLS certificate: Issued by R11 on July 25th 2024. Valid for: 3 months.
This is the only time www.norddulac.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 15.197.248.202 16509 (AMAZON-02)
1 12 2a02:26f0:e30... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.53.42.121 20940 (AKAMAI-ASN1)
1 104.17.25.14 13335 (CLOUDFLAR...)
3 2606:2800:233... 15133 (EDGECAST)
11 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.215.23 16509 (AMAZON-02)
7 13.32.121.107 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:e30... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a02:26f0:e30... 20940 (AKAMAI-ASN1)
2 142.250.186.100 15169 (GOOGLE)
1 52.36.224.135 16509 (AMAZON-02)
1 54.235.20.127 14618 (AMAZON-AES)
2 157.240.0.6 32934 (FACEBOOK)
1 18.244.18.74 16509 (AMAZON-02)
1 207.211.31.64 14135 (NAVISITE-...)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 142.250.186.104 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.227 15169 (GOOGLE)
65 25
1    15.197.248.202 (United States)

ASN16509 (AMAZON-02, US)
PTR: a5e80539641d645da.awsglobalaccelerator.com
norddulac.com
12    2a02:26f0:e300::5f64:924b (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
www.norddulac.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    23.53.42.121 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-121.deploy.static.akamaitechnologies.com
s.ntv.io
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
cdn.jibestream.com
11    2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    143.204.215.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-23.fra53.r.cloudfront.net
static.themebuilder.aws.arc.pub
7    13.32.121.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-107.fra60.r.cloudfront.net
cloudfront-us-east-1.images.arcpublishing.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a02:26f0:e300:186::11a6 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
c.go-mpulse.net
684dd32c.akstat.io
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a02:26f0:e300::5f64:9253 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
brookfieldproperties-nord-du-lac-prod.web.arc-cdn.net
2    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
1    52.36.224.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-224-135.us-west-2.compute.amazonaws.com
postrelease.com
1    54.235.20.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-20-127.compute-1.amazonaws.com
jadserve.postrelease.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
1    18.244.18.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-74.fra56.r.cloudfront.net
virnhesf.micpn.com
1    207.211.31.64 (St. Cloud, United States)

ASN14135 (NAVISITE-EAST-2, US)
protect-us.mimecast.com
2    2606:4700:4400::6812:2927 (United States)

ASN13335 (CLOUDFLARENET, US)
action.dstillery.com
action.media6degrees.com
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
1    142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net
www.googletagmanager.com
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
www.google.de
Apex Domain
Subdomains		 Transfer
13 norddulac.com
norddulac.com
www.norddulac.com
1 MB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 554
149 KB
7 arcpublishing.com
cloudfront-us-east-1.images.arcpublishing.com — Cisco Umbrella Rank: 46969
284 KB
6 arc-cdn.net
brookfieldproperties-nord-du-lac-prod.web.arc-cdn.net
198 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 10
region1.analytics.google.com — Cisco Umbrella Rank: 3773
1 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
331 KB
3 jibestream.com
cdn.jibestream.com — Cisco Umbrella Rank: 444535
363 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
70 KB
2 postrelease.com
postrelease.com — Cisco Umbrella Rank: 1375
jadserve.postrelease.com — Cisco Umbrella Rank: 1508
602 B
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
238 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 2168
c.go-mpulse.net — Cisco Umbrella Rank: 906
50 KB
1 akstat.io
684dd32c.akstat.io — Cisco Umbrella Rank: 125798
228 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6716
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
256 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
1 media6degrees.com
action.media6degrees.com — Cisco Umbrella Rank: 16532
165 B
1 dstillery.com
action.dstillery.com — Cisco Umbrella Rank: 12871
581 B
1 mimecast.com
protect-us.mimecast.com — Cisco Umbrella Rank: 75766
1 micpn.com
virnhesf.micpn.com — Cisco Umbrella Rank: 467206
15 KB
1 arc.pub
static.themebuilder.aws.arc.pub — Cisco Umbrella Rank: 111884
3 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
2 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 5974
182 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
987 B
65 24
Domain Requested by
12 www.norddulac.com 1 redirects www.norddulac.com
11 cdn.cookielaw.org www.norddulac.com
cdn.cookielaw.org
7 cloudfront-us-east-1.images.arcpublishing.com www.norddulac.com
6 brookfieldproperties-nord-du-lac-prod.web.arc-cdn.net www.norddulac.com
3 www.googletagmanager.com www.norddulac.com
www.googletagmanager.com
3 cdn.jibestream.com www.norddulac.com
2 www.facebook.com www.norddulac.com
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 www.google.com www.norddulac.com
www.gstatic.com
1 684dd32c.akstat.io s.go-mpulse.net
1 www.google.de www.norddulac.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 c.go-mpulse.net s.go-mpulse.net
1 region1.google-analytics.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 action.media6degrees.com www.norddulac.com
1 action.dstillery.com 1 redirects
1 protect-us.mimecast.com www.norddulac.com
1 virnhesf.micpn.com www.norddulac.com
1 jadserve.postrelease.com s.ntv.io
1 postrelease.com s.ntv.io
1 fonts.gstatic.com fonts.googleapis.com
1 s.go-mpulse.net www.norddulac.com
1 static.themebuilder.aws.arc.pub www.norddulac.com
1 cdnjs.cloudflare.com www.norddulac.com
1 s.ntv.io www.norddulac.com
1 fonts.googleapis.com www.norddulac.com
1 norddulac.com 1 redirects
65 29

This site contains links to these domains. Also see Links.

Domain
www.brookfieldproperties.com
privacyportal-cdn.onetrust.com
www.onetrust.com
Subject Issuer Validity Valid
brookfieldproperties2.web.arc-cdn.net
R11		 2024-07-25 -
2024-10-23		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-31 -
2025-07-31		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
snib472gl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-26 -
2025-04-26		 a year crt.sh
cookielaw.org
WE1		 2024-08-13 -
2024-11-11		 3 months crt.sh
static.themebuilder.aws.arc.pub
Amazon RSA 2048 M02		 2024-06-08 -
2025-07-06		 a year crt.sh
*.images.arcpublishing.com
Amazon RSA 2048 M03		 2023-11-21 -
2024-12-19		 a year crt.sh
*.google-analytics.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-31 -
2025-07-31		 a year crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
web.arc-cdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-07-30		 a year crt.sh
*.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.postrelease.com
Amazon RSA 2048 M03		 2024-07-31 -
2025-08-30		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-12 -
2024-09-10		 3 months crt.sh
*.micpn.com
Amazon RSA 2048 M03		 2023-12-19 -
2025-01-16		 a year crt.sh
*.mimecast.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-30 -
2025-02-25		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.google.de
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.norddulac.com/en/
Frame ID: B235E2FB178259DF18202A9CD8B48BF0
Requests: 63 HTTP requests in this frame

Frame: https://postrelease.com/iframes/topics.html
Frame ID: FFCBCCD06242FA610D88115FBC45E08A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfjSZIpAAAAACUcPw2DGgq4nOiIsCD1yB3WuG3q&co=aHR0cHM6Ly93d3cubm9yZGR1bGFjLmNvbTo0NDM.&hl=de&v=WV-mUKO4xoWKy9M4ZzRyNrP_&size=invisible&cb=wevmhzmdxpxt
Frame ID: 4277267998CF63621D68C8E00DB7DD40
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nord du Lac - Shopping Mall in Covington, LA

Page URL History Show full URLs

  1. https://norddulac.com/ HTTP 301
    https://www.norddulac.com/ HTTP 301
    https://www.norddulac.com/en/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

65
Requests

98 %
HTTPS

50 %
IPv6

24
Domains

29
Subdomains

25
IPs

5
Countries

3199 kB
Transfer

11806 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://norddulac.com/ HTTP 301
    https://www.norddulac.com/ HTTP 301
    https://www.norddulac.com/en/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://action.dstillery.com/orbserv/nspix?adv=cl1024367&ns=3012&nc=https://www.norddulac.com/en/&u1=https://www.norddulac.com/en/&ncv=16 HTTP 302
  • https://action.media6degrees.com/orbserv/nspix?adv=cl1024367&ns=3012&nc=https://www.norddulac.com/en/&u1=https://www.norddulac.com/en/&ncv=16

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.norddulac.com/en/
Redirect Chain
  • https://norddulac.com/
  • https://www.norddulac.com/
  • https://www.norddulac.com/en/
752 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::5f64:924b Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
75d389508e7c85790e9fa9f25f75d2cf8abd9e263c060cfb26f854cb1088e8e2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=60
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Tue, 03 Sep 2024 16:05:47 GMT
etag
W/"bacb8-zzjREEyUGqh1Dfig6CAvifpkKZI"
expires
Tue, 03 Sep 2024 16:06:47 GMT
last-modified
Tue, 03 Sep 2024 16:05:47 GMT
server
openresty
server-timing
cdn-cache; desc=REVALIDATE edge; dur=280 origin; dur=718 ak_p; desc="1725379546578_1600426567_1288881537_99772_7604_46_0_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 43622 0 pmb=mRUM,2
x-arc-pb-request-id
dd5594c7-ed0c-4dbd-8670-510909e0d6d1 1a1fe581-84ab-4f8c-90ad-040dad0208b8
x-arc-request-id
0.4792645f.1725379546.4cd2c581
x-arc-ttl
-1

Redirect headers

cache-control
private, max-age=60
content-length
0
content-security-policy
upgrade-insecure-requests
date
Tue, 03 Sep 2024 16:05:46 GMT
expires
Tue, 03 Sep 2024 16:06:46 GMT
location
/en/
server
AkamaiGHost
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1725379546355_1600426567_1288881304_18_31994_45_128_255";dur=1
x-arc-request-id
0.4792645f.1725379546.4cd2c498
x-arc-ttl
-1
css2
fonts.googleapis.com/ 		7 KB
987 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=League+Spartan:wght@100;200;300;400;500;600&display=swap
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8fd9516a5859c49e2b03c6e4f15c97efe7fb93accc0d1539fba782dd29c0744a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 03 Sep 2024 16:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 03 Sep 2024 16:05:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 03 Sep 2024 16:05:47 GMT
mall-fonts.css
www.norddulac.com/pf/resources/css/ 		993 B
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.norddulac.com/pf/resources/css/mall-fonts.css?d=216
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::5f64:924b Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
110347faa0a515ba8b13aff2965dcf8e5b0d7dea44b788a5c90c3b420169e630
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.norddulac.com/en/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 16:05:47 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-server-side-encryption
AES256
x-arc-request-id
0.4792645f.1725379547.4cd2d289
server-timing
cdn-cache; desc=HIT, edge; dur=9, ak_p; desc="1725379547695_1600426567_1288884873_905_6997_46_0_255";dur=1
content-length
224
last-modified
Wed, 28 Aug 2024 02:34:44 GMT
server
openresty
etag
W/"5daba0f0325f403d2873719f1af1fc44"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-arc-ttl
31536000
cache-control
public, max-age=31536000
expires
Wed, 03 Sep 2025 16:05:47 GMT
MallMasterOutputType.css
www.norddulac.com/pf/dist/components/combinations/ 		300 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.norddulac.com/pf/dist/components/combinations/MallMasterOutputType.css?d=216
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::5f64:924b Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
55869ce425601aa2ff5ce1f1bfa0e98bafcd74fb447ee9e4ae3c25da3592bc80
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.norddulac.com/en/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 16:05:47 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-server-side-encryption
AES256
x-arc-request-id
0.4792645f.1725379547.4cd2d295
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1725379547704_1600426567_1288884885_136_5949_46_0_255";dur=1
content-length
35899
last-modified
Wed, 28 Aug 2024 02:34:45 GMT
server
openresty
etag
W/"96ad468378c59ef608cb2c20150c2caf"
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-arc-ttl
31536000
cache-control
public, max-age=31536000
expires
Wed, 03 Sep 2025 16:05:47 GMT
mall-master.css
www.norddulac.com/pf/dist/css/ 		1 MB
116 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.norddulac.com/pf/dist/css/mall-master.css?d=216
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::5f64:924b Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c94123cea38870fca140ad7ec2b28a7334fe492b725c99714929a87bdf146bf0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.norddulac.com/en/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 16:05:47 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Aug 2024 02:34:45 GMT
server
openresty
etag
W/"a7fc20267c077522257fc37bd75a3077"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-arc-request-id
0.4792645f.1725379547.4cd2d296
content-type
text/css; charset=utf-8
x-arc-ttl
31536000
cache-control
public, max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1725379547703_1600426567_1288884886_75_6233_46_0_255";dur=1
content-length
118082
expires
Wed, 03 Sep 2025 16:05:47 GMT
react.js
www.norddulac.com/pf/dist/engine/ 		557 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norddulac.com/pf/dist/engine/react.js?d=216
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::5f64:924b Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f5ecccae6e99445e43611277e8ea2f79bf3969b3d50473327ff831378996d612
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.norddulac.com/en/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 16:05:48 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Aug 2024 02:34:45 GMT
server
openresty
etag
W/"4eb08f01e4c7ae50823f2163d6dafbbb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-arc-request-id
0.4792645f.1725379548.4cd2da04
content-type
application/javascript; charset=utf-8
x-arc-ttl
31536000
cache-control
public, max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1725379548356_1600426567_1288886788_47_7205_53_0_146";dur=1
content-length
150023
expires
Wed, 03 Sep 2025 16:05:48 GMT
MallMasterOutputType.js
www.norddulac.com/pf/dist/components/combinations/ 		4 MB
931 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norddulac.com/pf/dist/components/combinations/MallMasterOutputType.js?d=216
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::5f64:924b Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
44e529a86566af99e1c256a6014a127ad5163007c280ca7b435a9a197b290bd7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.norddulac.com/en/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 16:05:48 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Aug 2024 02:34:45 GMT
server
openresty
etag
W/"cad597c01b8d03f6eab15959749782b9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-arc-request-id
0.4792645f.1725379548.4cd2dbe7
content-type
application/javascript; charset=utf-8
x-arc-ttl
31536000
cache-control
public, max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1725379548513_1600426567_1288887271_366_9345_45_0_146";dur=1
content-length
952859
expires
Wed, 03 Sep 2025 16:05:48 GMT
load.js
s.ntv.io/serve/ 		580 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-121.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d8d79b1a003fafc87e2ef3ddb63c07ed6afa45b900a3bc324ec163a39ef18bce

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Sep 2024 16:05:48 GMT
Content-Encoding
gzip
x-amz-request-id
DT9TQVRD04ARQS3V
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
2y27q6m+LVQJmcgnUBjH43GVPiaMptoKSdqr+utYCIsA4uGHxTeaSrJ+mmbVr6lZlJ8sdEVARRw=
Last-Modified
Fri, 30 Aug 2024 00:19:55 GMT
Server
AmazonS3
ETag
"8a56211162a4901e69dfd26942dfc28c"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/easing/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/easing/EasePack.min.js
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b28ed0d85790996c5ba8b672133fdd131e72085d657da84842aaedfa049aa7aa
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 16:05:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
482026
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1807
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-155b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k0FaA%2Fuy5qwtbWGW6YKrM%2Fe5QOBQH%2F3oGqfQT53NpxntiVBx%2FQPf5IT8WoiUeQV%2FBpuOpKrU%2FLdWjMTgQV%2Fshw1ITZv1QmjU2AGZ6FI8NbSe1joIraegvePHh0kMnTScJTngTW%2Fu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bd6fbbd8a69d2da-FRA
expires
Sun, 24 Aug 2025 16:05:47 GMT
jmap.min.js
cdn.jibestream.com/web/4.14.1/ 		991 KB
353 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jibestream.com/web/4.14.1/jmap.min.js
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CEF) / ASP.NET
Resource Hash
15b591a791461a7494a1da95f9272e61c14d4ef625260cd9d77d0bcd3f7d5339

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 16:05:48 GMT
content-encoding
gzip
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
ECAcc (frc/4CEF)
age
124250
etag
"d8ce2f4fff93d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
360812
navigationkit.js
cdn.jibestream.com/web/plugins/navigationkit/v1.2.0/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jibestream.com/web/plugins/navigationkit/v1.2.0/navigationkit.js
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBB) / ASP.NET
Resource Hash
07b881771c22b6ad3d4ff4a4409cdfee729ffcfb756330fd7446320c76499673

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 16:05:48 GMT
content-encoding
gzip
last-modified
Tue, 06 Mar 2018 20:12:54 GMT
server
ECAcc (frc/4CBB)
age
210041
etag
"a58fe98287b5d31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
6327
zonekit.js
cdn.jibestream.com/web/plugins/zonekit/v1.0.2/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jibestream.com/web/plugins/zonekit/v1.0.2/zonekit.js
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C96) / ASP.NET
Resource Hash
71b7f46f6e8eae97af36626ddfbd9987934cc16e67211bfa620a95a4d4a8f20d

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 16:05:48 GMT
content-encoding
gzip
last-modified
Tue, 18 Jul 2017 01:08:13 GMT
server
ECAcc (frc/4C96)
age
210934
etag
"1ae0ae5462ffd21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
3797
OtAutoBlock.js
cdn.cookielaw.org/consent/0fa106f2-851a-4a5a-92f7-d080431ffd52/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/0fa106f2-851a-4a5a-92f7-d080431ffd52/OtAutoBlock.js
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a92ba84e340a612e6a68c24af325d58af7956a591e5ea019a2901097790a5c71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Sep 2024 16:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
J07n6Rji75T6G1kQm1PBrg==
content-length
2145
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 21:51:57 GMT
server
cloudflare
etag
0x8DBA4EC56911E27
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
de13e6cb-d01e-000e-312d-d57f81000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bd6fbbdca61363c-FRA
expires
Wed, 04 Sep 2024 16:05:47 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Sep 2024 16:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
p+39a+/XEcZfNKybQjgXjA==
age
30157
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Mon, 02 Sep 2024 02:03:08 GMT
server
cloudflare
etag
0x8DCCAF364023741
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8433f79f-a01e-0089-3a68-fd2aae000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bd6fbbdca5e363c-FRA
expires
Wed, 04 Sep 2024 07:43:10 GMT
1709302248900.svg
static.themebuilder.aws.arc.pub/brookfieldproperties/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themebuilder.aws.arc.pub/brookfieldproperties/1709302248900.svg
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-23.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a4208dc610e7fad70e668b5dcd56510ece63f2fba71a7e3a13bb71cb9fce9f1
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 12:06:46 GMT
content-encoding
br
via
1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA53-C1
age
14343
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Mar 2024 14:10:50 GMT
server
AmazonS3
etag
W/"f77d1231e713412a9079d2606f40dd29"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
GCNKnyt9N4Pz_RLB2vJagGa6thqeD15-E-9Sx5k2I_yA3Z-0_xii_Q==
5LPAVD6QPFCHZCJD4QRRLI2PB4.png
cloudfront-us-east-1.images.arcpublishing.com/brookfieldproperties/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloudfront-us-east-1.images.arcpublishing.com/brookfieldproperties/5LPAVD6QPFCHZCJD4QRRLI2PB4.png
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50f748c9b4b036a46871ffa04ea0f2b7ef82c6394faeebae5481db56c742f4ff

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 12:06:45 GMT
x-amz-version-id
ltUb9iVvrWj0b2ppEnrihMxqRyRUK.qZ
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
age
14343
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
edge-cache-tag
photo-rv2-brookfieldproperties-prod-26,photo-rv2-brookfieldproperties-prod-png-26,photo-rv2-brookfieldproperties-prod-5LPAVD6QPFCHZCJD4QRRLI2PB4
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-length
1363
last-modified
Sun, 10 Mar 2024 00:15:10 GMT
server
AmazonS3
etag
"21ba8b4f90030a3a837f9c175b8c8bed"
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
z6p4BShOs7GnY4qpVmL6lWI1ceAybYBGpMcbhlKKCupyxrN9ffgxgw==
FIPEUK6IYJBCLEIQGYH3AQMRGA.png
cloudfront-us-east-1.images.arcpublishing.com/brookfieldproperties/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloudfront-us-east-1.images.arcpublishing.com/brookfieldproperties/FIPEUK6IYJBCLEIQGYH3AQMRGA.png
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
730d1fcdd17d4058d3a44375b24051d04f4b1e9717c99cf2f7f8b5bbb51f1971

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
NRfk3y2A5IpbV7emailLMSehOCdblqXv
date
Tue, 03 Sep 2024 16:05:49 GMT
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
edge-cache-tag
photo-rv2-brookfieldproperties-prod-90,photo-rv2-brookfieldproperties-prod-png-90,photo-rv2-brookfieldproperties-prod-FIPEUK6IYJBCLEIQGYH3AQMRGA
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-length
63394
last-modified
Tue, 30 Jan 2024 20:54:50 GMT
server
AmazonS3
etag
"07081d2e0b61003eaec2d9e22cdfd6c9"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
3VfiCNIFGenjR7H8JMCNtdSMvzy00QwD5d99A9XB4HsnzZT0fahXEw==
SG5TXAPW6BFGDNNTUMOQDGNDCU.jpeg
cloudfront-us-east-1.images.arcpublishing.com/brookfieldproperties/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloudfront-us-east-1.images.arcpublishing.com/brookfieldproperties/SG5TXAPW6BFGDNNTUMOQDGNDCU.jpeg
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f543331ba994a01d6f45b4af07bd62ef1bbea97d79eeb820eacb1f19006e515

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 12:06:45 GMT
x-amz-version-id
GjMM8mY0q6XIIrXlFFeC1l7q8P8KbEKz
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
age
14343
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
edge-cache-tag
photo-rv2-brookfieldproperties-prod-50,photo-rv2-brookfieldproperties-prod-jpeg-50,photo-rv2-brookfieldproperties-prod-SG5TXAPW6BFGDNNTUMOQDGNDCU
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-length
16461
last-modified
Sun, 10 Mar 2024 00:00:02 GMT
server
AmazonS3
etag
"b584db94c911f146a42520e172d0d878"
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
7cVtrZf2up0C7NDDkv0G-tjrn4_Lgh8L4MHu33g8jccRgGRwXXMuYA==
AEOHPQ4BNRER3NZWQHAUFENDC4.png
cloudfront-us-east-1.images.arcpublishing.com/brookfieldproperties/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloudfront-us-east-1.images.arcpublishing.com/brookfieldproperties/AEOHPQ4BNRER3NZWQHAUFENDC4.png
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6d4dcd73eedfff44df809d74c6ef1c56ce310f47713e6216b8568025eb2ef90

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 12:06:46 GMT
x-amz-version-id
fb0e5EQ.THbnzLJn64MOz2I9Y1OqWv8J
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
age
14342
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
edge-cache-tag
photo-rv2-brookfieldproperties-prod-13,photo-rv2-brookfieldproperties-prod-png-13,photo-rv2-brookfieldproperties-prod-AEOHPQ4BNRER3NZWQHAUFENDC4
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-length
74413
last-modified
Sun, 10 Mar 2024 00:17:26 GMT
server
AmazonS3
etag
"5658487e1a561e52ed4bb98560c7a6c7"
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
8IyNxokuiMLLb9WrUMHPVZX3R2Ox3EmaZpOZTcU11vCMlexbk915QA==
3BRSMDKM3BCDVFNLU4NU3PAXGY.jpg
cloudfront-us-east-1.images.arcpublishing.com/brookfieldproperties/ 		117 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloudfront-us-east-1.images.arcpublishing.com/brookfieldproperties/3BRSMDKM3BCDVFNLU4NU3PAXGY.jpg
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac350818830db89fee71c16d8e20ae3fb4169f8fcbf1a794e77f90a47f0fc29e

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 12:06:46 GMT
x-amz-version-id
jFUWYUTkcJsjqzTRn7wuQu8nOoq_qaIa
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
age
14343
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
edge-cache-tag
photo-rv2-brookfieldproperties-prod-74,photo-rv2-brookfieldproperties-prod-jpeg-74,photo-rv2-brookfieldproperties-prod-3BRSMDKM3BCDVFNLU4NU3PAXGY
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-length
120067
last-modified
Sun, 10 Mar 2024 00:09:55 GMT
server
AmazonS3
etag
"f762d347cd7f035aafbebde1d85b9f95"
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
59f9lfRQvJtDq3HoCUpyTaICll71ugQSEiTGcvqm9vKwJFg6fwsqLQ==
EFZWGUBSYFA6JOIOWN2VW4SWZQ.jfif
cloudfront-us-east-1.images.arcpublishing.com/brookfieldproperties/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloudfront-us-east-1.images.arcpublishing.com/brookfieldproperties/EFZWGUBSYFA6JOIOWN2VW4SWZQ.jfif
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
215e146ce02fbd3a5526a28c7500c377f4a452699d4d2079c39b10fb74f8044f

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 12:06:46 GMT
x-amz-version-id
oxreX6EFj87ZPYUlsoDPOuUbkgnY0Wp1
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
age
14343
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
edge-cache-tag
photo-rv2-brookfieldproperties-prod-1,photo-rv2-brookfieldproperties-prod-bad-1,photo-rv2-brookfieldproperties-prod-EFZWGUBSYFA6JOIOWN2VW4SWZQ
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-length
9541
last-modified
Wed, 06 Mar 2024 18:42:54 GMT
server
AmazonS3
etag
"e5309b3cc47442afc887606aa8d560f8"
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
QsPGVZJFjg7yCPkfdpN6f0YnPXDjyE-luM5Ei-7UkaGv9g7Xl7CHZQ==
gtm.js
www.googletagmanager.com/ 		489 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K29VGQGW
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b24c0af95643da4a69409f115edd0158015433edd13fb08a221a272260d8a3fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 16:05:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127420
x-xss-protection
0
last-modified
Tue, 03 Sep 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 03 Sep 2024 16:05:48 GMT
0fa106f2-851a-4a5a-92f7-d080431ffd52.json
cdn.cookielaw.org/consent/0fa106f2-851a-4a5a-92f7-d080431ffd52/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/0fa106f2-851a-4a5a-92f7-d080431ffd52/0fa106f2-851a-4a5a-92f7-d080431ffd52.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce1a1b202851f73d8e8cf2c226b9dec00875b57bcba9ebd93e92cf4561c1447c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Sep 2024 16:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
Sw5f5jV+fblxAfThVBahfw==
content-length
1482
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 21:50:43 GMT
server
cloudflare
etag
0x8DBA4EC2A5C3F5C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
724fd669-c01e-0052-0a5d-7c456b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bd6fbc2cdc84dc5-FRA
expires
Wed, 04 Sep 2024 16:05:48 GMT
HQTAN-VFP9Z-LL3SA-4S6ET-AKNAU
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/HQTAN-VFP9Z-LL3SA-4S6ET-AKNAU
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300:186::11a6 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 16:05:48 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__361fdb1__git__361fdb1__p19.alsi10-lite
last-modified
Thu, 25 Jul 2024 08:05:18 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
kJEqBuEW6A0lliaV_m88ja5TwvZwLZk.woff2
fonts.gstatic.com/s/leaguespartan/v11/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/leaguespartan/v11/kJEqBuEW6A0lliaV_m88ja5TwvZwLZk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=League+Spartan:wght@100;200;300;400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c5cfcbd829200ff3c2a547cdc10b61c27341e5af6b7a4434bbc6674e7b70b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.norddulac.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 17:30:05 GMT
x-content-type-options
nosniff
age
254143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24064
x-xss-protection
0
last-modified
Tue, 02 May 2023 16:09:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Aug 2025 17:30:05 GMT
SangBleuKingdom-Regular-WebS.woff
www.norddulac.com/pf/resources/fonts/SangBleuKingdom/Kingdom-Regular-S/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.norddulac.com/pf/resources/fonts/SangBleuKingdom/Kingdom-Regular-S/SangBleuKingdom-Regular-WebS.woff?d=216
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/pf/resources/css/mall-fonts.css?d=216
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::5f64:924b Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c12f0dfc1fb132b77c2a4c765ddc0e74f2f655afc9fdfebc35dbbe4c4a61eae8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.norddulac.com/pf/resources/css/mall-fonts.css?d=216
Origin
https://www.norddulac.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 16:05:48 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-server-side-encryption
AES256
x-arc-request-id
0.4792645f.1725379548.4cd2dd1d
server-timing
cdn-cache; desc=HIT, edge; dur=84, origin; dur=0, ak_p; desc="1725379548616_1600426567_1288887581_8341_7418_47_0_255";dur=1
content-length
26308
last-modified
Wed, 28 Aug 2024 02:34:44 GMT
server
openresty
etag
W/"64458b8c630fbe96505a7d09d97d6c25"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
font/woff
access-control-allow-origin
*, *
x-arc-ttl
31536000
cache-control
public, max-age=31536000
expires
Wed, 03 Sep 2025 16:05:48 GMT
KDQZABU4HRHB7DC7GHGUBVNA24.jpg
brookfieldproperties-nord-du-lac-prod.web.arc-cdn.net/resizer/v2/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brookfieldproperties-nord-du-lac-prod.web.arc-cdn.net/resizer/v2/KDQZABU4HRHB7DC7GHGUBVNA24.jpg?smart=true&auth=bcf4a3027cd72ccf269f29e2f505fcdf46ddf9bc8ce830c96dd084c76424d764&width=1508&height=1005
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::5f64:9253 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
ca5f890a2e05c7d1684ccc27e736e0e08f76e66b371312d8a2ed6cabcb4f5ac3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 03 Sep 2024 16:05:52 GMT
last-modified
Thu, 23 May 2024 16:03:21 GMT
server
Akamai Image Manager
x-serial
1375
etag
"74feb678d12acf2b4c979e1795a11a4c"
x-arc-request-id
0.4f92645f.1725379548.28965336
content-type
image/avif
x-arc-ttl
31536000
cache-control
private, no-transform, max-age=29397224
server-timing
cdn-cache; desc=HIT, edge; dur=501, origin; dur=0, ak_p; desc="1725379548812_1600426575_680940342_50240_2844186_52_0_219";dur=1
content-length
31225
expires
Sat, 09 Aug 2025 21:59:36 GMT
MWR3HVWRGFFMVJH3CSYKKPGVUE.jpg
brookfieldproperties-nord-du-lac-prod.web.arc-cdn.net/resizer/v2/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brookfieldproperties-nord-du-lac-prod.web.arc-cdn.net/resizer/v2/MWR3HVWRGFFMVJH3CSYKKPGVUE.jpg?smart=true&auth=9f149957434490e8bc66b3fa13f01977219e71d8d016b7cc4c8fcac3725f3852&width=1508&height=1004
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::5f64:9253 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7415ce458e35323efaed24bc804fdce131ca4a144a05efc9eb8d0ff787ce6edf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 03 Sep 2024 16:05:52 GMT
last-modified
Thu, 23 May 2024 16:03:20 GMT
server
Akamai Image Manager
x-serial
1834
etag
"73a22f2f3eaa52d28388ff0bc522ffa1"
x-arc-request-id
0.4f92645f.1725379548.28965338
content-type
image/avif
x-arc-ttl
31536000
cache-control
private, no-transform, max-age=30775655
server-timing
cdn-cache; desc=HIT, edge; dur=466, origin; dur=0, ak_p; desc="1725379548810_1600426575_680940344_46607_2850591_51_0_146";dur=1
content-length
61416
expires
Mon, 25 Aug 2025 20:53:27 GMT
QLS63LFMUJC33K4DXHSNZHWPXE.png
brookfieldproperties-nord-du-lac-prod.web.arc-cdn.net/resizer/v2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brookfieldproperties-nord-du-lac-prod.web.arc-cdn.net/resizer/v2/QLS63LFMUJC33K4DXHSNZHWPXE.png?smart=true&auth=a889ba85d976a4908b0d88c69b1924bb5fe050e222aa00d1d93c4868497897ef&width=150&height=150
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::5f64:9253 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
ac22dd706a2688d6bed7b58746cbd2f94646226205823de4c9fba0b141732b3b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 03 Sep 2024 16:05:52 GMT
last-modified
Thu, 20 Jun 2024 16:03:10 GMT
server
Akamai Image Manager
etag
"d9b482d9ba540179f0425cb3dda29e97"
x-arc-request-id
0.4f92645f.1725379548.28965335
content-type
image/avif
x-arc-ttl
31536000
cache-control
private, no-transform, max-age=29973679
server-timing
cdn-cache; desc=HIT, edge; dur=411, origin; dur=0, ak_p; desc="1725379548810_1600426575_680940341_41205_2847990_51_95_219";dur=1
content-length
1742
expires
Sat, 16 Aug 2025 14:07:11 GMT
TFH4T7KDVNDZBBK6G74WLPZTWE.png
brookfieldproperties-nord-du-lac-prod.web.arc-cdn.net/resizer/v2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brookfieldproperties-nord-du-lac-prod.web.arc-cdn.net/resizer/v2/TFH4T7KDVNDZBBK6G74WLPZTWE.png?smart=true&auth=61edaea48f2cdd321accb7c3b0c0b50cd2c25ff47cf1192531c1a104e7f86ac7&width=150&height=150
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::5f64:9253 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
78d9375f3e614f82ea6d1037a4f06a5115f3c7591529951d9358c9462ccb05e7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 03 Sep 2024 16:05:52 GMT
last-modified
Thu, 20 Jun 2024 16:03:10 GMT
server
Akamai Image Manager
etag
"c66c741bf9adcd71c045dd32eaf583dd"
x-arc-request-id
0.4f92645f.1725379548.28965334
content-type
image/avif
x-arc-ttl
31536000
cache-control
private, no-transform, max-age=31514251
server-timing
cdn-cache; desc=HIT, edge; dur=464, origin; dur=0, ak_p; desc="1725379548715_1600426575_680940340_46427_2845002_51_0_219";dur=1
content-length
1666
expires
Wed, 03 Sep 2025 10:03:23 GMT
7P3NYC5FFNFVZHYRUI4JCH2OF4.png
brookfieldproperties-nord-du-lac-prod.web.arc-cdn.net/resizer/v2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brookfieldproperties-nord-du-lac-prod.web.arc-cdn.net/resizer/v2/7P3NYC5FFNFVZHYRUI4JCH2OF4.png?smart=true&auth=fd83d336cabedae5eac9cf42dfdd04aab7faeec39ed7db7ba64ca96fc5241d09&width=150&height=150
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::5f64:9253 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
38b1f76c552cff9353b438073a8c90443942a5c7d26b17c82c7d1fcf3f2dff6d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 03 Sep 2024 16:05:52 GMT
last-modified
Thu, 20 Jun 2024 16:03:10 GMT
server
Akamai Image Manager
x-serial
1899
etag
"fe596fd427450b02c5eb3abfa9cd324c"
x-arc-request-id
0.4f92645f.1725379548.28965337
content-type
image/avif
x-arc-ttl
31536000
cache-control
private, no-transform, max-age=31420749
server-timing
cdn-cache; desc=HIT, edge; dur=745, origin; dur=0, ak_p; desc="1725379548810_1600426575_680940343_74504_2844692_45_0_146";dur=1
content-length
1620
expires
Tue, 02 Sep 2025 08:05:01 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202308.1.0/ 		411 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27ff6f8b30f633a9e1954d6cc94756127292aa99560255e414bbb75b37416594
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Sep 2024 16:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
2+I2Cj649lHjQKiedh8F2Q==
age
39705
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
101254
x-ms-lease-status
unlocked
last-modified
Wed, 25 Oct 2023 03:55:47 GMT
server
cloudflare
etag
0x8DBD50E45B16C1C
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6c1c0484-d01e-0095-66e7-99d136000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bd6fbc40a66363c-FRA
brookfield-collection
www.norddulac.com/pf/api/v3/content/fetch/ 		21 B
467 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.norddulac.com/pf/api/v3/content/fetch/brookfield-collection?query=%7B%22content_alias%22%3A%22home-whats-happening%22%7D&d=216&_website=nord-du-lac
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/pf/dist/engine/react.js?d=216
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::5f64:924b Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.norddulac.com/en/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id
5b54b147-a9ba-419d-a5ce-84c7e7ac6543
date
Tue, 03 Sep 2024 16:05:49 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 03 Sep 2024 12:06:47 GMT
server
openresty
etag
W/"15-/6VXivhc2MKdLfIkLcUE47K6aH0"
x-arc-request-id
0.4792645f.1725379549.4cd2e670
content-type
text/plain; charset=utf-8
x-arc-ttl
-1
cache-control
max-age=0
server-timing
cdn-cache; desc=MISS, edge; dur=443, origin; dur=124, ak_p; desc="1725379549343_1600426567_1288889968_56736_8022_55_0_219";dur=1
content-length
21
expires
Tue, 03 Sep 2024 16:05:49 GMT
brookfield-content
www.norddulac.com/pf/api/v3/content/fetch/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.norddulac.com/pf/api/v3/content/fetch/brookfield-content?query=%7B%22id%22%3A75%7D&d=216&_website=nord-du-lac
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/pf/dist/engine/react.js?d=216
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::5f64:924b Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e1436385bdec1b88f57e41d18aa15338a772d987e9b186e387588319d2771100
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.norddulac.com/en/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id
07825f88-5ec2-42bb-904d-ed0d7bb3b1d5, 07825f88-5ec2-42bb-904d-ed0d7bb3b1d5
content-encoding
gzip
date
Tue, 03 Sep 2024 16:05:50 GMT
last-modified
Tue, 03 Sep 2024 16:05:49 GMT
server
openresty
content-security-policy
upgrade-insecure-requests
etag
W/"1b00-3uKF+auPKpW/OoSoG2yGMLT5R1I"
vary
Accept-Encoding
x-arc-request-id
0.4792645f.1725379549.4cd2e68a
content-type
application/json; charset=utf-8
x-arc-ttl
300
cache-control
max-age=300
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=414, origin; dur=427, ak_p; desc="1725379549352_1600426567_1288889994_84108_7491_54_0_219";dur=1
content-length
1661
expires
Tue, 03 Sep 2024 16:10:50 GMT
enterprise.js
www.google.com/recaptcha/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6LfjSZIpAAAAACUcPw2DGgq4nOiIsCD1yB3WuG3q
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/pf/dist/components/combinations/MallMasterOutputType.js?d=216
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
ESF /
Resource Hash
5c4d4057bd10acfa38cba64bfc4b52a0598b3869774acc6b69caa53a44d97909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 16:05:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
expires
Tue, 03 Sep 2024 16:05:49 GMT
SYCIHFBMY5DELLC5N3F4H3RZ5M.jpg
brookfieldproperties-nord-du-lac-prod.web.arc-cdn.net/resizer/v2/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brookfieldproperties-nord-du-lac-prod.web.arc-cdn.net/resizer/v2/SYCIHFBMY5DELLC5N3F4H3RZ5M.jpg?auth=fbaec98d070db62a2c0e12e9a57c340552920a280656ecb26a5e0ff6a9d257c2&width=1170&height=500
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::5f64:9253 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
3f742a3a799c2cd339786b0c196152e7a04a43a8217e2ed1940c441108e4b96b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 03 Sep 2024 16:05:52 GMT
last-modified
Tue, 03 Sep 2024 14:21:34 GMT
server
Akamai Image Manager
x-serial
622
etag
"2eae2f6a6b00182c17797a415b9f191d"
x-arc-request-id
0.4f92645f.1725379549.28965a9f
content-type
image/avif
x-arc-ttl
31536000
cache-control
private, no-transform, max-age=31529739
server-timing
cdn-cache; desc=HIT, edge; dur=443, origin; dur=0, ak_p; desc="1725379549345_1600426575_680942239_44352_2313718_51_0_146";dur=1
content-length
101591
expires
Wed, 03 Sep 2025 14:21:31 GMT
topics.html
postrelease.com/iframes/ Frame FFCB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://postrelease.com/iframes/topics.html
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.224.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-224-135.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.norddulac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
582
content-type
text/html
date
Tue, 03 Sep 2024 16:05:50 GMT
etag
"ec22fdd2cd0ccf11c7761864efa96c06"
last-modified
Fri, 15 Mar 2024 21:34:47 GMT
server
AmazonS3
x-amz-id-2
fUWjyiYuEo/JrYYdguu+B1hajYmVqYXU+4lgwk8X4huT5cD5niyyANGONR3x2hfMcm93uPHr87k=
x-amz-request-id
3PD43C0P20QQKQFM
x-amz-server-side-encryption
AES256
t
jadserve.postrelease.com/ 		268 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.norddulac.com%2Fen%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.20.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-20-127.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f24d352fc8e0fbbfd349ef49e86d9317834abb3494be70b4513660803ff66c67

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 16:05:49 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
190
expires
Mon, 1 Jan 1990 12:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K29VGQGW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 03 Sep 2024 16:05:49 GMT
document-policy
force-load-at-top
x-fb-server-load
49
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58936
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=62, rtx=0, c=23, mss=1232, tbw=4432, tp=11, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
M6ZEpNt0Lc5oJgdxqnOdEFd/BGfdhtkK4SjiF0CZ1GFjELhL/iRLw6H3jFHxX7wZ4xTu6czU2oU7yDvhqpiXJg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		313 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DGMC6TDLS5&l=improvedGA4dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K29VGQGW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
489d10216f5b584a60c2dbcf11221fd0f4e3f6aeb3927a26ad0782dd8d892074
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 16:05:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106034
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Sep 2024 16:05:49 GMT
1.js
virnhesf.micpn.com/p/js/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://virnhesf.micpn.com/p/js/1.js
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-74.fra56.r.cloudfront.net
Software
/
Resource Hash
3522e80cbe82fbfb9c8a8dee8e13629d70d181194467cbe6dc705382f842ab55

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 16:05:49 GMT
content-encoding
gzip
via
1.1 ee56c180ebc0f0d7092e692f115e2808.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
p3p
policyref="https://movableink.com/w3c/p3p.xml", CP="DEVa PSAa PSDa IVAa IVDa OUR IND DSP NON COR NAV UNI"
cache-control
no-cache max-age=0
timing-allow-origin
https://www.norddulac.com
x-amz-cf-id
IpZgx5y5HHrelRcHFydPyy4OoG9RxCmuzrdJBde32_wchWYz5bDscQ==
x-uuid
daee191a-1843-43f0-a642-1a94424aad30
expires
Thu, 01 Dec 1994 16:00:00 GMT
GNNnCn5jzZfQ7y4jf4KQxW
protect-us.mimecast.com/s/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://protect-us.mimecast.com/s/GNNnCn5jzZfQ7y4jf4KQxW?domain=analytics.tiktok.com?sdkid=CG8BO8JC77U7T197LEPG&lib=ttq
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.211.31.64 St. Cloud, United States, ASN14135 (NAVISITE-EAST-2, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2024 16:05:49 GMT
Content-MD5
b23dd3970ad43775b2722cc4a3a99d81
Content-Type
*/*
Cache-control
no-store
x-mc-reasonphrase
0008 Call Quota Exceeded
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
161
nspix
action.media6degrees.com/orbserv/
Redirect Chain
  • https://action.dstillery.com/orbserv/nspix?adv=cl1024367&ns=3012&nc=https://www.norddulac.com/en/&u1=https://www.norddulac.com/en/&ncv=16
  • https://action.media6degrees.com/orbserv/nspix?adv=cl1024367&ns=3012&nc=https://www.norddulac.com/en/&u1=https://www.norddulac.com/en/&ncv=16
43 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://action.media6degrees.com/orbserv/nspix?adv=cl1024367&ns=3012&nc=https://www.norddulac.com/en/&u1=https://www.norddulac.com/en/&ncv=16
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Server
2606:4700:4400::6812:2927 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 16:05:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
access-control-allow-origin
*
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
cf-ray
8bd6fbcdc8be6ae1-FRA
content-length
43

Redirect headers

location
https://action.media6degrees.com/orbserv/nspix?adv=cl1024367&ns=3012&nc=https://www.norddulac.com/en/&u1=https://www.norddulac.com/en/&ncv=16
access-control-allow-origin
*
date
Tue, 03 Sep 2024 16:05:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8bd6fbcaed076ae1-FRA
content-type
text/html; charset=iso-8859-1
en.json
cdn.cookielaw.org/consent/0fa106f2-851a-4a5a-92f7-d080431ffd52/9b5b7236-44ba-4c7e-9f19-f99a62b7a054/ 		36 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/0fa106f2-851a-4a5a-92f7-d080431ffd52/9b5b7236-44ba-4c7e-9f19-f99a62b7a054/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bcbc47f1a48463417cd74715a791dd5028704834adfab1b864141813733097
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Sep 2024 16:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
U5Yv9Fh57OtgY6DwIwn6KQ==
content-length
10926
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 21:52:02 GMT
server
cloudflare
etag
0x8DBA4EC59A4EEB7
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b59fca71-a01e-008f-0237-7cb0e9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bd6fbcb58304dc5-FRA
expires
Wed, 04 Sep 2024 16:05:50 GMT
site-service-hierarchy
www.norddulac.com/pf/api/v3/content/fetch/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.norddulac.com/pf/api/v3/content/fetch/site-service-hierarchy?query=%7B%22feature%22%3A%22footer%22%2C%22hierarchy%22%3A%22footer-menu%22%7D&filter=%7Bchildren%7B_id%2Cchildren%7B_id%2Cdisplay_name%2Cname%2Cnode_type%2Curl%7D%2Cdisplay_name%2Cname%2Cnode_type%2Curl%7D%7D&d=216&_website=nord-du-lac
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/pf/dist/engine/react.js?d=216
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::5f64:924b Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e7d3df48b8a02fdfc201e2e51ede8515a90ed994001b5113397e183c48877649
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.norddulac.com/en/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id
e69986ad-500b-4bd6-900f-33b8b2f6e899, e69986ad-500b-4bd6-900f-33b8b2f6e899
content-encoding
gzip
date
Tue, 03 Sep 2024 16:05:50 GMT
last-modified
Tue, 03 Sep 2024 16:05:50 GMT
server
openresty
content-security-policy
upgrade-insecure-requests
etag
W/"52b-CSXI5jexA0V23LSEqGlCYpgLIV0"
vary
Accept-Encoding
x-arc-request-id
0.4792645f.1725379549.4cd2edfb
content-type
application/json; charset=utf-8
x-arc-ttl
300
cache-control
max-age=300
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=508, origin; dur=158, ak_p; desc="1725379549978_1600426567_1288891899_66632_8542_57_0_219";dur=1
content-length
575
expires
Tue, 03 Sep 2024 16:10:50 GMT
site-service-hierarchy
www.norddulac.com/pf/api/v3/content/fetch/ 		790 B
859 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.norddulac.com/pf/api/v3/content/fetch/site-service-hierarchy?query=%7B%22feature%22%3A%22footer%22%2C%22hierarchy%22%3A%22footer-submenu%22%2C%22sectionId%22%3A%22%22%7D&filter=%7Bchildren%7B_id%2Cchildren%7B_id%2Cdisplay_name%2Cname%2Cnode_type%2Curl%7D%2Cdisplay_name%2Cname%2Cnode_type%2Curl%7D%7D&d=216&_website=nord-du-lac
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/pf/dist/engine/react.js?d=216
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::5f64:924b Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e74fca6a7cf3d8eb8a0ecf805179185e30713cffc1f8030885c930c171d7f1bc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.norddulac.com/en/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id
b7ee269e-9efa-4b30-9269-a7f213a30491, b7ee269e-9efa-4b30-9269-a7f213a30491
content-encoding
gzip
date
Tue, 03 Sep 2024 16:05:50 GMT
last-modified
Tue, 03 Sep 2024 16:05:50 GMT
server
openresty
content-security-policy
upgrade-insecure-requests
etag
W/"316-2jrsEt3hVleFMs+e6kX2KTzm5pk"
vary
Accept-Encoding
x-arc-request-id
0.4792645f.1725379549.4cd2ee28
content-type
application/json; charset=utf-8
x-arc-ttl
300
cache-control
max-age=300
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=476, origin; dur=269, ak_p; desc="1725379549998_1600426567_1288891944_74517_8058_56_0_219";dur=1
content-length
338
expires
Tue, 03 Sep 2024 16:10:50 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/ 		539 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LfjSZIpAAAAACUcPw2DGgq4nOiIsCD1yB3WuG3q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e368d06d619da2ddbac62f83484f2b207601a2fd8ea86ee0ce8ab30855fe6fa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.norddulac.com/
Origin
https://www.norddulac.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 15:37:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
218560
x-xss-protection
0
last-modified
Mon, 26 Aug 2024 04:00:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 02 Sep 2025 15:37:25 GMT
2850415001939029
connect.facebook.net/signals/config/ 		64 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2850415001939029?v=2.9.166&r=stable&domain=www.norddulac.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
c462534be1884f1e84028089ada24ecf357cf447698c7dd19df199d794a43be1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 03 Sep 2024 16:05:50 GMT
document-policy
force-load-at-top
x-fb-server-load
41
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=68, mss=1232, tbw=67072, tp=64, tpl=0, uplat=266, ullat=0
pragma
public
x-fb-debug
eyp8uPc6zvhIU+Agn8rdsPaqzmshjcWOCongz1gknQ7i6OT4CSQHN8EEvnQT1bNuEx/IFJIVdTpcA4OHCdlfHA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202308.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Sep 2024 16:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
C2c3Qd8FHm1wstxOFHDJ2w==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Wed, 25 Oct 2023 03:55:37 GMT
server
cloudflare
etag
0x8DBD50E3F9DEF08
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
8493fbe9-e01e-002f-0d44-f412b0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bd6fbcdab224dc5-FRA
otPcTab.json
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202308.1.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef692caebb708b665def2aad3beab4eca949689636103edd74069a60d6da5d59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Sep 2024 16:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
W3M09FoULMOrbblf8iKnug==
age
13550
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13391
x-ms-lease-status
unlocked
last-modified
Wed, 25 Oct 2023 03:55:40 GMT
server
cloudflare
etag
0x8DBD50E412DA220
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b9414210-201e-005a-4337-7c5f64000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bd6fbcdab264dc5-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202308.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Sep 2024 16:05:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
x-ms-lease-status
unlocked
last-modified
Wed, 25 Oct 2023 03:55:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
04913ebd-801e-007b-3def-f9f83a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8bd6fbcdab274dc5-FRA
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DGMC6TDLS5&gtm=45je48s0v9122983464za200&_p=1725379550.358&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=79461264.1725379550&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725379550&sct=1&seg=0&dl=https%3A%2F%2Fwww.norddulac.com%2Fen%2F&dt=Nord%20du%20Lac%20-%20Shopping%20Mall%20in%20Covington%2C%20LA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.gtm_details=gtm.init%20%7C%20ver%3A%2036&ep.mall_name=Nord%20du%20Lac&tfd=4411
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DGMC6TDLS5&l=improvedGA4dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 16:05:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.norddulac.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		311 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9N5X2899P8&l=improvedGA4dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DGMC6TDLS5&l=improvedGA4dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f2c090aba302a04ae887dfc8436643feee5b4c6b2ed57a301361f8278d4e1ba2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 16:05:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105250
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Sep 2024 16:05:50 GMT
config.json
c.go-mpulse.net/api/ 		626 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=HQTAN-VFP9Z-LL3SA-4S6ET-AKNAU&d=www.norddulac.com&t=5751265&v=1.720.0&sl=0&si=90ba99b4-c767-48ac-91d2-e865494b1b0c-sj8vdm&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=1028518
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/HQTAN-VFP9Z-LL3SA-4S6ET-AKNAU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300:186::11a6 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
078e3b5a610496f6ebbec618b0153fc3f57158f0270eda853b4620d937462ee3

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 03 Sep 2024 16:05:50 GMT
cache-control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
626
content-type
application/json
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2850415001939029&ev=PageView&dl=https%3A%2F%2Fwww.norddulac.com%2Fen%2F&rl=&if=false&ts=1725379550625&sw=1600&sh=1200&v=2.9.166&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1725379550614.575006138824151850&ler=empty&cdl=API_unavailable&it=1725379550209&coo=false&tm=1&rqm=GET
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=10, mss=1297, tbw=2791, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 03 Sep 2024 16:05:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2850415001939029&ev=PageView&dl=https%3A%2F%2Fwww.norddulac.com%2Fen%2F&rl=&if=false&ts=1725379550625&sw=1600&sh=1200&v=2.9.166&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1725379550614.575006138824151850&ler=empty&cdl=API_unavailable&it=1725379550209&coo=false&tm=1&rqm=FGET
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Tue, 03 Sep 2024 16:05:51 GMT
document-policy
force-load-at-top
x-fb-server-load
42
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7410448742196599508", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=10, mss=1297, tbw=3109, tp=-1, tpl=-1, uplat=260, ullat=0
pragma
no-cache
x-fb-debug
SbIqSfwu5khJ/OqU95WalUpjRws9BnNeTaJq5p6B09H1Sst5jl7t7rXzNAtHVJ5hEO5y3xUoRYG+cRf6bT0Ujw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7410448742196599508"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
511 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Sep 2024 16:05:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status
unlocked
last-modified
Mon, 02 Sep 2024 02:03:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
048bed82-401e-00e5-3f52-fd817d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8bd6fbd1d8874dc5-FRA
ot_company_logo.png
cdn.cookielaw.org/logos/static/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Sep 2024 16:05:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
1804
content-length
4036
x-ms-lease-status
unlocked
last-modified
Mon, 02 Sep 2024 02:03:10 GMT
server
cloudflare
etag
0x8DCCAF3654532CB
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
3b4817f1-101e-00df-2a6e-fdc2de000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bd6fbd1fb5b363c-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Sep 2024 16:05:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
56765
x-ms-lease-status
unlocked
last-modified
Mon, 02 Sep 2024 02:03:10 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
8b710872-801e-00b7-3873-fd9c8f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8bd6fbd1fb5c363c-FRA
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9N5X2899P8&gtm=45je48s0v9129849591za200zb9122983464&_p=1725379551.139&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=79461264.1725379550&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725379551&sct=1&seg=0&dl=https%3A%2F%2Fwww.norddulac.com%2Fen%2F&dt=Nord%20du%20Lac%20-%20Shopping%20Mall%20in%20Covington%2C%20LA&en=page_view&_fv=1&_ss=1&_ee=1&ep.gtm_details=gtm.init%20%7C%20ver%3A%2036&ep.mall_name=Nord%20du%20Lac&tfd=5210
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9N5X2899P8&l=improvedGA4dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 16:05:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.norddulac.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9N5X2899P8&cid=79461264.1725379550&gtm=45je48s0v9129849591za200zb9122983464&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9N5X2899P8&l=improvedGA4dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 16:05:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.norddulac.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9N5X2899P8&cid=79461264.1725379550&gtm=45je48s0v9129849591za200zb9122983464&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1033969760
Requested by
Host: www.norddulac.com
URL: https://www.norddulac.com/en/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 16:05:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/enterprise/ Frame 4277 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfjSZIpAAAAACUcPw2DGgq4nOiIsCD1yB3WuG3q&co=aHR0cHM6Ly93d3cubm9yZGR1bGFjLmNvbTo0NDM.&hl=de&v=WV-mUKO4xoWKy9M4ZzRyNrP_&size=invisible&cb=wevmhzmdxpxt
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NeTSTR-8lTWfG4fdJSdeTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.norddulac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-NeTSTR-8lTWfG4fdJSdeTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Sep 2024 16:05:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
/
684dd32c.akstat.io/ 		0
228 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://684dd32c.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/HQTAN-VFP9Z-LL3SA-4S6ET-AKNAU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300:186::11a6 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 16:05:53 GMT
content-type
image/gif
access-control-allow-origin
https://www.norddulac.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
x-xss-protection
0
expires
Tue, 03 Sep 2024 16:05:53 GMT
Q5NQVIPSXJD45BQJXLP2QNV57M.png
cloudfront-us-east-1.images.arcpublishing.com/brookfieldproperties/ 		846 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cloudfront-us-east-1.images.arcpublishing.com/brookfieldproperties/Q5NQVIPSXJD45BQJXLP2QNV57M.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9560d3477fe7f82924a29fd5568528bf586c8624084f882c9ed9de8827238f51

Request headers

Referer
https://www.norddulac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
nFZAe0nzr6JBfnL2QAjoqRtSVsowA8vX
date
Tue, 03 Sep 2024 08:21:14 GMT
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
age
27880
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
edge-cache-tag
photo-rv2-brookfieldproperties-prod-36,photo-rv2-brookfieldproperties-prod-png-36,photo-rv2-brookfieldproperties-prod-Q5NQVIPSXJD45BQJXLP2QNV57M
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-length
846
last-modified
Tue, 05 Mar 2024 16:44:49 GMT
server
AmazonS3
etag
"28747c60ee6310ba14fd8c589f6f00aa"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
Ei9bcZ9umiBM3cr107DqZ8ddsRMiuo32tKvjnqRjiSPbxzyCK75zZA==

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| dataLayer object| _gsScope object| _gsQueue function| clearImmediate function| setImmediate object| regeneratorRuntime object| PIXI object| Tweeny function| Hammer object| jungle function| _ function| NavigationKit function| jmap-navigation-kit function| ZoneKit function| jmap-zone-kit function| OptanonWrapper object| BOOMR_mq string| BOOMR_API_key object| BOOMR object| Fusion object| react object| React object| ReactDOM object| PropTypes object| StyledComponents string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData function| MapUIKit function| onRecaptchaLoadCallback object| google_tag_manager object| google_tag_data number| ntvLoadStart object| ntv object| prdom object| onFocusEvents object| ntvData function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus function| fbq function| _fbq object| _fbq_gtm_ids function| improvedGA4 object| improvedGA4dataLayer string| u object| img string| MovableInkTrack function| mitr string| TiktokAnalyticsObject object| ttq function| checkTextContent number| intervalId function| onYouTubeIframeAPIReady function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| Optanon object| OneTrust object| gaGlobal object| recaptcha object| closure_lm_823404 number| BOOMR_onload

7 Cookies

Domain/Path Name / Value
.norddulac.com/ Name: _gcl_au
Value: 1.1.276558031.1725379549
.postrelease.com/ Name: opt_out
Value: 1
.norddulac.com/ Name: _ga_DGMC6TDLS5
Value: GS1.1.1725379550.1.0.1725379550.0.0.0
.norddulac.com/ Name: _ga
Value: GA1.1.79461264.1725379550
.norddulac.com/ Name: _fbp
Value: fb.1.1725379550614.575006138824151850
.norddulac.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Sep+03+2024+18%3A05%3A51+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=0d2f9cd9-c941-4b5d-9c97-8e69ae14262e&interactionCount=0&landingPath=https%3A%2F%2Fwww.norddulac.com%2Fen%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.norddulac.com/ Name: _ga_9N5X2899P8
Value: GS1.1.1725379551.1.0.1725379551.60.0.0

2 Console Messages

Source Level URL
Text
network error URL: https://www.norddulac.com/pf/api/v3/content/fetch/brookfield-collection?query=%7B%22content_alias%22%3A%22home-whats-happening%22%7D&d=216&_website=nord-du-lac
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://protect-us.mimecast.com/s/GNNnCn5jzZfQ7y4jf4KQxW?domain=analytics.tiktok.com?sdkid=CG8BO8JC77U7T197LEPG&lib=ttq
Message:
Failed to load resource: the server responded with a status of 429 (0008 Call Quota Exceeded)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

684dd32c.akstat.io
action.dstillery.com
action.media6degrees.com
brookfieldproperties-nord-du-lac-prod.web.arc-cdn.net
c.go-mpulse.net
cdn.cookielaw.org
cdn.jibestream.com
cdnjs.cloudflare.com
cloudfront-us-east-1.images.arcpublishing.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
jadserve.postrelease.com
norddulac.com
postrelease.com
protect-us.mimecast.com
region1.analytics.google.com
region1.google-analytics.com
s.go-mpulse.net
s.ntv.io
static.themebuilder.aws.arc.pub
stats.g.doubleclick.net
virnhesf.micpn.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.norddulac.com
104.17.25.14
13.32.121.107
142.250.181.227
142.250.186.100
142.250.186.104
143.204.215.23
15.197.248.202
157.240.0.6
18.244.18.74
2001:4860:4802:32::36
207.211.31.64
23.53.42.121
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:4400::6812:2927
2606:4700::6812:572a
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:82b::2008
2a00:1450:400c:c0b::9d
2a02:26f0:e300:186::11a6
2a02:26f0:e300::5f64:924b
2a02:26f0:e300::5f64:9253
2a03:2880:f176:84:face:b00c:0:25de
52.36.224.135
54.235.20.127
078e3b5a610496f6ebbec618b0153fc3f57158f0270eda853b4620d937462ee3
07b881771c22b6ad3d4ff4a4409cdfee729ffcfb756330fd7446320c76499673
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
110347faa0a515ba8b13aff2965dcf8e5b0d7dea44b788a5c90c3b420169e630
15b591a791461a7494a1da95f9272e61c14d4ef625260cd9d77d0bcd3f7d5339
215e146ce02fbd3a5526a28c7500c377f4a452699d4d2079c39b10fb74f8044f
27ff6f8b30f633a9e1954d6cc94756127292aa99560255e414bbb75b37416594
28bcbc47f1a48463417cd74715a791dd5028704834adfab1b864141813733097
3522e80cbe82fbfb9c8a8dee8e13629d70d181194467cbe6dc705382f842ab55
38b1f76c552cff9353b438073a8c90443942a5c7d26b17c82c7d1fcf3f2dff6d
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
3f742a3a799c2cd339786b0c196152e7a04a43a8217e2ed1940c441108e4b96b
44e529a86566af99e1c256a6014a127ad5163007c280ca7b435a9a197b290bd7
489d10216f5b584a60c2dbcf11221fd0f4e3f6aeb3927a26ad0782dd8d892074
50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8
50f748c9b4b036a46871ffa04ea0f2b7ef82c6394faeebae5481db56c742f4ff
55869ce425601aa2ff5ce1f1bfa0e98bafcd74fb447ee9e4ae3c25da3592bc80
5c4d4057bd10acfa38cba64bfc4b52a0598b3869774acc6b69caa53a44d97909
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
71b7f46f6e8eae97af36626ddfbd9987934cc16e67211bfa620a95a4d4a8f20d
730d1fcdd17d4058d3a44375b24051d04f4b1e9717c99cf2f7f8b5bbb51f1971
7415ce458e35323efaed24bc804fdce131ca4a144a05efc9eb8d0ff787ce6edf
75d389508e7c85790e9fa9f25f75d2cf8abd9e263c060cfb26f854cb1088e8e2
78d9375f3e614f82ea6d1037a4f06a5115f3c7591529951d9358c9462ccb05e7
7a4208dc610e7fad70e668b5dcd56510ece63f2fba71a7e3a13bb71cb9fce9f1
7c5cfcbd829200ff3c2a547cdc10b61c27341e5af6b7a4434bbc6674e7b70b66
8fd9516a5859c49e2b03c6e4f15c97efe7fb93accc0d1539fba782dd29c0744a
9560d3477fe7f82924a29fd5568528bf586c8624084f882c9ed9de8827238f51
9f543331ba994a01d6f45b4af07bd62ef1bbea97d79eeb820eacb1f19006e515
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a92ba84e340a612e6a68c24af325d58af7956a591e5ea019a2901097790a5c71
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac22dd706a2688d6bed7b58746cbd2f94646226205823de4c9fba0b141732b3b
ac350818830db89fee71c16d8e20ae3fb4169f8fcbf1a794e77f90a47f0fc29e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24c0af95643da4a69409f115edd0158015433edd13fb08a221a272260d8a3fd
b28ed0d85790996c5ba8b672133fdd131e72085d657da84842aaedfa049aa7aa
b6d4dcd73eedfff44df809d74c6ef1c56ce310f47713e6216b8568025eb2ef90
c12f0dfc1fb132b77c2a4c765ddc0e74f2f655afc9fdfebc35dbbe4c4a61eae8
c462534be1884f1e84028089ada24ecf357cf447698c7dd19df199d794a43be1
c94123cea38870fca140ad7ec2b28a7334fe492b725c99714929a87bdf146bf0
ca5f890a2e05c7d1684ccc27e736e0e08f76e66b371312d8a2ed6cabcb4f5ac3
ce1a1b202851f73d8e8cf2c226b9dec00875b57bcba9ebd93e92cf4561c1447c
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d8d79b1a003fafc87e2ef3ddb63c07ed6afa45b900a3bc324ec163a39ef18bce
e1436385bdec1b88f57e41d18aa15338a772d987e9b186e387588319d2771100
e368d06d619da2ddbac62f83484f2b207601a2fd8ea86ee0ce8ab30855fe6fa6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62
e74fca6a7cf3d8eb8a0ecf805179185e30713cffc1f8030885c930c171d7f1bc
e7d3df48b8a02fdfc201e2e51ede8515a90ed994001b5113397e183c48877649
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef692caebb708b665def2aad3beab4eca949689636103edd74069a60d6da5d59
f24d352fc8e0fbbfd349ef49e86d9317834abb3494be70b4513660803ff66c67
f2c090aba302a04ae887dfc8436643feee5b4c6b2ed57a301361f8278d4e1ba2
f5ecccae6e99445e43611277e8ea2f79bf3969b3d50473327ff831378996d612