hefamue.cyou Open in urlscan Pro
167.99.89.69 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hefamue.cyou/
Submission: On July 09 via api (July 9th 2024, 6:59:28 pm UTC) from US — Scanned from GB

Summary HTTP 171 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 31 domains to perform 171 HTTP transactions. The main IP is 167.99.89.69, located in Slough, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is hefamue.cyou.
TLS certificate: Issued by E5 on July 9th 2024. Valid for: 3 months.

This is the only time hefamue.cyou was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
64	167.99.89.69 167.99.89.69	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
25	151.101.65.181 151.101.65.181	54113 (FASTLY) (FASTLY)
1	3.160.150.14 3.160.150.14	16509 (AMAZON-02) (AMAZON-02)
1 3	89.207.16.75 89.207.16.75	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	23.212.222.60 23.212.222.60	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	52.216.33.24 52.216.33.24	16509 (AMAZON-02) (AMAZON-02)
1	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
2	2a02:26f0:350... 2a02:26f0:3500:892::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2.17.177.117 2.17.177.117	16625 (AKAMAI-AS) (AKAMAI-AS)
4	104.18.11.219 104.18.11.219	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.127.20.100 3.127.20.100	16509 (AMAZON-02) (AMAZON-02)
22	172.67.186.9 172.67.186.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.65.7 151.101.65.7	54113 (FASTLY) (FASTLY)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	3.64.189.227 3.64.189.227	16509 (AMAZON-02) (AMAZON-02)
7	18.245.46.13 18.245.46.13	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1	95.101.44.28 95.101.44.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223c:1400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
3	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
171	39

64 167.99.89.69 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)

hefamue.cyou	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 151.101.65.181 (San Francisco, United States)

ASN54113 (FASTLY, US)

scripts.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
keywords.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-14.fra60.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.207.16.75 (Amsterdam, Netherlands) 1 redirects

ASN41041 (VCLK-EU-SE, US)

www.anrdoezrs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.qksrv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.222.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-222-60.deploy.static.akamaitechnologies.com

www.yceml.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.33.24 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.36.158.100 (United States)

ASN54113 (FASTLY, US)

snippet.affilimatejs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:892::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.177.117 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-177-117.deploy.static.akamaitechnologies.com

chimpstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.11.219 (None, )

ASN13335 (CLOUDFLARENET, US)

scripts.stay22.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.stay22.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.20.100 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-20-100.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.67.186.9 (United States)

ASN13335 (CLOUDFLARENET, US)

www.turningleftforless.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.7 (San Francisco, United States)

ASN54113 (FASTLY, US)

privacy-center.fides.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.189.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-189-227.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.245.46.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-13.fra56.r.cloudfront.net

downloads.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.44.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-44-28.deploy.static.akamaitechnologies.com

mc.us17.list-manage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

rewardflightfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (San Francisco, United States)

ASN54113 (FASTLY, US)

faves.grow.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:1400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.195 (San Francisco, United States)

ASN54113 (FASTLY, US)

snippet.affilimate.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.66.49 (San Francisco, United States)

ASN54113 (FASTLY, US)

api.grow.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	hefamue.cyou hefamue.cyou	2 MB
27	mediavine.com scripts.mediavine.com — Cisco Umbrella Rank: 13405 privacy-center.fides.mediavine.com — Cisco Umbrella Rank: 13648 exchange.mediavine.com — Cisco Umbrella Rank: 2409 keywords.mediavine.com — Cisco Umbrella Rank: 17103	923 KB
22	turningleftforless.com www.turningleftforless.com	127 KB
7	mailchimp.com downloads.mailchimp.com — Cisco Umbrella Rank: 26625	107 KB
5	grow.me faves.grow.me — Cisco Umbrella Rank: 15808 api.grow.me — Cisco Umbrella Rank: 12537	83 KB
4	stay22.com scripts.stay22.com — Cisco Umbrella Rank: 63503 www.stay22.com — Cisco Umbrella Rank: 54031	65 KB
3	youtube.com www.youtube.com — Cisco Umbrella Rank: 82	11 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 279 stats.g.doubleclick.net — Cisco Umbrella Rank: 208	31 KB
3	google.com www.google.com — Cisco Umbrella Rank: 10 region1.analytics.google.com — Cisco Umbrella Rank: 3576	988 B
3	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 5273 log.pinterest.com — Cisco Umbrella Rank: 7533	19 KB
2	rewardflightfinder.com rewardflightfinder.com
2	gstatic.com fonts.gstatic.com www.gstatic.com	225 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 102	21 KB
2	qksrv.net www.qksrv.net — Cisco Umbrella Rank: 124128	333 B
2	wp.com stats.wp.com — Cisco Umbrella Rank: 4475 pixel.wp.com — Cisco Umbrella Rank: 4143	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 110	166 KB
2	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 5578 l.sharethis.com — Cisco Umbrella Rank: 6190	47 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 449	265 B
1	w.org s.w.org — Cisco Umbrella Rank: 5438	806 B
1	affilimate.io snippet.affilimate.io — Cisco Umbrella Rank: 57087	20 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 2117	644 B
1	list-manage.com mc.us17.list-manage.com — Cisco Umbrella Rank: 189610	9 KB
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 2321	10 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6500	63 B
1	chimpstatic.com chimpstatic.com — Cisco Umbrella Rank: 8927	2 KB
1	affilimatejs.com snippet.affilimatejs.com — Cisco Umbrella Rank: 105484	723 B
1	amazonaws.com s3.amazonaws.com	140 KB
1	yceml.net www.yceml.net — Cisco Umbrella Rank: 66714	1 KB
1	anrdoezrs.net 1 redirects www.anrdoezrs.net — Cisco Umbrella Rank: 51444	228 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 108	978 B
0	cloudfront.net Failed d31qbv1cthcecs.cloudfront.net Failed
171	31

	Domain	Requested by
64	hefamue.cyou	hefamue.cyou
24	scripts.mediavine.com	hefamue.cyou scripts.mediavine.com
22	www.turningleftforless.com	hefamue.cyou
7	downloads.mailchimp.com	chimpstatic.com downloads.mailchimp.com
3	api.grow.me	faves.grow.me
3	www.youtube.com	hefamue.cyou www.youtube.com
3	scripts.stay22.com	hefamue.cyou scripts.stay22.com
2	faves.grow.me	scripts.mediavine.com faves.grow.me
2	rewardflightfinder.com	hefamue.cyou
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.qksrv.net	www.anrdoezrs.net
2	www.google.com	hefamue.cyou www.gstatic.com
2	assets.pinterest.com	hefamue.cyou assets.pinterest.com
2	www.googletagmanager.com	hefamue.cyou www.googletagmanager.com
1	bam.nr-data.net	scripts.mediavine.com
1	log.pinterest.com	hefamue.cyou
1	s.w.org	hefamue.cyou
1	www.stay22.com	scripts.stay22.com
1	snippet.affilimate.io	snippet.affilimatejs.com
1	rules.quantcount.com	secure.quantserve.com
1	pixel.wp.com	hefamue.cyou
1	www.gstatic.com	www.google.com
1	fonts.gstatic.com	fonts.googleapis.com
1	mc.us17.list-manage.com	downloads.mailchimp.com
1	secure.quantserve.com	hefamue.cyou
1	www.google.de	hefamue.cyou
1	region1.analytics.google.com	www.googletagmanager.com
1	keywords.mediavine.com	scripts.mediavine.com
1	exchange.mediavine.com	scripts.mediavine.com
1	securepubads.g.doubleclick.net	scripts.mediavine.com
1	privacy-center.fides.mediavine.com	scripts.mediavine.com
1	l.sharethis.com	platform-api.sharethis.com
1	chimpstatic.com	hefamue.cyou
1	stats.wp.com	hefamue.cyou
1	snippet.affilimatejs.com	hefamue.cyou
1	s3.amazonaws.com	hefamue.cyou
1	www.yceml.net	hefamue.cyou
1	www.anrdoezrs.net	1 redirects
1	platform-api.sharethis.com	hefamue.cyou
1	fonts.googleapis.com	hefamue.cyou
0	d31qbv1cthcecs.cloudfront.net Failed	hefamue.cyou
171	42

This site contains links to these domains. Also see Links.

Domain
turningleftforless.com
www.facebook.com
twitter.com
www.pinterest.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
hefamue.cyou E5	`2024-07-09` - `2024-10-07`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.mediavine.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-03` - `2025-05-05`	a year	crt.sh
sharethis.com Amazon RSA 2048 M03	`2024-04-19` - `2025-05-17`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-05-25` - `2025-05-02`	a year	crt.sh
go.affilimate.com WR3	`2024-06-20` - `2024-09-18`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
www.qksrv.net GlobalSign RSA OV SSL CA 2018	`2023-09-21` - `2024-10-22`	a year	crt.sh
wildcardsan.us15.list-manage.com DigiCert TLS RSA SHA256 2020 CA1	`2024-06-28` - `2025-06-28`	a year	crt.sh
stay22.com E1	`2024-05-18` - `2024-08-16`	3 months	crt.sh
turningleftforless.com WE1	`2024-06-24` - `2024-09-22`	3 months	crt.sh
privacy-center.fides.mediavine.com Certainly Intermediate R1	`2024-07-07` - `2024-08-06`	a month	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2024-05-06` - `2025-06-04`	a year	crt.sh
downloads.mailchimp.com Amazon RSA 2048 M03	`2024-06-24` - `2025-07-22`	a year	crt.sh
*.google.de WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
quantserve.com R10	`2024-06-24` - `2024-09-22`	3 months	crt.sh
wildcardsan.list-manage.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-12` - `2024-09-11`	a year	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
rewardflightfinder.com E1	`2024-05-27` - `2024-08-25`	3 months	crt.sh
*.grow.me GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-06-03` - `2025-07-05`	a year	crt.sh
hafez.de WR3	`2024-06-15` - `2024-09-13`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://hefamue.cyou/
Frame ID: 136CC957FB4635033D0B538CA8881BD0
Requests: 167 HTTP requests in this frame

Frame: https://rewardflightfinder.com/search-widget
Frame ID: 3E9A6883A432F86C1559E253C2C971E1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeshZEUAAAAAJUg61eAy3kdY5YMKdDRaJV-q3bk&co=aHR0cHM6Ly9oZWZhbXVlLmN5b3U6NDQz&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=l63b3ymi8by
Frame ID: 22D95EFA27098BC30F963B4CEB63F211
Requests: 1 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/common.css
Frame ID: 909674CAA08FB94B97895F8CCD44DCBC
Requests: 2 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/common.css
Frame ID: 8567F156AF63CFF603EF1317A24CDFDE
Requests: 2 HTTP requests in this frame

Frame: https://rewardflightfinder.com/search-widget
Frame ID: D7FBC9136D3D1ECF3D67C6F8A7AC11CF
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TQR1N8z_Zpc?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fhefamue.cyou&widgetid=1
Frame ID: 38458EC0FF6B68D3E53A60398E8FE679
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Turning left for less - Champagne travel on a Prosecco budget

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
chimpstatic\.com/mcjs-connected

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

171
Requests

97 %
HTTPS

34 %
IPv6

31
Domains

42
Subdomains

39
IPs

6
Countries

4260 kB
Transfer

9346 kB
Size

39
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://turningleftforless.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.facebook.com/turningleftforless/

Search URL Search Domain Scan URL

URL: https://twitter.com/turningleftfor

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/turningleftforl/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=TQR1N8z_Zpc&t=12s
Title: https://www.youtube.com/watch?v=TQR1N8z_Zpc&t=12s

Search URL Search Domain Scan URL

URL: https://www.instagram.com/turningleftforless/
Title: turningleftforlessChampagne travel on a Prosecco budget. UK blog on how to travel in luxury for less. Forbes contributor. #avgeek #luxurytravel #miles #luxuryhotel

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C9AfjfQMyoH/
Title: Final night at @hyattregencykotorbayresort in a di

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C89P1KSMj7p/
Title: Lovely review now available on the blog on Movenpi

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C84-TO_Mj08/
Title: Another beautiful day at @hyattregencykotorbayreso

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C80MgnIM3vr/
Title: A great start to our trip exploring Montenegro and

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C8ZPT25M8_b/
Title: Stunning review posted to the blog on the Delano h

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C8XDPGEsxFr/
Title: Great fun with a #spitfire and #messerschmitt flig

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C7uFSKkMqaT/
Title: Beautiful views on my @southwestair flight yesterd

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C7gocc9Mj10/
Title: REVIEW: American Airlines business class B777-200

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C7gm9RSMxWd/
Title: REVIEW: Radisson RED Oslo Airport hotel @r

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C7G6NXWMjuw/
Title: Stunning review on the Intercontinental Hotel Phuk

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C600eOxsoA5/
Title: New review available on visiting Vilnius and Hotel

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C6QxYU5MfqP/
Title: REVIEW: New Malmaison Hotel Manchester Deansgate

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C6QwLWdM6Va/
Title: Beautiful review now available on the Forty Seven

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C6JBaHAMLib/
Title: Part 2 of the Singapore Airlines Business class -

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C6Gnx-TMf7L/
Title: REVIEW: Singapore Airlines Business class Part 1 -

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C6Ghw4lsNQ-/
Title: Gorgeous new review available: St Regis Dubai, The

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C53Ge-2sjdp/
Title: NEWS & OFFERS: BA change Avios part payment, 50% d

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C53FjdmM3C0/
Title: NEWS: New Virgin champagne, Airline diversions in

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C53Ec5uMckM/
Title: New offers and news now available on the blog: Ear

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C529rqWsO74/
Title: New reader review available on the stunning Interc

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://www.anrdoezrs.net/am/8288711/impressions/page/am.js HTTP 302
https://www.yceml.net/am_gen/8288711/impressions/page/am.js

171 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hefamue.cyou/ 200 KB
200 KB 168ms
43ms Document
text/html 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 36eccd25e922f2ef376422fee81b618917c57387cf6104f30fc191369b6c7784

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 204415
content-type: text/html; charset=UTF-8
date: Tue, 09 Jul 2024 18:59:21 GMT
last-modified: Tue, 09 Jul 2024 12:58:29 GMT
server: nginx/1.15.11

GET
H2 200 sbi-styles.min.css
hefamue.cyou/wp-content/plugins/instagram-feed/css/ 45 KB
46 KB 63ms
54ms Stylesheet
text/css 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.4.3
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 684e82d57e0e22cfe1ea891ae71a007654c2eb7e69ccca318351ee9d0e9cf644

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:21 GMT
last-modified: Tue, 09 Jul 2024 12:58:29 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 46555
content-type: text/css

GET
H2 200 style.min.css
hefamue.cyou/wp-includes/css/dist/block-library/ 111 KB
111 KB 64ms
56ms Stylesheet
text/css 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-includes/css/dist/block-library/style.min.css?ver=6.5.5
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:21 GMT
last-modified: Tue, 09 Jul 2024 12:58:29 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 113381
content-type: text/css

GET
H2 200 mediaelementplayer-legacy.min.css
hefamue.cyou/wp-includes/js/mediaelement/ 11 KB
11 KB 64ms
56ms Stylesheet
text/css 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:21 GMT
last-modified: Tue, 09 Jul 2024 12:58:29 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 11256
content-type: text/css

GET
H2 200 wp-mediaelement.min.css
hefamue.cyou/wp-includes/js/mediaelement/ 4 KB
4 KB 64ms
56ms Stylesheet
text/css 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.5.5
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:21 GMT
last-modified: Tue, 09 Jul 2024 12:58:29 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 4186
content-type: text/css

GET
H2 200 autoptimize_single_5484a14b7985d1d61caf30e343896f11.php
hefamue.cyou/wp-content/cache/autoptimize/ 4 KB
4 KB 64ms
56ms Stylesheet
text/css 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_5484a14b7985d1d61caf30e343896f11.php?ver=1667813913
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: db82fd7d887901886cd7b4e6d354cade4fe6705f9fa105b9074ea856bf78cd85

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:21 GMT
last-modified: Tue, 09 Jul 2024 12:58:29 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 3595
content-type: text/css; charset=utf-8

GET
H2 200 autoptimize_single_71b471adbb260bf02d7af802d6f5fcc6.php
hefamue.cyou/wp-content/cache/autoptimize/ 902 B
930 B 64ms
57ms Stylesheet
text/css 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_71b471adbb260bf02d7af802d6f5fcc6.php?ver=1667813913
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: b8f41b649537a954d81ea15e6e8fb78cb37bb477c2d639df7aa73e5f2f71733c

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:21 GMT
last-modified: Tue, 09 Jul 2024 12:58:29 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 902
content-type: text/css; charset=utf-8

GET
H2 200 autoptimize_single_64329f3ba44a4affd11b8135f8bd329b.php
hefamue.cyou/wp-content/cache/autoptimize/ 3 KB
3 KB 61ms
57ms Stylesheet
text/css 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_64329f3ba44a4affd11b8135f8bd329b.php?ver=1667813913
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: da3df6b0dac82dfec42c728ac48792128057ca6e52612e5052d3b19391cc010e

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:21 GMT
last-modified: Tue, 09 Jul 2024 12:58:29 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 3548
content-type: text/css; charset=utf-8

GET
H2 200 autoptimize_single_91569a8c31baf7264f74c0f100d9deb4.php
hefamue.cyou/wp-content/cache/autoptimize/ 3 KB
3 KB 61ms
57ms Stylesheet
text/css 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_91569a8c31baf7264f74c0f100d9deb4.php?ver=1667813913
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 3f7c946bb410e22a177889b5e12480cdd50353edb377796575ac3b5c46d45319

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:21 GMT
last-modified: Tue, 09 Jul 2024 12:58:29 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 3265
content-type: text/css; charset=utf-8

GET
H2 200 autoptimize_single_60dffd9a7ac8a43856094787d876fb1c.php
hefamue.cyou/wp-content/cache/autoptimize/ 4 KB
4 KB 61ms
57ms Stylesheet
text/css 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_60dffd9a7ac8a43856094787d876fb1c.php?ver=1667813913
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 6b80b000b912a8543acdf7cb222a87f3cb33a6d9299bc402e294bf2a5e749e74

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:21 GMT
last-modified: Tue, 09 Jul 2024 12:58:29 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 3824
content-type: text/css; charset=utf-8

GET
H2 200 autoptimize_single_b18c613c26317369191840c686727e95.php
hefamue.cyou/wp-content/cache/autoptimize/ 12 KB
12 KB 61ms
58ms Stylesheet
text/css 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_b18c613c26317369191840c686727e95.php?ver=1667813913
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: a85bbf1385399ae7378c4dd69210b2a2f058ed5bd29bf407c9150a2fcaa0a228

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:21 GMT
last-modified: Tue, 09 Jul 2024 12:58:29 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 12091
content-type: text/css; charset=utf-8

GET
H2 200 autoptimize_single_e970f101a164deb8f0c7c12027b2d632.php
hefamue.cyou/wp-content/cache/autoptimize/ 3 KB
3 KB 183ms
179ms Stylesheet
text/css 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_e970f101a164deb8f0c7c12027b2d632.php?ver=1667813913
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 7bc80ee33564d316de94f8d910c700f9d85e6332c9984423703af42d9981ab58

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:21 GMT
last-modified: Tue, 09 Jul 2024 12:58:29 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 2824
content-type: text/css; charset=utf-8

GET
H2 200 autoptimize_single_8f602c9c5ec413deea16b6b0dbcf1087.php
hefamue.cyou/wp-content/cache/autoptimize/ 18 KB
18 KB 184ms
181ms Stylesheet
text/css 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_8f602c9c5ec413deea16b6b0dbcf1087.php?ver=1667813913
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: b980de510153ccc22adad3566da7f145c28f084c085af2d43074bc546e23b317

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:21 GMT
last-modified: Tue, 09 Jul 2024 12:58:29 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 18852
content-type: text/css; charset=utf-8

GET
H2 200 autoptimize_single_b37ce9f182884bd9fb13d4b14b6df6c4.php
hefamue.cyou/wp-content/cache/autoptimize/ 8 KB
8 KB 184ms
181ms Stylesheet
text/css 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_b37ce9f182884bd9fb13d4b14b6df6c4.php?ver=1667813913
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: bdc2ebfd0807142b97008af83560052928ca99a5ab6965da22986fdc9907e985

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:21 GMT
last-modified: Tue, 09 Jul 2024 12:58:29 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 7845
content-type: text/css; charset=utf-8

GET
H2 200 autoptimize_single_3fd2afa98866679439097f4ab102fe0a.php
hefamue.cyou/wp-content/cache/autoptimize/ 2 KB
2 KB 186ms
183ms Stylesheet
text/css 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_3fd2afa98866679439097f4ab102fe0a.php?ver=5.9.6
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 13081d86b2f11a8db3398c0532fe59915f1fe03ffb4b9240d578c6a0b76a03eb

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:21 GMT
last-modified: Tue, 09 Jul 2024 12:58:31 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 2347
content-type: text/css; charset=utf-8

GET
H2 200 geotarget-public.min.css
hefamue.cyou/wp-content/plugins/geotargetingwp/public/css/ 25 KB
25 KB 184ms
181ms Stylesheet
text/css 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/plugins/geotargetingwp/public/css/geotarget-public.min.css?ver=6.5.5
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 751c3152934bf2df8ec036ad72cd8100c1b5260b539070d0f0a1f6be91aff5d9

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:31 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 25905
content-type: text/css

GET
H2 200 autoptimize_single_10af0c22d7cb5f5efa0019c42af558da.php
hefamue.cyou/wp-content/cache/autoptimize/ 1 KB
1 KB 184ms
182ms Stylesheet
text/css 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_10af0c22d7cb5f5efa0019c42af558da.php?ver=0.0.1
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 00cf6659824ed41fa936895cf6804eb7a895b27bf606c2a99d4bb92cd6a1955f

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:31 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 1178
content-type: text/css; charset=utf-8

GET
H2 200 style.min.css
hefamue.cyou/wp-content/plugins/social-warfare/assets/css/ 96 KB
96 KB 184ms
182ms Stylesheet
text/css 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/plugins/social-warfare/assets/css/style.min.css?ver=4.4.7.3
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 6aa736f40eaad43214fcf3866fa8b56f002668d2da78b570a758241ee44c0046

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:31 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 98415
content-type: text/css

GET
H2 200 autoptimize_single_acde1f0e00eaa578a1e92a7296c911be.php
hefamue.cyou/wp-content/cache/autoptimize/ 204 KB
204 KB 184ms
182ms Stylesheet
text/css 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_acde1f0e00eaa578a1e92a7296c911be.php?ver=6.5.5
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 66001596dc3e106bdf8fbcb15e48ee7606991aad8cf0f8c6847f30978d6e4540

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:31 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 208581
content-type: text/css; charset=utf-8

GET
H2 200 autoptimize_single_acde1f0e00eaa578a1e92a7296c911be.php
hefamue.cyou/wp-content/cache/autoptimize/ 204 KB
204 KB 184ms
182ms Stylesheet
text/css 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_acde1f0e00eaa578a1e92a7296c911be.php?ver=7.1.4.1665461876
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 66001596dc3e106bdf8fbcb15e48ee7606991aad8cf0f8c6847f30978d6e4540

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:31 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 208581
content-type: text/css; charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ 2 KB
978 B 177ms
62ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A500&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cvietnamese&display=swap&ver=7.1.4.1665461876

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a5e06820ae6a362b909822b0e75a5813e2c88d27b949ad2929b9327f2b3922a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jul 2024 18:59:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 18:59:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jul 2024 18:59:22 GMT

GET
H2 200 autoptimize_single_86b31c00d881f97411782be00e47ddb4.php
hefamue.cyou/wp-content/cache/autoptimize/ 107 KB
107 KB 184ms
182ms Stylesheet
text/css 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_86b31c00d881f97411782be00e47ddb4.php?ver=13.6
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: cf5ec94418985157e19aeccf148862eb21a62c5a66a94ead08dde6fc41170b02

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:31 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 109186
content-type: text/css; charset=utf-8

GET
H2 200 jquery.min.js Show response
hefamue.cyou/wp-includes/js/jquery/ 86 KB
86 KB 184ms
182ms Script
application/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:31 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 87553
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
hefamue.cyou/wp-includes/js/jquery/ 13 KB
13 KB 185ms
183ms Script
application/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:31 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 13577
content-type: application/javascript

GET
H2 200 turning-left-for-less.js Show response
scripts.mediavine.com/tags/ 168 KB
33 KB 218ms
63ms Script
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/tags/turning-left-for-less.js?ver=6.5.5

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

54a504534926ac56a180a12fcc5f4ee930dfbacd07fdc56cc7e3e12af0114f2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 683039
x-powered-by: Express
x-cache: HIT, HIT
content-length: 33093
x-served-by: cache-iad-kcgs7200133-IAD, cache-fra-etou8220047-FRA
x-timer: S1720551563.786173,VS0,VE1
etag: W/"2a07b-pZoXlZ0BlgXBfCYucqr6Kj1QzhQ"
vary: gdpr=1, country=EU, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
accept-ranges: bytes
x-cache-hits: 5, 0

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 206 KB
46 KB 177ms
60ms Script
text/javascript 3.160.150.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-14.fra60.r.cloudfront.net

Software

Resource Hash

98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:56:37 GMT
content-encoding: gzip
via: 1.1 f2a51982e289d888963f4f93b48c5f22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P7
age: 165
etag: W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: zEj-A4d46fDaX2B1znjp79AWSqwQc3OXgtPAZ7MYVic2rrVf_4K1gg==

GET
H/1.1

200
OK

am.js Show response
www.yceml.net/am_gen/8288711/impressions/page/
Redirect Chain

https://www.anrdoezrs.net/am/8288711/impressions/page/am.js
https://www.yceml.net/am_gen/8288711/impressions/page/am.js

3 KB
1 KB

231ms
95ms

Script
text/javascript

23.212.222.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yceml.net/am_gen/8288711/impressions/page/am.js
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: HTTP/1.1
Server: 23.212.222.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-222-60.deploy.static.akamaitechnologies.com
Software: Resin/4.0.66 /
Resource Hash: bfda294ab6ad68db71c8f151df47e02a49b5530ba878ad74ab9be1b5f970c3a9

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 18:59:22 GMT
Content-Encoding: gzip
Server: Resin/4.0.66
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
X-VC-HTTPS: On
Cache-Control: max-age=29926
Connection: keep-alive
Content-Length: 1007
Expires: Wed, 10 Jul 2024 03:18:08 GMT

Redirect headers

Location: https://www.yceml.net/am_gen/8288711/impressions/page/am.js
Date: Tue, 09 Jul 2024 18:59:22 GMT
X-VC-HTTPS: On
Server: Resin/4.0.66
Content-Length: 97
Content-Type: text/html; charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
76 KB 218ms
96ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-88381644-1

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b2352fc90aadf02315b6a2c332f359f5663f98059e56e4b73ea6baa02a73448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77040
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jul 2024 18:59:22 GMT

GET
H2 404 leftforless.jpg
hefamue.cyou/wp-content/uploads/2022/10/ 139 B
139 B 357ms
355ms Image
text/html 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hefamue.cyou/wp-content/uploads/2022/10/leftforless.jpg
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 3c57c3917aa04277fe1a2b6763e6668a03162f1176feef126204b20ce1412182

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
server: nginx/1.15.11
content-length: 139
content-type: text/html

GET
H2 200 leftforless-1.jpg
hefamue.cyou/wp-content/uploads/2022/10/ 22 KB
22 KB 184ms
183ms Image
image/jpeg 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hefamue.cyou/wp-content/uploads/2022/10/leftforless-1.jpg
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 56800bb9208eaa19294acbc4008cc2c6f96e95fd262b620c44da32b6f8f2301d

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:48 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 22866
content-type: image/jpeg

GET
H2 200 wing-avios-1-1024x590.jpg
hefamue.cyou/wp-content/uploads/2022/02/ 62 KB
62 KB 184ms
183ms Image
image/jpeg 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hefamue.cyou/wp-content/uploads/2022/02/wing-avios-1-1024x590.jpg
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 3622df8df3ede6ddefd995acf32ded83a2ec5f2fd2edd0b25d321844d8adb9a4

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:48 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 63600
content-type: image/jpeg

GET
H2 200 16-9-july-sale-2024-double-avios_16-9.avif
hefamue.cyou/wp-content/uploads/2024/07/ 81 KB
81 KB 227ms
223ms Image
image/avif 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hefamue.cyou/wp-content/uploads/2024/07/16-9-july-sale-2024-double-avios_16-9.avif
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: b6472537bb5d9d9e5354123e8581ee3427ef0677066297742e46533a58d278bc

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:48 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 82567
content-type: image/avif

GET
H2 200 AdobeStock_249521070-768x505.jpeg
hefamue.cyou/wp-content/uploads/2021/04/ 67 KB
67 KB 227ms
223ms Image
image/jpeg 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hefamue.cyou/wp-content/uploads/2021/04/AdobeStock_249521070-768x505.jpeg
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: c04b19d6164eeb32f19f589f46a309f571fae6a472f643e2bb19463d578a2521

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:48 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 68746
content-type: image/jpeg

GET
H/1.1 200
OK mc-validate.js Show response
s3.amazonaws.com/downloads.mailchimp.com/js/ 140 KB
140 KB 380ms
141ms Script
application/javascript 52.216.33.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.33.24 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 18:59:23 GMT
Last-Modified: Mon, 20 Aug 2018 17:42:38 GMT
Server: AmazonS3
x-amz-request-id: 3CZ3X4GWNQMFXEVR
ETag: "6465dd4a8331265e6629cd069e03504c"
Content-Type: application/javascript
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
Content-Length: 143249
x-amz-id-2: FjCmrqpxUi/zCpDCBAhAFpF1N5/gXYYMOebkjVxAGpDMWGsamb0ugFE0UtvRd1EobOyXh+SojiI=

GET
H2 200 placeholder.png
hefamue.cyou/wp-content/plugins/instagram-feed/img/ 176 B
214 B 224ms
220ms Image
image/png 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hefamue.cyou/wp-content/plugins/instagram-feed/img/placeholder.png
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:48 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 176
content-type: image/png

GET
BLOB 200
OK 92c6283a-c32a-4bfe-9d99-5643607a6e63
https://hefamue.cyou/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hefamue.cyou/92c6283a-c32a-4bfe-9d99-5643607a6e63
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 email-decode.min.js Show response
hefamue.cyou/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 47ms
46ms Script
application/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:31 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 1239
content-type: application/javascript

GET
H2 200 / Show response
snippet.affilimatejs.com/ 842 B
723 B 216ms
100ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://snippet.affilimatejs.com/

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1d053a5d4a0a9af2e14a71ef11ba4a7815a3ac98cf4a49dcc5e8fb872ca3a6b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220060-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 17:22:04 GMT
x-timer: S1720551563.751505,VS0,VE29
etag: "974fa76ea3cbd2bb0663bfaab87f2a6a927165867d3d6206f84c216dfcd1cc3d-br"
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 372
x-cache-hits: 0

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
444 B 237ms
52ms Script
application/javascript 2a02:26f0:3500:892::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:892::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=168
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 203

GET
H2 200 autoptimize_single_efc27e253fae1b7b891fb5a40e687768.php Show response
hefamue.cyou/wp-content/cache/autoptimize/ 11 KB
11 KB 44ms
44ms Script
text/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_efc27e253fae1b7b891fb5a40e687768.php?ver=5.9.6
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 11513
content-type: text/javascript; charset=utf-8

GET
H2 200 autoptimize_single_917602d642f84a211838f0c1757c4dc1.php Show response
hefamue.cyou/wp-content/cache/autoptimize/ 13 KB
13 KB 53ms
47ms Script
text/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_917602d642f84a211838f0c1757c4dc1.php?ver=5.9.6
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 13054
content-type: text/javascript; charset=utf-8

GET
H2 200 geotarget-public.js Show response
hefamue.cyou/wp-content/plugins/geotargetingwp/public/js/ 24 KB
24 KB 53ms
47ms Script
application/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/plugins/geotargetingwp/public/js/geotarget-public.js?ver=3.5.1.3
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 7b60162c61975a0e69e84375f5252acc1707f791a4ccfff8cff0abd048d1b869

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 24421
content-type: application/javascript

GET
H2 200 selectize.min.js Show response
hefamue.cyou/wp-content/plugins/geotargetingwp/public/js/min/ 43 KB
43 KB 55ms
49ms Script
application/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/plugins/geotargetingwp/public/js/min/selectize.min.js?ver=3.5.1.3
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: d9d7569f8a4aeb17823989198c5588085e6160879e909de72024b37202aab408

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 44228
content-type: application/javascript

GET
H2 200 autoptimize_single_27b0dc2f338875a59ce815367b703646.php Show response
hefamue.cyou/wp-content/cache/autoptimize/ 5 KB
5 KB 57ms
51ms Script
text/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_27b0dc2f338875a59ce815367b703646.php?ver=3.11.2
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: cfdc52d688c16a02b9dd455bdf7571a7facd26bed96f87240d0a1bfdcfaefb8e

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 4895
content-type: text/javascript; charset=utf-8

GET
H2 200 autoptimize_single_549a03e026d821e0a0b786edf4c15960.php Show response
hefamue.cyou/wp-content/cache/autoptimize/ 2 KB
2 KB 57ms
52ms Script
text/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_549a03e026d821e0a0b786edf4c15960.php?ver=1.8.3
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 683a4ba894963b7d3a386842dbfc7e9e7ec80f0027c240d4dc5ec673f6a64769

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 1903
content-type: text/javascript; charset=utf-8

GET
H2 200 script.min.js Show response
hefamue.cyou/wp-content/plugins/social-warfare/assets/js/ 21 KB
21 KB 58ms
52ms Script
application/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/plugins/social-warfare/assets/js/script.min.js?ver=4.4.7.3
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 0d16fd6a34517f29f62a8248d8fd9fc57748cdeee291a9f26e221ad9224bfad7

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 21773
content-type: application/javascript

GET
H2 200 imagesloaded.min.js Show response
hefamue.cyou/wp-includes/js/ 5 KB
5 KB 57ms
52ms Script
application/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 5520
content-type: application/javascript

GET
H2 200 owl.carousel.min.js Show response
hefamue.cyou/wp-content/themes/authentic/js/ 43 KB
43 KB 57ms
53ms Script
application/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/themes/authentic/js/owl.carousel.min.js?ver=2.3.4
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 44342
content-type: application/javascript

GET
H2 200 autoptimize_single_85a4d9114f41a7e9b53c955b8e827e47.php Show response
hefamue.cyou/wp-content/cache/autoptimize/ 6 KB
6 KB 58ms
53ms Script
text/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_85a4d9114f41a7e9b53c955b8e827e47.php?ver=0.2.0
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 2f86770d5cbb970bb5c21159bb4fe43379ad386dabbcdfe5eb211ff4d79b5994

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 5893
content-type: text/javascript; charset=utf-8

GET
H2 200 ofi.min.js Show response
hefamue.cyou/wp-content/themes/authentic/js/ 3 KB
3 KB 221ms
215ms Script
application/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/themes/authentic/js/ofi.min.js?ver=3.2.4
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 37217cfedb39356d2a0fd317e4a8ee87d225f4364e3afc7473ab5a8e7d97ec64

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 3291
content-type: application/javascript

GET
H2 200 jarallax.min.js Show response
hefamue.cyou/wp-content/themes/authentic/js/ 15 KB
15 KB 221ms
216ms Script
application/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/themes/authentic/js/jarallax.min.js?ver=1.10.5
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: c5d5c870a8cbf1cbf6ed11b64fcdcd3bd9469e757b27de7c43113026bcdac23a

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 15498
content-type: application/javascript

GET
H2 200 jarallax-video.min.js Show response
hefamue.cyou/wp-content/themes/authentic/js/ 17 KB
17 KB 221ms
216ms Script
application/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/themes/authentic/js/jarallax-video.min.js?ver=1.10.5
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: a27cd454a79b5036e0169cea6e189e0d5d566f18f5c9ef571dbfa6fabba56e9d

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 17868
content-type: application/javascript

GET
H2 200 autoptimize_single_465bd6605980d2cee53145c9b878adba.php Show response
hefamue.cyou/wp-content/cache/autoptimize/ 40 KB
40 KB 222ms
217ms Script
text/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_465bd6605980d2cee53145c9b878adba.php?ver=7.1.4.1665461876
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: f015581f7876b2ff421d4f1a2a97af2bfbfb5a6d896d5cf3bf0e6a91a9bf6cba

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 41222
content-type: text/javascript; charset=utf-8

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
988 B 183ms
75ms Script
text/javascript 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeshZEUAAAAAJUg61eAy3kdY5YMKdDRaJV-q3bk&ver=3.0

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f4.1e100.net

Software

GSE /

Resource Hash

c74d7d8a17c91b049e5dadbf2ffb333c14afdae9c7f0f425ccc5c14c1be44a47

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 Jul 2024 18:59:22 GMT

GET
H2 200 wp-polyfill-inert.min.js Show response
hefamue.cyou/wp-includes/js/dist/vendor/ 8 KB
8 KB 221ms
217ms Script
application/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 8171
content-type: application/javascript

GET
H2 200 regenerator-runtime.min.js Show response
hefamue.cyou/wp-includes/js/dist/vendor/ 6 KB
7 KB 221ms
217ms Script
application/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 6625
content-type: application/javascript

GET
H2 200 wp-polyfill.min.js Show response
hefamue.cyou/wp-includes/js/dist/vendor/ 38 KB
38 KB 222ms
217ms Script
application/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 38590
content-type: application/javascript

GET
H2 200 autoptimize_single_ec0187677793456f98473f49d9e9b95f.php Show response
hefamue.cyou/wp-content/cache/autoptimize/ 934 B
963 B 222ms
217ms Script
text/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_ec0187677793456f98473f49d9e9b95f.php?ver=5.9.6
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 934
content-type: text/javascript; charset=utf-8

GET
H2 200 e-202428.js Show response
stats.wp.com/ 7 KB
3 KB 140ms
48ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202428.js
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT lhr
date: Tue, 09 Jul 2024 18:59:22 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14421-1717166113344.7605
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Tue, 01 Jul 2025 08:21:33 GMT

GET
H2 200 mediaelement-and-player.min.js Show response
hefamue.cyou/wp-includes/js/mediaelement/ 154 KB
154 KB 222ms
217ms Script
application/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 158005
content-type: application/javascript

GET
H2 200 mediaelement-migrate.min.js Show response
hefamue.cyou/wp-includes/js/mediaelement/ 1 KB
1 KB 221ms
217ms Script
application/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.5.5
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 1191
content-type: application/javascript

GET
H2 200 wp-mediaelement.min.js Show response
hefamue.cyou/wp-includes/js/mediaelement/ 1 KB
1 KB 226ms
222ms Script
application/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.5.5
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 1107
content-type: application/javascript

GET
H2 200 vimeo.min.js Show response
hefamue.cyou/wp-includes/js/mediaelement/renderers/ 6 KB
6 KB 226ms
223ms Script
application/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.17
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 722a90d42ef2bd0ea38f0fdac6b4c0523aa4a027e9ffe889972100746e165582

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 6464
content-type: application/javascript

GET
H2 200 sbi-scripts.min.js Show response
hefamue.cyou/wp-content/plugins/instagram-feed/js/ 24 KB
24 KB 226ms
223ms Script
application/javascript 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=6.4.3
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: b367b2c44fb204bd792dd921f37c6c501c28c74589518519a294c60a677682fe

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:32 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 24800
content-type: application/javascript

OPTIONS
H/1.1 200
OK pageImpression
www.qksrv.net/ Frame 0
0 269ms
47ms Preflight
text/plain 89.207.16.75
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qksrv.net/pageImpression
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.207.16.75 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: Resin/4.0.66 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://hefamue.cyou
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://hefamue.cyou
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 09 Jul 2024 18:59:22 GMT
Server: Resin/4.0.66
X-VC-HTTPS: On

POST
H/1.1 200
OK pageImpression Show response
www.qksrv.net/ 2 B
333 B 244ms
48ms XHR
application/json 89.207.16.75
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qksrv.net/pageImpression
Requested by: Host: www.anrdoezrs.net
URL: https://www.anrdoezrs.net/am/8288711/impressions/page/am.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.207.16.75 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: Resin/4.0.66 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 09 Jul 2024 18:59:23 GMT
Server: Resin/4.0.66
Access-Control-Allow-Methods: POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://hefamue.cyou
X-VC-HTTPS: On
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Content-Length: 2

GET atrk.js
d31qbv1cthcecs.cloudfront.net/ 0
0

GET
H/1.1 200
OK d7f46cb83f0f1a318701171e7.js Show response
chimpstatic.com/mcjs-connected/js/users/f03221e49ae033437027a173c/ 4 KB
2 KB 457ms
241ms Script
application/javascript 2.17.177.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/f03221e49ae033437027a173c/d7f46cb83f0f1a318701171e7.js
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.177.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-177-117.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b8a559ce01528b41e0c648cab47344bccf609b9c3b0138d1fd03b5c6817d004c

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Unused62: 8096267
X-EdgeConnect-Origin-MEX-Latency: 104, 105, 104, 100, 104
Content-Encoding: gzip
Date: Tue, 09 Jul 2024 18:59:23 GMT
x-amz-request-id: 5ZTHWNFHN834FQZG
X-EdgeConnect-MidMile-RTT: 0, 0, 0, 4, 0
Connection: keep-alive
Content-Length: 1222
x-amz-id-2: SpVVXozMqZu0sVlVWLxayTFwWDSHB0sRxjIIYPdW9He2KKQlBC8/p2ji3gpRNOEMAMCiFjVnIj0=
Last-Modified: Thu, 05 Aug 2021 17:04:59 GMT
Server: AmazonS3
ETag: "2fd6a60d96b764ca552c9bfd60b7f07b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
Expires: Tue, 09 Jul 2024 19:29:23 GMT

GET
H3 200 letmeallez.js Show response
scripts.stay22.com/ 174 KB
62 KB 132ms
72ms Script
application/javascript 104.18.11.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.stay22.com/letmeallez.js

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.219 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e1ab6eafdc94aa4dbb937fc110bea7fccc2cb9912131b469d9698f0ae477beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 8433
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720543129&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=GpuKVIO7lWgXYm%2BSsuGScYAR2LbLZpMnofK3caxnGbY%3D
last-modified: Tue, 09 Jul 2024 16:38:08 GMT
server: cloudflare
etag: W/"2b709-190985c0d80"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720543129&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=GpuKVIO7lWgXYm%2BSsuGScYAR2LbLZpMnofK3caxnGbY%3D"}]}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 8a0a8d02ca3c52e8-LHR
expires: Tue, 09 Jul 2024 19:59:22 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
399 B 274ms
58ms XHR
text/plain 3.127.20.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=hefamue.cyou&location=%2F&product=ga&url=https%3A%2F%2Fhefamue.cyou%2F&source=googleanalytics-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Turning%20left%20for%20less%20-%20Champagne%20travel%20on%20a%20Prosecco%20budget&cms=unknown&publisher=anonymous&sop=true&version=st_sop.js&lang=en&ua=&ua_mobile=false&ua_full_version_list=&uuid=2da36e41-9fdb-4765-9a64-f0e040ca30ff

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.127.20.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-127-20-100.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 18:59:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://hefamue.cyou
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 404 leftforless.jpg
hefamue.cyou/wp-content/uploads/2022/10/ 139 B
139 B 563ms
561ms Image
text/html 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hefamue.cyou/wp-content/uploads/2022/10/leftforless.jpg
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 3c57c3917aa04277fe1a2b6763e6668a03162f1176feef126204b20ce1412182

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
server: nginx/1.15.11
content-length: 139
content-type: text/html

GET
H2 200 leftforless-1.jpg
hefamue.cyou/wp-content/uploads/2022/10/ 22 KB
0 1ms
1ms Image
image/jpeg 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hefamue.cyou/wp-content/uploads/2022/10/leftforless-1.jpg
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 56800bb9208eaa19294acbc4008cc2c6f96e95fd262b620c44da32b6f8f2301d

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:48 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 22866
content-type: image/jpeg

GET
H2 200 sw-icon-font.woff
hefamue.cyou/wp-content/plugins/social-warfare/assets/fonts/ 8 KB
8 KB 201ms
200ms Font
font/woff 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hefamue.cyou/wp-content/plugins/social-warfare/assets/fonts/sw-icon-font.woff?ver=4.4.7.3
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: dc510b264cc5b68ed3dd91056d54b022dac511df6f4f3c8051b5562aad7912ca

Request headers

Referer: https://hefamue.cyou/
Origin: https://hefamue.cyou
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:33 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 7768
content-type: font/woff

GET
H3 200 icons.ttf
www.turningleftforless.com/wp-content/themes/authentic/css/fonts/ 15 KB
16 KB 157ms
91ms Font
application/octet-stream 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.turningleftforless.com/wp-content/themes/authentic/css/fonts/icons.ttf
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/wp-content/cache/autoptimize/autoptimize_single_acde1f0e00eaa578a1e92a7296c911be.php?ver=6.5.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe0a2abfe223d36ff3e251c34c2675171f4203487c66798b63cac1cfb1a893e7

Request headers

Referer: https://hefamue.cyou/
Origin: https://hefamue.cyou
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 15448
last-modified: Mon, 07 Nov 2022 09:38:33 GMT
server: cloudflare
etag: "6368d219-3c58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k4RnN7ucSUrdcVQkQFUv9THKhMRyXpZtV1k04%2FZ5NBLF8i4wZoXf1kyWmNARjpIDFihZ044%2BINOEAih%2FQhYObP87AMfm3tKZjtqXLgdSZAtQLeXYga5RkD034UuV4GcnRsakhKKlp8beIjrhZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d02fc7b63b6-LHR
expires: Wed, 09 Jul 2025 18:59:22 GMT

GET
H2 200 Platinum.png
hefamue.cyou/wp-content/uploads/2022/03/ 72 KB
72 KB 200ms
200ms Image
image/png 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hefamue.cyou/wp-content/uploads/2022/03/Platinum.png
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: f6a57b036356de77dac88f56212207bd7f3d2fdfe217f65ca7946813f7f0b837

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:48 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 73439
content-type: image/png

GET
H2 200 britishairways_aa4769c50bca8-768x526.jpg
hefamue.cyou/wp-content/uploads/2022/09/ 40 KB
40 KB 200ms
200ms Image
image/jpeg 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hefamue.cyou/wp-content/uploads/2022/09/britishairways_aa4769c50bca8-768x526.jpg
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: f27076bb1347d444ce8713bfe00efd482d649ee22866bf172894344072587fb0

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:48 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 41157
content-type: image/jpeg

GET
H2 200 hilton-honors-728x423.jpg
hefamue.cyou/wp-content/uploads/2019/01/ 20 KB
20 KB 201ms
200ms Image
image/jpeg 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hefamue.cyou/wp-content/uploads/2019/01/hilton-honors-728x423.jpg
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: a8850a74e6a79860ce1d72e003d6e1e78d6e3f8dacd1e16b53475ab29b48681a

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:48 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 20721
content-type: image/jpeg

GET
H2 200 Product-2024-Wines-onboard-Emirates-Premium-Economy-Class-560x560.jpg
hefamue.cyou/wp-content/uploads/2023/12/ 82 KB
83 KB 201ms
200ms Image
image/jpeg 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hefamue.cyou/wp-content/uploads/2023/12/Product-2024-Wines-onboard-Emirates-Premium-Economy-Class-560x560.jpg
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 03d34df785270643ee08fa2367dc9d5812edd17fa161c7b40689a7f3e613c86e

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:48 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 84470
content-type: image/jpeg

GET
H/1.1 200
OK fides.js Show response
privacy-center.fides.mediavine.com/ 3 MB
530 KB 190ms
62ms Script
application/javascript 151.101.65.7
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://privacy-center.fides.mediavine.com/fides.js?property_id=FDS-F0G1B3&gpp=true&initialize=false

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/turning-left-for-less.js?ver=6.5.5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.7 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ddf1ff5bc7b7b23fd9b607827d541b878f68116cea9928011651b37a9534632d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 18:59:23 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Strict-Transport-Security: max-age=300
Age: 621
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 542292
X-Served-By: cache-pdk-kpdk1780085-PDK, cache-fra-etou8220037-FRA
X-Timer: S1720551563.048959,VS0,VE4
ETag: "grmrg6gr251mq9u"
Vary: cloudfront-viewer-country, cloudfront-viewer-country-region, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
Accept-Ranges: bytes
X-Cache-Hits: 2, 1

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
31 KB 202ms
94ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/turning-left-for-less.js?ver=6.5.5

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

0f19b52531bdaad2062b2ecb18d3339f81bafa150583641a939d5c4b733c2744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31455
x-xss-protection: 0
server: cafe
etag: 545 / 19913 / m202407030101 / config-hash: 15572181328030186031
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 09 Jul 2024 18:59:23 GMT

GET
H2 200 countryLookup Show response
scripts.mediavine.com/flooring/ 77 B
249 B 171ms
65ms XHR
application/json 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/flooring/countryLookup

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/turning-left-for-less.js?ver=6.5.5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

32a0c02d50103b9051274849cca15c30faa2f8a23852963e4fc877360e01c35d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220090-FRA
date: Tue, 09 Jul 2024 18:59:23 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
server: Varnish
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 77
retry-after: 0
x-cache-hits: 0

GET
H2 200 settings.json Show response
scripts.mediavine.com/launcher/ 10 KB
3 KB 172ms
65ms XHR
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/launcher/settings.json?off=mediavine

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/turning-left-for-less.js?ver=6.5.5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

19182fd038b6a090ff840f8eadb5f412fd9792b3055fb7a5baa633a91d0d0a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 792
x-powered-by: Express
x-cache: HIT, HIT
content-length: 2266
x-served-by: cache-iad-kjyo7100174-IAD, cache-fra-etou8220090-FRA
x-timer: S1720551563.028155,VS0,VE0
etag: W/"273b-0Ih1JBU6epQxfqgEM4wAy3cmAKE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
accept-ranges: bytes
x-cache-hits: 23, 24

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 257 KB
90 KB 88ms
86ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R84S57NPX6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-88381644-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d6245253a2cb7225adf9586cf593ba11cd65f29ac1bb8c8438e0d43d940b7a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92394
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jul 2024 18:59:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 185ms
54ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-88381644-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 Jul 2024 18:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1816
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 09 Jul 2024 20:29:07 GMT

GET
H2 200 wrapper.min.js Show response
scripts.mediavine.com/tags/3.4.38/ 202 KB
67 KB 61ms
60ms Script
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/turning-left-for-less.js?ver=6.5.5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 / Express

Resource Hash

8a80622c62b4e1fe8def7f6b9063ebf3b356040989dc663db034a656c4d962b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: RVSYR0S56TM01GRS
age: 519870
x-powered-by: Express
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key: web web/3.4.38/wrapper.min.js
content-length: 67488
x-amz-id-2: jsc9wUrkCQp6UvJzq97PWAFt0tr/y6z/pOJ/XfDohB/ycIx7a165ygN+Ua9M4qHJN9B4Dbe+MiE=
x-served-by: cache-iad-kiad7000055-IAD, cache-fra-etou8220047-FRA
last-modified: Wed, 03 Jul 2024 17:54:36 GMT
server: AmazonS3
x-timer: S1720551563.108831,VS0,VE0
etag: "716d9bfecb4aefe7a5fa2567a8e179c1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 3125

GET
H2 200 usersync.min.js Show response
exchange.mediavine.com/ 13 KB
5 KB 180ms
55ms Script
application/javascript 3.64.189.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.mediavine.com/usersync.min.js?s2sVersion=s2s-ab-test2-t
Requested by: Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/turning-left-for-less.js?ver=6.5.5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.189.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-189-227.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b502ab252945a458d735b12948006ce62c4d6172a900274dd022087721cce87a

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
last-modified: Wed, 03 Jul 2024 21:15:00 GMT
etag: W/"3351-1907a7362ff"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, private
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 400 web.keywords.js
keywords.mediavine.com/keyword/ 0
0 194ms
186ms Script
text/plain 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://keywords.mediavine.com/keyword/web.keywords.js?pageUrl=https://hefamue.cyou/
Requested by: Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/turning-left-for-less.js?ver=6.5.5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Tue, 09 Jul 2024 18:59:23 GMT
via: 1.1 varnish, 1.1 varnish
x-timer: S1720551563.113391,VS0,VE131
x-powered-by: Express
vary: Origin
x-cache: MISS, MISS
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
x-served-by: cache-iad-kiad7000173-IAD, cache-fra-etou8220047-FRA

GET
H/1.1 200
OK embed.js Show response
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/ 226 KB
69 KB 192ms
61ms Script
application/javascript 18.245.46.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Requested by: Host: chimpstatic.com
URL: https://chimpstatic.com/mcjs-connected/js/users/f03221e49ae033437027a173c/d7f46cb83f0f1a318701171e7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d2c0c945c4974e73b969f7011aac63bc2429b0776cc020b613d9c252872d9c9

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 02:17:23 GMT
Content-Encoding: br
Via: 1.1 e4a4a1d8cbc68200b55d6f49ec5eb07a.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Jun 2024 23:19:45 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P9
Age: 60121
x-amz-server-side-encryption: AES256
ETag: W/"1c7a1afa382f098cff12d0ec2b5c3fdd"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: LS7l2c1IeyiiGbLWuIDrMBdacQXaIQPSIMIQOlNUlvsKPCrKjdTGQQ==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 511ms
61ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-R84S57NPX6&gtm=45je4730v9111626038za200&_p=1720551562608&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=932975351.1720551563&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1720551563&sct=1&seg=0&dl=https%3A%2F%2Fhefamue.cyou%2F&dt=Turning%20left%20for%20less%20-%20Champagne%20travel%20on%20a%20Prosecco%20budget&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1493&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R84S57NPX6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 18:59:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hefamue.cyou
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 178ms
61ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R84S57NPX6&cid=932975351.1720551563&gtm=45je4730v9111626038za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R84S57NPX6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 18:59:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hefamue.cyou
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 179ms
103ms Image
image/gif 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R84S57NPX6&cid=932975351.1720551563&gtm=45je4730v9111626038za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&z=111787865

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 63ms
63ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1372317064&t=pageview&_s=1&dl=https%3A%2F%2Fhefamue.cyou%2F&ul=en-gb&de=UTF-8&dt=Turning%20left%20for%20less%20-%20Champagne%20travel%20on%20a%20Prosecco%20budget&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=968095478&gjid=789186703&cid=932975351.1720551563&tid=UA-88381644-1&_gid=326088649.1720551563&_r=1&gtm=457e4730za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&npa=1&z=1895348331

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hefamue.cyou
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d0b73a12f7f19501fbbd.min.js Show response
scripts.mediavine.com/tags/1011/ 37 KB
11 KB 66ms
66ms Script
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/tags/1011/d0b73a12f7f19501fbbd.min.js

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 / Express

Resource Hash

7f7ec3eb5d4b91fd715acd94d0df382855d4e6aea636c41c65804957ec7c839e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: SYJYRCXB9X8TY2MG
age: 4597683
x-powered-by: Express
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key: web web/1011/d0b73a12f7f19501fbbd.min.js
content-length: 10755
x-amz-id-2: j1aniHAdPXqCqqfs1dYDvk6FyNPQo1EtVwVA1ypsh5F1i+zhBv6b2Lvk4teXWi6fzRgHkyDI26s=
x-served-by: cache-iad-kcgs7200117-IAD, cache-fra-etou8220047-FRA
last-modified: Thu, 25 Apr 2024 23:05:35 GMT
server: AmazonS3
x-timer: S1720551563.250131,VS0,VE0
etag: "c573e57126063be3ca04b9d8399d6c0d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 7, 29774

GET
H2 200 a114d0d9dab54adfc1d4.min.js Show response
scripts.mediavine.com/tags/gdpr/ 22 KB
7 KB 53ms
53ms Script
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/tags/gdpr/a114d0d9dab54adfc1d4.min.js

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 / Express

Resource Hash

ee390366f52cb58359c2e36e947f3b133c7876aafdc578f66f92ad8b4d3ae741

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: 0TMVGR00CW697P1P
age: 3907123
x-powered-by: Express
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key: web web/gdpr/a114d0d9dab54adfc1d4.min.js
content-length: 6811
x-amz-id-2: m/BzpYvZXStWDlrnZmWtrcFnYxAgVn0ptImKx2wFqd9B5EAaIeQB/godctKGS0QIh6p3gwyzV84=
x-served-by: cache-iad-kjyo7100071-IAD, cache-fra-etou8220047-FRA
last-modified: Mon, 13 May 2024 16:48:07 GMT
server: AmazonS3
x-timer: S1720551563.250137,VS0,VE0
etag: "62419b721381bec1d9e2e4fcbc9f4754"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 6, 29624

GET
H2 200 7b1b5bc2bf50b7f1fd3d.min.js Show response
scripts.mediavine.com/tags/6381/ 59 KB
12 KB 62ms
61ms Script
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/tags/6381/7b1b5bc2bf50b7f1fd3d.min.js

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 / Express

Resource Hash

e7dc2d96e7b17036114e965bc4fd20227f0285f0e0a7530015fb57e6ee3a959c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: 6A35NC2MACQ2QC2G
age: 3500199
x-powered-by: Express
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key: web web/6381/7b1b5bc2bf50b7f1fd3d.min.js
content-length: 12001
x-amz-id-2: Hq406prr/Apj767q2KZ/IiRZ+/ykYtlEO5mVoDdJyjyEps5bm0RHoaL5FQGP8THWbAPIDzH7Z2w=
x-served-by: cache-iad-kjyo7100088-IAD, cache-fra-etou8220047-FRA
last-modified: Thu, 25 Apr 2024 19:32:38 GMT
server: AmazonS3
x-timer: S1720551563.255091,VS0,VE0
etag: "3ac36b93e230c09abea8266587e3313b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 3, 16845

GET
H2 200 32947d87aed2ddaf52c8.min.js Show response
scripts.mediavine.com/tags/gpp/ 6 KB
3 KB 71ms
71ms Script
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/tags/gpp/32947d87aed2ddaf52c8.min.js

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 / Express

Resource Hash

eeee889349dc933c0e2dccced4da3c634a8ed4107ee442299f3b2f6721ebee75

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: VZ1MQTEK8CXN5Q9Y
age: 1028837
x-powered-by: Express
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key: web web/gpp/32947d87aed2ddaf52c8.min.js
content-length: 2074
x-amz-id-2: 3cr+2xwKR7Qhv1w8GlS1WzsgRRLZTjobThYSWNUB49Qp1ciVd0DUfELaroiaNVExgATQqBzubGA=
x-served-by: cache-iad-kjyo7100106-IAD, cache-fra-etou8220047-FRA
last-modified: Thu, 27 Jun 2024 21:03:06 GMT
server: AmazonS3
x-timer: S1720551563.255220,VS0,VE0
etag: "c3db5a917b7591183293c71f02e04b47"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 6, 7627

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 71ms
61ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-88381644-1&cid=932975351.1720551563&jid=968095478&gjid=789186703&_gid=326088649.1720551563&npa=1&_u=YADAAUAAAAAAACAAI~&z=687081852

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hefamue.cyou
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vendor-list.json Show response
scripts.mediavine.com/cmp/v3/ 183 KB
24 KB 57ms
54ms XHR
application/json 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/cmp/v3/vendor-list.json

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

9a3949de6a2feec927478cae9c4842c1bb49d07f4cf82756b48405dbf2f3a204

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 26358
x-powered-by: Express
x-cache: HIT, HIT
content-length: 23685
x-served-by: cache-iad-kiad7000147-IAD, cache-fra-etou8220090-FRA
x-timer: S1720551563.428257,VS0,VE0
etag: W/"2da82-1bD1O5WYMLmZXCoEjPjPQD/4/fc"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
x-cache-hits: 15, 608

GET
H2 200 placeholder.png
hefamue.cyou/wp-content/plugins/instagram-feed/img/ 176 B
0 1ms
1ms Image
image/png 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hefamue.cyou/wp-content/plugins/instagram-feed/img/placeholder.png
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:22 GMT
last-modified: Tue, 09 Jul 2024 12:58:48 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 176
content-type: image/png

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
10 KB 218ms
68ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
etag: "tIg8n6xaLBY4WwNLLw9OGA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 16 Jul 2024 18:59:23 GMT

GET
H2 200 form-settings Show response
mc.us17.list-manage.com/subscribe/ 14 KB
9 KB 500ms
312ms Script
application/json 95.101.44.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.us17.list-manage.com/subscribe/form-settings?u=f03221e49ae033437027a173c&id=f3aef65455&f_id=undefined&u=f03221e49ae033437027a173c&id=f3aef65455&c=dojo_request_script_callbacks.dojo_request_script0

Requested by

Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.44.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-44-28.deploy.static.akamaitechnologies.com

Software

istio-envoy /

Resource Hash

dcdd47a9cee3291e0896ee98a3b40c20f4f650dc98c91d6bf7b76398b425f907

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 209
strict-transport-security: max-age=31536000
content-encoding: gzip
x-envoy-decorator-operation: http-interposer-desired-service.mailchimp-cloud-httpinterposer-use2-prd-m2.svc.cluster.local:8090/*
date: Tue, 09 Jul 2024 18:59:23 GMT
x-edgeconnect-midmile-rtt: 0
intuit_tid: 1-668d888b-3750b184609ded3525e46f65
x-envoy-upstream-service-time: 89
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=29, origin; dur=209, ak_p; desc="1720551563585_34901910_150442762_23900_13770_52_111_146";dur=1
content-length: 6520
x-request-id: 1-668d888b-3750b184609ded3525e46f65
x-ua-compatible: IE=edge,chrome=1
x-spanid: 658039f1-c348-01ce-ba5d-2e842b3c11fa
referrer-policy: same-origin
server: istio-envoy
x-amzn-trace-id: Root=1-668d888b-3750b184609ded3525e46f65
vary: Accept-Encoding
content-type: application/json;charset=utf-8
cache-control: max-age=289
expires: Tue, 09 Jul 2024 19:04:12 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ 13 KB
13 KB 175ms
55ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A500&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cvietnamese&display=swap&ver=7.1.4.1665461876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

201dc695ba7ad24f5b671ffbb0074bcf1880605ab9bbf91a380465b6fe760988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hefamue.cyou
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 09:47:48 GMT
x-content-type-options: nosniff
age: 33095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12808
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:38:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 09:47:48 GMT

GET
H2 200 Fairmont-Barbados-1024x829.jpg
hefamue.cyou/wp-content/uploads/2022/01/ 125 KB
125 KB 212ms
211ms Image
image/jpeg 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hefamue.cyou/wp-content/uploads/2022/01/Fairmont-Barbados-1024x829.jpg
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: b11ea4bedd59bd12fe4c58f0f3a2de5b4b111b85e0daad04623c19e9335f8195

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
last-modified: Tue, 09 Jul 2024 12:58:49 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 127698
content-type: image/jpeg

GET
H2 200 turningleftforless.jpg
hefamue.cyou/wp-content/uploads/sb-instagram-feed-images/ 4 KB
4 KB 211ms
210ms Image
image/jpeg 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hefamue.cyou/wp-content/uploads/sb-instagram-feed-images/turningleftforless.jpg
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 4e89f3ad5bdb2d4d4cc5d42e1ee2a9891e1e2f17c543892139a6e8ac4f9b2d5b

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
last-modified: Tue, 09 Jul 2024 12:58:49 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 3976
content-type: image/jpeg

GET
H2 200 328caa2b0f7866645485.min.js Show response
scripts.mediavine.com/tags/2788/ 57 KB
22 KB 79ms
79ms Script
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/tags/2788/328caa2b0f7866645485.min.js

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 / Express

Resource Hash

ba19beacf91a3a7cb6e7f0238a634d78f77538a1678b929f3dc4e6fc538fd8f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: MBD2137GCPB7NC29
age: 2196632
x-powered-by: Express
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key: web web/2788/328caa2b0f7866645485.min.js
content-length: 21830
x-amz-id-2: 5FIBQ/TJT4q8UcIS7rYMUcvZPkXzQDwQGUv/lrFaan02eH2hKNilRvqVx2PQTVrduv83bnwtvPA=
x-served-by: cache-iad-kiad7000098-IAD, cache-fra-etou8220047-FRA
last-modified: Wed, 15 May 2024 18:30:32 GMT
server: AmazonS3
x-timer: S1720551564.603567,VS0,VE0
etag: "c201da8aace1c33690f3f1dbd7c580f5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 9, 28275

GET
H2 200 74e0da3595c038283808.min.js Show response
scripts.mediavine.com/tags/gdprModal/ 15 KB
5 KB 81ms
81ms Script
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/tags/gdprModal/74e0da3595c038283808.min.js

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 / Express

Resource Hash

d85a0ef5f46167b7a9b6bec7590651c10c9dadf99e9672f7d3bbe43fda21e761

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: AMS95G4VXDC9AG7W
age: 1856021
x-powered-by: Express
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key: web web/gdprModal/74e0da3595c038283808.min.js
content-length: 4742
x-amz-id-2: Dhqk24jDhpudnvZldwmnch9Y0fTZQkZAlTeOTysJxVdb3neS14lcfR0Shs9UebpCN3doiVuHd0w=
x-served-by: cache-iad-kcgs7200131-IAD, cache-fra-etou8220047-FRA
last-modified: Thu, 16 May 2024 16:39:26 GMT
server: AmazonS3
x-timer: S1720551564.602805,VS0,VE0
etag: "cca3403e43227967fef8cfcc59acb000"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 9, 26931

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 534 KB
212 KB 174ms
56ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeshZEUAAAAAJUg61eAy3kdY5YMKdDRaJV-q3bk&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hefamue.cyou/
Origin: https://hefamue.cyou
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 14:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216123
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 08:01:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Jul 2025 14:52:10 GMT

GET
H2 200 search-widget
rewardflightfinder.com/ Frame 3E9A 0
0 523ms
107ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rewardflightfinder.com/search-widget

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://hefamue.cyou/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 66533
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a0a8d0b1ba9bed3-LHR
content-encoding: br
content-type: text/html
date: Tue, 09 Jul 2024 18:59:24 GMT
last-modified: Mon, 08 Jul 2024 10:26:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bsK1X0jLQ9tlTE05iUM%2BVFY0m8kn8GA3BdL080SCD2wE03l2hYoXIXvDmWxggA5NJJHtXdv3PRxGd7QwMxvD%2BmzUKl6fnWWA4OgsGcsM0B5ibpcNKZhnXDsGo6R5eaA41WgOOHafYQk%2FYgUS0F7H1sBhRpgt"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000
vary: Accept-Encoding
via: 1.1 4082bc3032224eec2bf8c66d45286576.cloudfront.net (CloudFront)
x-amz-cf-id: EpJATKuIehO4jd8ujMrNK6XNJY-NMuwQ0yMh_DOpf_isGFgLUbXVtg==
x-amz-cf-pop: LHR50-P7
x-amz-server-side-encryption: AES256
x-amz-version-id: XGnOmE3ZDjjprltZnTpYZj280aBlhYnb
x-cache: Error from cloudfront

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
18 KB 83ms
62ms Script
application/javascript 2a02:26f0:3500:892::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.04850267645264039
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:892::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=279
accept-ranges: bytes
content-length: 18679

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 57ms
51ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=120045813&post=0&tz=1&srv=www.turningleftforless.com&j=1%3A13.6&host=hefamue.cyou&ref=&fcp=1017&rand=0.2876730003062644
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Jul 2024 18:59:23 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 afde2a95885d9784fc31.min.js Show response
scripts.mediavine.com/tags/gdprModalLayer1/ 9 KB
3 KB 53ms
53ms Script
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/tags/gdprModalLayer1/afde2a95885d9784fc31.min.js

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 / Express

Resource Hash

fb41aae2affebd3ba9e7a5c8afcccb63309ea3141bc9e734e8c78cbc42bae57f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: 9B51CA01FHJGX301
age: 4597686
x-powered-by: Express
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key: web web/gdprModalLayer1/afde2a95885d9784fc31.min.js
content-length: 2458
x-amz-id-2: 7n5Jlwtn2WBNIYZoS9kGhSO77UhsJw2dpzqLWOn9C7z8nPRpgP8emAy/lA7r+eAR+YPUd/ZQftg=
x-served-by: cache-iad-kjyo7100038-IAD, cache-fra-etou8220047-FRA
last-modified: Fri, 03 May 2024 21:00:23 GMT
server: AmazonS3
x-timer: S1720551564.767751,VS0,VE0
etag: "9e3039b66c897ccde62e44aedfb272d7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 10, 23042

GET
H2 200 main.js Show response
faves.grow.me/ 17 KB
7 KB 183ms
54ms Script
text/javascript 151.101.194.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://faves.grow.me/main.js

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.49 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dd686b8b62e7e767fc428095a3b57144884d439d55ae8a16c67ecb79ea9ec14a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: W7MNAQD0QMGJ9PX0
age: 88660
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-surrogate-control: max-age=604800
x-amz-meta-surrogate-key: purge-on-widget-deploy
content-length: 6547
x-amz-id-2: Ymk2Wb0z1Pvj/Ms2yqgzgvsmINxwTWT4wOCR5mHS9ltTfglOPWpDXinQw5tVRIxpvNXHMCwr9T7iwzecVWh1KYmddnmlyT/r4t2nRdVupIs=
x-served-by: cache-fra-etou8220061-FRA
last-modified: Mon, 08 Jul 2024 18:21:44 GMT
server: AmazonS3
x-timer: S1720551564.912609,VS0,VE0
etag: "2d927eb809149ef4ff3c2afdf6575bac"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
x-cache-hits: 2832

GET
H2 200 b4c1b0ea11e0c97eb6d7.min.js Show response
scripts.mediavine.com/tags/9676/ 9 KB
3 KB 70ms
68ms Script
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/tags/9676/b4c1b0ea11e0c97eb6d7.min.js

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 / Express

Resource Hash

4ed5aaeb00d8aa009b566deb19844423cfd6cafc9a5f6d97ea3177b008ebc9bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: ND5S24XDS3FD2ZGJ
age: 3665269
x-powered-by: Express
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key: web web/9676/b4c1b0ea11e0c97eb6d7.min.js
content-length: 2759
x-amz-id-2: PiIYHafKn86+cg8SnijKrs2wP9X3+qoKnLDzbvAz2OBJNyUuormjO7FwoUXi5w2H0Vfj2dNkgA8=
x-served-by: cache-iad-kjyo7100060-IAD, cache-fra-etou8220047-FRA
last-modified: Tue, 07 May 2024 14:15:52 GMT
server: AmazonS3
x-timer: S1720551564.788730,VS0,VE0
etag: "d907084bd133befa006eb604196097ed"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 4, 26332

GET
H2 200 78bcc8d981ea50b69c9b.min.js Show response
scripts.mediavine.com/tags/9906/ 33 KB
11 KB 70ms
68ms Script
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/tags/9906/78bcc8d981ea50b69c9b.min.js

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 / Express

Resource Hash

ae9705a0f62d33950e90c8f8292f169735281bfca461129b9e222914b05d8b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: JWB2X0H4V5PG5GZP
age: 1134753
x-powered-by: Express
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key: web web/9906/78bcc8d981ea50b69c9b.min.js
content-length: 10976
x-amz-id-2: POq0ADp52L7MB6HasV/YDEdtRT8IMfpD1A9KK86LT4L68EVT9u0WwoVfBIqipnWrG/pFfohjFN0=
x-served-by: cache-iad-kcgs7200137-IAD, cache-fra-etou8220047-FRA
last-modified: Tue, 25 Jun 2024 21:14:48 GMT
server: AmazonS3
x-timer: S1720551564.788708,VS0,VE0
etag: "e17e40c401313ba0394ba444b0cdaa96"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 2, 15744

GET
H2 200 513e8686f692f709fa95.min.js Show response
scripts.mediavine.com/tags/1664/ 15 KB
5 KB 70ms
68ms Script
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/tags/1664/513e8686f692f709fa95.min.js

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 / Express

Resource Hash

f7d8065cf7109af2655d23b96ce925d036e2fae7b4914b3b63af9bc32316b522

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: 5PWFCFG2M6V8HVRV
age: 1915755
x-powered-by: Express
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key: web web/1664/513e8686f692f709fa95.min.js
content-length: 4647
x-amz-id-2: qlMMFwAelimkG+cVCYlaj39b+G4XiANxe8iNMHMg5GSqNQoK/dTdnd15SEHPOyRTRNcbLaFD2QY=
x-served-by: cache-iad-kjyo7100117-IAD, cache-fra-etou8220047-FRA
last-modified: Mon, 17 Jun 2024 14:46:40 GMT
server: AmazonS3
x-timer: S1720551564.788718,VS0,VE0
etag: "60ca743501cdacd9f265be8069847274"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 11, 16295

GET
H2 200 f7289e5345001292562c.min.js Show response
scripts.mediavine.com/tags/4508/ 19 KB
7 KB 72ms
66ms Script
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/tags/4508/f7289e5345001292562c.min.js

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 / Express

Resource Hash

e4080595da996fef3fa3f88b99413660cca66cc1d79145077c454bbd6fcfb772

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: 5PW6Y2APE83W3HKP
age: 1915755
x-powered-by: Express
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key: web web/4508/f7289e5345001292562c.min.js
content-length: 6784
x-amz-id-2: VfNoKCFQ5HLq4vK0rpRmHSG4aCKg43qQhHNvD6z7GzXJy0+Jw8PiAACc8UkIS4dGAFDvw3arnDw=
x-served-by: cache-iad-kjyo7100121-IAD, cache-fra-etou8220047-FRA
last-modified: Mon, 17 Jun 2024 14:46:40 GMT
server: AmazonS3
x-timer: S1720551564.788926,VS0,VE0
etag: "9558c27827c883a418b9e1e922ba4199"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 9, 13730

GET
H2 200 a558ca19937bef123b05.min.js Show response
scripts.mediavine.com/tags/2726/ 15 KB
7 KB 71ms
65ms Script
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/tags/2726/a558ca19937bef123b05.min.js

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 / Express

Resource Hash

6713efa1c8f2aebe1876b9ceb7c757c2dab37459687b70de4476f0c45cef89c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: 5PWFESVVBCMXT6BF
age: 1915755
x-powered-by: Express
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key: web web/2726/a558ca19937bef123b05.min.js
content-length: 6233
x-amz-id-2: oIhm6J+WlMxgcffYitzg/TUsI5sqiZfqdjNU9cVVUaLw2edph+LDb7O5hOpv7eQmW3uXfJIR+bw=
x-served-by: cache-iad-kjyo7100049-IAD, cache-fra-etou8220047-FRA
last-modified: Mon, 17 Jun 2024 14:46:40 GMT
server: AmazonS3
x-timer: S1720551564.788645,VS0,VE0
etag: "2cc2d73b05445832f8827424fb65665c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 8, 15730

GET
H2 200 fc1894a6245c9d03c321.min.js Show response
scripts.mediavine.com/tags/afterScroll/ 75 KB
24 KB 71ms
66ms Script
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/tags/afterScroll/fc1894a6245c9d03c321.min.js

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 / Express

Resource Hash

1495b7b7161186933fab1445c9abd37212b53577eca92a748b5109eb6cbc0eb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: JWB1RF9RE8P164BD
age: 1134753
x-powered-by: Express
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key: web web/afterScroll/fc1894a6245c9d03c321.min.js
content-length: 24237
x-amz-id-2: p8bgZqSa270WAu/uReu72yiaN1xblSp8eHspvX732WU6XAoMBIA5FXywb4G5jBN55v9jecubLLQ=
x-served-by: cache-iad-kjyo7100115-IAD, cache-fra-etou8220047-FRA
last-modified: Tue, 25 Jun 2024 21:14:40 GMT
server: AmazonS3
x-timer: S1720551564.788611,VS0,VE0
etag: "8007e8ef9d81116cfda8ad94bbd5074c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 1, 14445

GET
H2 200 rules-p--2n1AQTM4znu5.js Show response
rules.quantcount.com/ 160 B
644 B 180ms
58ms Script
application/javascript 2600:9000:223c:1400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p--2n1AQTM4znu5.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7b2e204729cdcf466d509a1efb8685424759294d298721de68b0b3c7a3bf6a8

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:06:10 GMT
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 3289
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:46:47 GMT
server: AmazonS3
etag: "56fc1b1d5da68297f1d000fe6f2f9fdb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: xri9oRySQr7kRpM0BLyeSVLqNmjydhmyaEZJypWv6MRMtGZTxVeHXw==

GET
H2 200 5715b27c8dcc07d6cacd.min.js Show response
scripts.mediavine.com/tags/gdprModalLocale44/ 155 B
909 B 61ms
61ms Script
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/tags/gdprModalLocale44/5715b27c8dcc07d6cacd.min.js

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 / Express

Resource Hash

fec422cd3d21f8a35e3f7ddc97ca4134226be248e3d308f310771eddbc4b111b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: 2ABNQZNRQ3FJYGFP
age: 4597677
x-powered-by: Express
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key: web web/gdprModalLocale44/5715b27c8dcc07d6cacd.min.js
content-length: 150
x-amz-id-2: Vy3ojShsEdJG6QRKmaCK9/CTxqybxNMnK/AIPT08U01QZtPSkT4uF9y6NJgh0Z9lBk0ybgw2wxs=
x-served-by: cache-iad-kiad7000024-IAD, cache-fra-etou8220047-FRA
last-modified: Fri, 03 May 2024 21:00:23 GMT
server: AmazonS3
x-timer: S1720551564.820773,VS0,VE0
etag: "b24f335a88b4c202634b236641c257f0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 11, 8466

GET
H3 200 wp-emoji-release.min.js Show response
www.turningleftforless.com/wp-includes/js/ 18 KB
6 KB 121ms
65ms Script
application/javascript 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turningleftforless.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1251342
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Apr 2024 14:22:36 GMT
server: cloudflare
etag: W/"660d662c-4926"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sNIupffC6oKznyLixrm1thAQtdHWmZOjLNd00pUJZ81gISWdv0eFfat8B7PcRFTVBdBdNAlSJNebd3g7PR9p1QMpf3A0qPOD3OGWrtfFfAP1a9cICHgi6jY4ytLcSZojVO31qsflFsPeOybgbw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8a0a8d0a5a668924-LHR
expires: Wed, 25 Jun 2025 07:23:41 GMT

GET
H2 200 affilimate-sm.js Show response
snippet.affilimate.io/ 72 KB
20 KB 176ms
53ms XHR
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://snippet.affilimate.io/affilimate-sm.js?v=76a198c7ae

Requested by

Host: snippet.affilimatejs.com
URL: https://snippet.affilimatejs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

118ba737969e71c32640f675184b4c2642b96e43fbd5855e0a5e19fe43bc72b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
date: Tue, 09 Jul 2024 18:59:23 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19717
x-served-by: cache-fra-etou8220146-FRA
last-modified: Tue, 09 Jul 2024 17:22:04 GMT
x-timer: S1720551564.977522,VS0,VE0
etag: "56141817b3441f5d1264770f1423235cb04734e61a2610ff86792b0b06a07619-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2628000
accept-ranges: bytes
x-cache-hits: 61

GET
H2 200 player_api Show response
www.youtube.com/ 993 B
1 KB 227ms
111ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7b7b27ecfc951cfef94dac6f5bdbdff0ac8487286825cf2d95368cebed885a20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 09 Jul 2024 18:59:24 GMT

GET
H2 200 mejs-controls.svg
hefamue.cyou/wp-includes/js/mediaelement/ 4 KB
5 KB 156ms
156ms Image
image/svg+xml 167.99.89.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hefamue.cyou/wp-includes/js/mediaelement/mejs-controls.svg
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.89.69 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9

Request headers

Referer: https://hefamue.cyou/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
last-modified: Tue, 09 Jul 2024 12:58:49 GMT
server: nginx/1.15.11
accept-ranges: bytes
content-length: 4598
content-type: image/svg+xml

GET
H3 200 449784296_18343377340136713_6204401594740012295_nthumb.jpg
www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/ 6 KB
7 KB 56ms
55ms Image
image/jpeg 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/449784296_18343377340136713_6204401594740012295_nthumb.jpg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0737421a35efeeb7a27533696579034f9f01762686b6b6a9b03e1fafc991796b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 395683
alt-svc: h3=":443"; ma=86400
content-length: 6232
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Jul 2024 01:00:07 GMT
server: cloudflare
etag: "66874597-1858"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XotlEzUWRFFrFDeAQK6XlnT0gVpXPcUKp6e96j0nqc8QX2%2FqbOwiSlS2d1f%2BUcIieUAJNkS97DoV5RXftQGYOU7c%2Fut08s5jTMHk3gBWv2RPv1UtObFV06bAyb8wcNP0skiA38KAUcsAxzYcXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d0a6a7f8924-LHR
expires: Sat, 05 Jul 2025 05:04:40 GMT

GET
H3 200 449782284_18343196785136713_4430982690283535276_nthumb.jpg
www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/ 5 KB
5 KB 96ms
94ms Image
image/jpeg 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/449782284_18343196785136713_4430982690283535276_nthumb.jpg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfc94fb6c153113a291637f853f7f936dd5051a3a0c846a34d4f0fdf3e61986a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 533017
alt-svc: h3=":443"; ma=86400
content-length: 4659
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Jul 2024 13:00:07 GMT
server: cloudflare
etag: "66854b57-1233"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4hsPs0EksjKbVFyMFiHPRnTvopjk2bVhLoZrK1FC%2FYL%2Bxc6JRrYk0%2FFdaTY0ie%2FexUGIDanmDpHLoTcvMQL695GOjxOue2umTn5gW3kcdoTi%2BAGQX6dUcSyFgJ9P87kSnleh8oHlxFQImp5FdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d0a6a828924-LHR
expires: Thu, 03 Jul 2025 14:55:46 GMT

GET
H3 200 449778493_18342987223136713_7591952118050443240_nthumb.jpg
www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/ 7 KB
7 KB 99ms
97ms Image
image/jpeg 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/449778493_18342987223136713_7591952118050443240_nthumb.jpg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d732357500246577d45b2040712de5ad03c49f22231e1e5f1b9d190884f8096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 656269
alt-svc: h3=":443"; ma=86400
content-length: 6677
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Jul 2024 01:00:07 GMT
server: cloudflare
etag: "66835117-1a15"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cuMD3%2B8hJdSloFX6y4pNUS%2BCs1to%2FthesQKo62ihJwrajUJddjl7%2F7swdG5qJLEQeFShwNzTQlp4nr6Sbm%2FdFWooFuuEewyn0UVqFSuSkeun1MaISy%2B3bVDHsxNTsN5A0K%2FQgD%2FrjgUOjlkK5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d0a6a838924-LHR
expires: Wed, 02 Jul 2025 04:41:34 GMT

GET
H3 200 449459610_18342724462136713_4237529972940073746_nthumb.jpg
www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/ 5 KB
6 KB 102ms
100ms Image
image/jpeg 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/449459610_18342724462136713_4237529972940073746_nthumb.jpg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1fc11f5d7e67c20a1924eeaaeb0c91fc412475405e5f56ce2910a3ebcbadad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 829047
alt-svc: h3=":443"; ma=86400
content-length: 5442
x-xss-protection: 1; mode=block
last-modified: Sun, 30 Jun 2024 01:00:08 GMT
server: cloudflare
etag: "6680ae18-1542"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U9wSBKXYGe77jsuD4OxW6yimgczG2SoeQk6kp2W3uXxsnRgKqEyAtht4G%2BIul%2FGWY3Iwg6cisYT2TG6yb%2F9v6bMk4NfbWpajERXaIOuqnNOUikC0MLBvBZXvJvJUyPTL9Q7pXiWuRJyy%2FI%2BnSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d0a6a858924-LHR
expires: Mon, 30 Jun 2025 04:41:56 GMT

GET
H3 200 448760840_18341277997136713_5963601521771750788_nthumb.jpg
www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/ 4 KB
4 KB 103ms
100ms Image
image/jpeg 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/448760840_18341277997136713_5963601521771750788_nthumb.jpg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd1ab104c70d9ba6354bac5d98b92c6e9d04d8c9dbe8920144e2b68c4adab1e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 519128
alt-svc: h3=":443"; ma=86400
content-length: 3923
x-xss-protection: 1; mode=block
last-modified: Wed, 19 Jun 2024 13:00:08 GMT
server: cloudflare
etag: "6672d658-f53"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pofPVbhVVFVGadaveMUoGDgcsKkPeXkONes6OaldiFHQyBJEXxL2T6kDAmvIr7lT8yPTg%2BJ8RrfFjF44Ekz4xZTVenLLzg5dhnqbnnF55ppuFbInFIrGQNycPsGike7sU2tozXPJqCGHTehA%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d0a6a8a8924-LHR
expires: Thu, 03 Jul 2025 18:47:15 GMT

GET
H3 200 448606801_18341165443136713_5650911084847651419_nthumb.jpg
www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/ 6 KB
7 KB 103ms
101ms Image
image/jpeg 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/448606801_18341165443136713_5650911084847651419_nthumb.jpg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc2341bcef953b4b7ef25e7f072ebe82a29f78f5e4214d45c736ec318949e2b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1774780
alt-svc: h3=":443"; ma=86400
content-length: 6362
x-xss-protection: 1; mode=block
last-modified: Wed, 19 Jun 2024 01:00:07 GMT
server: cloudflare
etag: "66722d97-18da"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cknFGVhZ8zE7Cbaf8K6Mlvo%2Btxa%2B57L46GkkIjV1a8H22hosg2kJvpz3OxZf%2BvXTYUc%2B1uUmWo21MT05BwD9Uwz8bghwbzoUNfxdegnHtivUvFSrRL04fJliZmfiVhGmBm95vqq0WQtIa3pT8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d0a6a8d8924-LHR
expires: Thu, 19 Jun 2025 05:59:43 GMT

GET
H3 200 447193477_18338983939136713_1872050338056873144_nthumb.jpg
www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/ 5 KB
5 KB 149ms
147ms Image
image/jpeg 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/447193477_18338983939136713_1872050338056873144_nthumb.jpg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0bd9692f9b65d7e101d08c4d2ce3bba42dcf16c193815b33e18d8a462de7ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 503493
alt-svc: h3=":443"; ma=86400
content-length: 4805
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Jun 2024 01:00:07 GMT
server: cloudflare
etag: "665d1597-12c5"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LFRVxbLoPYii4VWjSLhT4NvYEOUiTKJbbWuzjbgsn3VvaAhlzrY2ZQM2OFmXqoKyEExBhXli85EE9iruDWGl5KXvHVorN6KPN6jRQ1eOsmDsMYtAQpnjFvV7B04E0oYcUqubBt36wprtJcgnxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d0a6a908924-LHR
expires: Thu, 03 Jul 2025 23:07:50 GMT

GET
H3 200 445034270_18338279911136713_112054830889886863_nthumb.jpg
www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/ 7 KB
8 KB 150ms
148ms Image
image/jpeg 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/445034270_18338279911136713_112054830889886863_nthumb.jpg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbb68f6c7f54f9c56e942c56418da718e434b3b8545589569bdae153820cd53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3638368
alt-svc: h3=":443"; ma=86400
content-length: 7385
x-xss-protection: 1; mode=block
last-modified: Tue, 28 May 2024 13:00:09 GMT
server: cloudflare
etag: "6655d559-1cd9"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pa3DkrrG5dGOj8f5LNGo%2FWW3MPFvzfFQrv7oWrbPSRW4NC1aUzGp00R88iwr4tXZv16s0IUN4XvoOD%2B7AJutlrXIARg1IQLZAnOXQRfNisiYRqeQZJKRwq0TpMwWpxKYBsBJ55Nf95Zc2QdH%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d0a6a928924-LHR
expires: Wed, 28 May 2025 16:19:55 GMT

GET
H3 200 445557750_18338279062136713_623474800449545428_nthumb.jpg
www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/ 5 KB
6 KB 190ms
188ms Image
image/jpeg 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/445557750_18338279062136713_623474800449545428_nthumb.jpg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42b7e1ece199538675470b4721013288f4fc920aea90fa6b3f8b44ffac3e982d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3638368
alt-svc: h3=":443"; ma=86400
content-length: 5188
x-xss-protection: 1; mode=block
last-modified: Tue, 28 May 2024 13:00:09 GMT
server: cloudflare
etag: "6655d559-1444"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B44HaGvg0ZCpfkKZ%2FStkgkZPAxqohYmx1eQf199nrz2NdZoBV%2BYDosxxxzUBwlEPKoEhJxwGtO4h7i93db0FofPMRsStIs86LqeMurUaDJP3XRMDz%2FUpsstnrqBkzk6eBqfu79j4jV3z2pXnRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d0a6a948924-LHR
expires: Wed, 28 May 2025 16:19:55 GMT

GET
H3 200 444859865_830492392231233_4196770460590790007_nthumb.jpg
www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/ 6 KB
6 KB 191ms
189ms Image
image/jpeg 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/444859865_830492392231233_4196770460590790007_nthumb.jpg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bee9a57b1db076dfb8957bb0794b9110857b10b193b33f5b7b5d3fcc1253fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 519682
alt-svc: h3=":443"; ma=86400
content-length: 5713
x-xss-protection: 1; mode=block
last-modified: Sat, 18 May 2024 13:00:08 GMT
server: cloudflare
etag: "6648a658-1651"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gxt%2FIrqodStoTohEHqiTFevoRM3oUNfyLfORGCN5tP5NuN3Y3Gp7Xa2iZXNWsyJ06xG2Uw%2Bs2%2Bu%2BEFWmL2k%2B%2FBmUrTQUN0iQMWNOVrzx0CxGu0kE2ov78uFW3sDL1OQZ5NPFXuMwarK1SQvbNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d0a6a9a8924-LHR
expires: Thu, 03 Jul 2025 18:38:01 GMT

GET
H3 200 442446172_1911705322626889_317210758816772166_nthumb.jpg
www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/ 4 KB
5 KB 192ms
190ms Image
image/jpeg 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/442446172_1911705322626889_317210758816772166_nthumb.jpg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa1b08354ed78abd809faf88a06d622495d6ff413573815e6def342806959c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5118179
alt-svc: h3=":443"; ma=86400
content-length: 4179
x-xss-protection: 1; mode=block
last-modified: Sat, 11 May 2024 13:00:09 GMT
server: cloudflare
etag: "663f6bd9-1053"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ZBVqbn%2BzzDrdX6iozEWqeJ7NZDJBN85jWUIE1HElgrUlhIG%2FDSHmgSpWvbz2zyH%2BVs72PRtoz6sd8gbZfXjrmQL1ZgjdincRSW0ML5J9c4n%2Baob7KPM%2B3%2FoX%2BXG5P4GwFyZLO0sPKxHW4xYtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d0a6a9d8924-LHR
expires: Sun, 11 May 2025 13:16:24 GMT

GET
H3 200 440734434_809198427300670_8891439888557209349_nthumb.jpg
www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/ 4 KB
5 KB 192ms
190ms Image
image/jpeg 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/440734434_809198427300670_8891439888557209349_nthumb.jpg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc25c7f20512037f9ca3e0c763ddb32bc7eab83bf0ab294094db3c1ffb8e2f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 655826
alt-svc: h3=":443"; ma=86400
content-length: 4596
x-xss-protection: 1; mode=block
last-modified: Sat, 27 Apr 2024 13:00:06 GMT
server: cloudflare
etag: "662cf6d6-11f4"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2BanDthEIzl3iswtfT4QceUbwmJveDu7jwky4kJfPJxbudD5AhqxsMZ0DhfTSYdITbqnYqfdjFlmHnZTb6g3zm6MdXYKnZl2McW4EHxO8z5yX9tYVaXqoUn3ocSeW%2BIiv06umUrhccDiyu0c3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d0a6a9f8924-LHR
expires: Wed, 02 Jul 2025 04:48:57 GMT

GET
H3 200 440726434_799092142131468_5467508396404035478_nthumb.jpg
www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/ 4 KB
4 KB 193ms
191ms Image
image/jpeg 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/440726434_799092142131468_5467508396404035478_nthumb.jpg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc0b35809a1741c1d447395ce0b88e4b115a9623b7f96dc8207793c358329ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 503493
alt-svc: h3=":443"; ma=86400
content-length: 3761
x-xss-protection: 1; mode=block
last-modified: Sat, 27 Apr 2024 13:00:07 GMT
server: cloudflare
etag: "662cf6d7-eb1"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AOzZT9i71K3k6XdZPlBpyaEUaFgsdeDe2x7dy%2BC8Bi0DjQaxOMKu8EnW%2FKy122rFYMp11OaxbhpbPNC9CVVH7SsN%2FdsAP1k1qiOWFs5cqmzEiNoK%2FFXeaNX7NbnGku46zYngyDiXHQE9z6vgWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d0a6aa38924-LHR
expires: Thu, 03 Jul 2025 23:07:50 GMT

GET
H3 200 440705881_1822735368249840_2029993988241641029_nthumb.jpg
www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/ 5 KB
5 KB 194ms
192ms Image
image/jpeg 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/440705881_1822735368249840_2029993988241641029_nthumb.jpg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d1d84d05ce9271c058c2c7312e16ce4cb05cea916911281aff207b5cf259ee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6577097
alt-svc: h3=":443"; ma=86400
content-length: 5001
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2024 13:00:05 GMT
server: cloudflare
etag: "66290255-1389"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KhnHM8dYQgIyFHVFHi84qDCOwKZJhmqC2ZzDrvxy7DRNA5XnZsjmePbwQfGtvAN2xGUtzDU%2BTp5EzPmyqotFMwCC2bn9uYKQxoRO4OsGI9bLXNs8RLGNAlVwQ99b35XNxj9Zoo9PwjTLr7umdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d0a6aa58924-LHR
expires: Thu, 24 Apr 2025 16:01:06 GMT

GET
H3 200 439605040_781317570767905_2090109775627209762_nthumb.jpg
www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/ 4 KB
4 KB 229ms
227ms Image
image/jpeg 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/439605040_781317570767905_2090109775627209762_nthumb.jpg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39b995393fce12b21bc0ad400311d917bd61bed8f38c26b5045509fdfc6f1e5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6673251
alt-svc: h3=":443"; ma=86400
content-length: 3801
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Apr 2024 13:00:06 GMT
server: cloudflare
etag: "6627b0d6-ed9"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aMUoICyNFFA4QzK%2Fp%2FQCRF8z7Gxm2BqSDhXF0YgDD9ApBuuuZUbpvVaUksDM2fPDwXjKloKle89HMh9ezXxI9ozO5D1gbCr7YrrTaVGFed2rZyWvir6u5ob276VZHfaaWS2dpUaDQXwl0p3V9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d0a6aa78924-LHR
expires: Wed, 23 Apr 2025 13:18:32 GMT

GET
H3 200 440095659_741181001536645_3928697798910167931_nthumb.jpg
www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/ 4 KB
5 KB 229ms
227ms Image
image/jpeg 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/440095659_741181001536645_3928697798910167931_nthumb.jpg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95e7ec8f85df2a8bbdf8a9ae396a09d0f9e0bd32d6db82be33ec59d4cec75803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6673251
alt-svc: h3=":443"; ma=86400
content-length: 4438
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Apr 2024 13:00:07 GMT
server: cloudflare
etag: "6627b0d7-1156"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cuAxBUqgfV8tEZxkppmFcvk7DMQ6eHIGFFxeE71TM%2BWkWt%2BalrCnkxzlyI8KSx88Y3G1MfqNa8Kva%2FJ%2FNauYQQbxe20wfkbcfe1IAVwygRJQrowkSDgSxZ%2BDCQbeKaWM9LQYeEHQPMFyUvB4gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d0a6aa98924-LHR
expires: Wed, 23 Apr 2025 13:18:32 GMT

GET
H3 200 438997328_1146454953442779_1980390424230385928_nthumb.jpg
www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/ 3 KB
4 KB 234ms
232ms Image
image/jpeg 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/438997328_1146454953442779_1980390424230385928_nthumb.jpg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b57fed9b632f15d53c7a78442d8fb3173c12375851f87f4aea1a8df1e3cf2cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 519128
alt-svc: h3=":443"; ma=86400
content-length: 3505
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Apr 2024 13:00:06 GMT
server: cloudflare
etag: "661fc7d6-db1"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Udzf%2BT5mTsSoj47hvqy2gX9%2B7FKqlf8oaAuKSDthWTa9vW8TULs3f4%2BajzU%2FUzfjJDabrAqGJacE2IvTeVJEf5awU73AYgrW4I8EoKOIcXoYPIxmKUqs0Qmifvos2VGNHBx00N6YArK3XvqQQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d0a6aab8924-LHR
expires: Thu, 03 Jul 2025 18:47:15 GMT

GET
H3 200 438987804_1182253939818142_487146850563875561_nthumb.jpg
www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/ 3 KB
4 KB 234ms
233ms Image
image/jpeg 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/438987804_1182253939818142_487146850563875561_nthumb.jpg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47015a47abc7688778d4051ee9ce369b9397fde21a2d856a08a38bb864044c56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 836869
alt-svc: h3=":443"; ma=86400
content-length: 3084
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Apr 2024 13:00:07 GMT
server: cloudflare
etag: "661fc7d7-c0c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dqYw6qHWnLmbdl0hbfjMIraC9tRqOYHbVCw8FUJFCjrv5GTEg1FXlUhWl1%2FECWdIHzpKTCa3vYVE7JTTe7gF35sXe%2BjoXOYKLAF8phxQ3GVK3LVv6IxypMRq4lnH4ZJdnH88jZKEdGEMZ1TD8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d0a6aac8924-LHR
expires: Mon, 30 Jun 2025 02:31:34 GMT

GET
H3 200 439017514_1130880625030584_8110652291775240520_nthumb.jpg
www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/ 3 KB
4 KB 233ms
231ms Image
image/jpeg 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/439017514_1130880625030584_8110652291775240520_nthumb.jpg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23b4e7aeadd1864de5efe8c9b74a247f010f835690e01350e8c918d809e22264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7189705
alt-svc: h3=":443"; ma=86400
content-length: 3093
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Apr 2024 13:00:07 GMT
server: cloudflare
etag: "661fc7d7-c15"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BApMXOVGvSdwC2T89O0JieZiNn0bxL%2FfWJmir60HlGsblzg14nglsua1wAeqLfoe2OhVmZU1Dcb8kNEH1RwakeDylFmGXYmaQB27GGbmnyMi68fCJ2hTkGkJhDE9omP1P7yGF9qq6pRrSak6DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d0a6aad8924-LHR
expires: Thu, 17 Apr 2025 13:50:58 GMT

GET
H3 200 438994249_441698178516998_104820090761111095_nthumb.jpg
www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/ 6 KB
6 KB 234ms
233ms Image
image/jpeg 172.67.186.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningleftforless.com/wp-content/uploads/sb-instagram-feed-images/438994249_441698178516998_104820090761111095_nthumb.jpg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.186.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

452769557ec752ffe3186b5ec8ec302bd7593adc5027f5e30296f865de4e6235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 519128
alt-svc: h3=":443"; ma=86400
content-length: 5703
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Apr 2024 13:00:08 GMT
server: cloudflare
etag: "661fc7d8-1647"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tWB%2Fjs93jw26hAf0PW8n%2FYsmyOoc3dKl0DlzFhb%2FT7I9WLjQ1Utb%2FFVafneI3cpqKcr7STHZ1WSB8ekrXbub%2F%2F7dt8cB80X8%2FWdr21WHlAkjKwVa3L06RiGvVu66r98Vbs5Eu8oqCg%2Fo8LuaYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a0a8d0a6aaf8924-LHR
expires: Thu, 03 Jul 2025 18:47:15 GMT

GET watch
www.youtube.com/ 0
0

GET
H3 200 partner Show response
www.stay22.com/ext/ 1 KB
1 KB 197ms
185ms Script
text/javascript 104.18.11.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/ext/partner?callback=jQuery371018985999944504628_1720551562910&lmaID=&aid=turningleftforless&campaign=hefamuecyou&product=lma&installationMethod=manual&version=1.5.4&hasadblocker=false&isinc=true&excludes%5B%5D=vrbo&excludes%5B%5D=booking&excludes%5B%5D=expedia&excludes%5B%5D=tripadvisor&excludes%5B%5D=hotelscombined&excludes%5B%5D=hotelscom&preservecampaign=false&disablepop=false&ref22=https%3A%2F%2Fhefamue.cyou%2F&_=1720551562911&sid22=

Requested by

Host: scripts.stay22.com
URL: https://scripts.stay22.com/letmeallez.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.219 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

519beb41aebb3d912d399ccb671ce36846d1059a4d94d6aebba7d86c34388fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:24 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
etag: W/"45d-9DG52rpFsRvszWIUeHzkFti/B2s"
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720551563&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=mLMk3F0BM1rlNYMbc6ytWQajyuaxACnHEOpI6mVLUnw%3D"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cf-ray: 8a0a8d0a98ff52e8-LHR
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720551563&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=mLMk3F0BM1rlNYMbc6ytWQajyuaxACnHEOpI6mVLUnw%3D

GET
H2 200 creativeBlocks Show response
scripts.mediavine.com/ 40 KB
12 KB 53ms
53ms XHR
text/html 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/creativeBlocks

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

4eb0f14e71d4c62883f3b7ba1d5ed2b06416c533059c81082ec5ef9dadbc307a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 20522
x-powered-by: Express
x-cache: HIT, HIT
content-length: 11461
x-served-by: cache-iad-kiad7000057-IAD, cache-fra-etou8220090-FRA
x-timer: S1720551564.941793,VS0,VE0
etag: W/"a160-UeC5a07+C9Pod572G/ouynOJ6Yg"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
accept-ranges: bytes
x-cache-hits: 14, 708

GET
H2 200 13b8d1c668490a13d112.min.js Show response
scripts.mediavine.com/tags/386/ 338 KB
106 KB 69ms
68ms Script
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/tags/386/13b8d1c668490a13d112.min.js

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 / Express

Resource Hash

11eaad0a2520ec7d97f81a7015c5edf3894363d828d263d0708580418f2cbeaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: 6N7Z9JTHMWV923J1
age: 3588767
x-powered-by: Express
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key: web web/386/13b8d1c668490a13d112.min.js
content-length: 108157
x-amz-id-2: OlThSycrL/aNIw9MZDvBg3XbG+ul/wUkhKZ/AfVkHIYy08YUL2ALk0WubDzhVkuy1ILYVBAf2ys=
x-served-by: cache-iad-kiad7000104-IAD, cache-fra-etou8220047-FRA
last-modified: Tue, 07 May 2024 13:50:40 GMT
server: AmazonS3
x-timer: S1720551564.950118,VS0,VE0
etag: "42164b96feffc9803b110a4ed54b2c03"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 5, 26198

GET
H2 200 53999e63aaa1eff96a0d.min.js Show response
scripts.mediavine.com/tags/prebid/ 13 KB
6 KB 78ms
78ms Script
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/tags/prebid/53999e63aaa1eff96a0d.min.js

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 / Express

Resource Hash

f6f152b53917b29b1b77b3ced5df85be3ef87dc4d37eaf437d2642fdbe5f5858

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: 4PC5AFX85KTWZEXR
age: 3377379
x-powered-by: Express
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key: web web/prebid/53999e63aaa1eff96a0d.min.js
content-length: 5124
x-amz-id-2: 2Wf0lG2V5dsI2s4p1imBjkx3yViDLJCi7Bj/EKrmM8I9svkuhnNGsD0fxmH0h89kvUORHRr17t8=
x-served-by: cache-iad-kjyo7100152-IAD, cache-fra-etou8220047-FRA
last-modified: Thu, 16 May 2024 16:39:26 GMT
server: AmazonS3
x-timer: S1720551564.950232,VS0,VE0
etag: "70b41ac7eada691d54d83f10383f9e09"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 1, 23313

GET
H2 200 27432bc76ee0f6762441.min.js Show response
scripts.mediavine.com/tags/gdprModalLocale2/ 1 KB
1 KB 78ms
78ms Script
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/tags/gdprModalLocale2/27432bc76ee0f6762441.min.js

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 / Express

Resource Hash

a3cfbde18aa8afdd228074ce7a6014aec152e90a412a2ec4a7e3d621c5041560

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: R326EPYXY2PZPYFQ
age: 4078170
x-powered-by: Express
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key: web web/gdprModalLocale2/27432bc76ee0f6762441.min.js
content-length: 630
x-amz-id-2: 7Xt8nkYk9kT2eSgx+o4wIG3B1IklK93anFSSorN24BS4pqZHJQPWhCSpy9b5nlZWoe9ghKYh1yg=
x-served-by: cache-iad-kcgs7200067-IAD, cache-fra-etou8220047-FRA
last-modified: Tue, 07 May 2024 03:10:53 GMT
server: AmazonS3
x-timer: S1720551564.950224,VS0,VE0
etag: "004e9b69c50c6f1631e930ebffb51e6e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 10, 7739

GET
H2 200 1f60d.svg
s.w.org/images/core/emoji/15.0.3/svg/ 941 B
806 B 135ms
43ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/15.0.3/svg/1f60d.svg

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

e17d4d0339ce34ba1ee3274fdc98a1bd5ca4a8f309861b63b746970a609d7d63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Tue, 09 Jul 2024 18:59:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2024 01:18:13 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 config Show response
api.grow.me/sites/adfd9305-3a99-4b68-9693-7f9cabc32e3d/ 4 KB
2 KB 179ms
57ms Fetch
application/json 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.grow.me/sites/adfd9305-3a99-4b68-9693-7f9cabc32e3d/config

Requested by

Host: faves.grow.me
URL: https://faves.grow.me/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

aecb6cb22b886048bba8243816b1fad84809e2844c45dc5d5e38201bf7a99a72

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 4373
x-powered-by: Express
x-cache: HIT, HIT
content-length: 1496
x-served-by: cache-iad-kiad7000109-IAD, cache-fra-etou8220045-FRA
x-timer: S1720551564.122072,VS0,VE1
etag: W/"e06-7CVL/SvTmhZjev4P74+tb7F07As"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 17, 0

GET
H2 200 location-privacy-info Show response
api.grow.me/ 72 B
416 B 176ms
54ms Fetch
application/json 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.grow.me/location-privacy-info

Requested by

Host: faves.grow.me
URL: https://faves.grow.me/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

34d48c86ab72aa08edca933d9e353be2f0e80e798ff6f3c6e9fdef9d332716be

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 32168
x-powered-by: Express
x-cache: HIT, HIT
content-length: 90
x-served-by: cache-iad-kiad7000169-IAD, cache-fra-etou8220045-FRA
x-client-geo-region: BE
x-timer: S1720551564.121611,VS0,VE0
etag: W/"48-26hAM+LuSELO2CFoqi1DALjlNys"
vary: client-geo-country, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 1, 271

GET
H2 200 versions Show response
api.grow.me/ 32 B
215 B 178ms
56ms Fetch
application/json 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.grow.me/versions

Requested by

Host: faves.grow.me
URL: https://faves.grow.me/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

69d142504bf1d052d91b1e6145beda8f6a7cae3b9346bc716326b679f738cbcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 80443
x-powered-by: Express
x-cache: HIT, HIT
content-length: 52
x-served-by: cache-iad-kjyo7100145-IAD, cache-fra-etou8220045-FRA
x-timer: S1720551564.121606,VS0,VE0
etag: W/"20-3S13V0TDPxIF1OHw4GGHcAMqhh4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
x-cache-hits: 56, 2197

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 22D9 0
0 168ms
65ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeshZEUAAAAAJUg61eAy3kdY5YMKdDRaJV-q3bk&co=aHR0cHM6Ly9oZWZhbXVlLmN5b3U6NDQz&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=l63b3ymi8by

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SSrQiU0DHvbEBpjasQcqBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefamue.cyou/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-SSrQiU0DHvbEBpjasQcqBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jul 2024 18:59:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
BLOB 200
OK f9cb529f-f1c6-4522-b4e1-57986328ca3d Show response
https://hefamue.cyou/ 72 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hefamue.cyou/f9cb529f-f1c6-4522-b4e1-57986328ca3d
Requested by: Host: snippet.affilimatejs.com
URL: https://snippet.affilimatejs.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 118ba737969e71c32640f675184b4c2642b96e43fbd5855e0a5e19fe43bc72b7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 73287
Content-Type: text/javascript

GET
H/1.1 200
OK popup.js Show response
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/38d3020ee67bdafdc3231e2272e1fa0689108cda/ 112 KB
31 KB 62ms
62ms Script
application/javascript 18.245.46.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/38d3020ee67bdafdc3231e2272e1fa0689108cda/popup.js
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac2703bdccf412e09b63cf5fce781a258a9b8548ba8a314330c8e5a5b8e9fa5b

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 13:03:55 GMT
Content-Encoding: br
Via: 1.1 e4a4a1d8cbc68200b55d6f49ec5eb07a.cloudfront.net (CloudFront)
Last-Modified: Tue, 04 Jun 2024 16:58:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P9
Age: 51923
x-amz-server-side-encryption: AES256
ETag: W/"a1391b4f56369883b0b9a4e7cd122028"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: XuWcV-i0uGLvx2zgX264DmCoILa4Mi6GWTUYFqZEGeRKVgtntyz52w==

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/9ed4a7e1/www-widgetapi.vflset/ 31 KB
10 KB 152ms
152ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9ed4a7e1/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb34150905a3d5ae56c7b9d66a658a0ed0de85b1e9a41282e2e82c326831aec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 07:22:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10405
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 04:17:31 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 09 Jul 2025 07:22:38 GMT

POST
H3 200 lehf Show response
scripts.stay22.com/api/ 405 B
1 KB 147ms
145ms XHR
application/json 104.18.11.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.stay22.com/api/lehf

Requested by

Host: scripts.stay22.com
URL: https://scripts.stay22.com/letmeallez.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.219 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7ff142423ac2b27d2619c931ef512a0e2b267d11f4f2cd47f8e390126b176a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://hefamue.cyou/
sid22: 3e3f36a6-373b-4f62-859a-56ea8dd8049b
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 Jul 2024 18:59:24 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
etag: W/"195-2ftg4UW9cvoGcuuoe9vxUiHUUSI"
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720551564&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=fJoaExu%2FTeUR%2FVQpCtCofyYDG6OBiCqYn9soA10mjeg%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 8a0a8d0cf9896370-LHR
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720551564&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=fJoaExu%2FTeUR%2FVQpCtCofyYDG6OBiCqYn9soA10mjeg%3D

OPTIONS
H3 204 lehf
scripts.stay22.com/api/ Frame 0
0 187ms
137ms Preflight 104.18.11.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.stay22.com/api/lehf

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.219 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sid22
Access-Control-Request-Method: POST
Origin: https://hefamue.cyou
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,sid22
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a0a8d0c1ff76370-LHR
content-length: 0
date: Tue, 09 Jul 2024 18:59:24 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720551564&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=fJoaExu%2FTeUR%2FVQpCtCofyYDG6OBiCqYn9soA10mjeg%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720551564&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=fJoaExu%2FTeUR%2FVQpCtCofyYDG6OBiCqYn9soA10mjeg%3D
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers
via: 1.1 vegur

GET
H/1.1 200
OK common.css
downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/ Frame 9096 10 KB
3 KB 55ms
54ms Stylesheet
text/css 18.245.46.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/common.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d61cb56d53c3bc09f69f5dc1728f9fadf2f931023984c8901af8af352db10b01

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 08 Jul 2024 19:04:53 GMT
Content-Encoding: br
Via: 1.1 e4a4a1d8cbc68200b55d6f49ec5eb07a.cloudfront.net (CloudFront)
Last-Modified: Tue, 04 Jun 2024 16:58:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P9
Age: 86072
x-amz-server-side-encryption: AES256
ETag: W/"22d453e74fdbe5b73dac8b53e669122e"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: text/css
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: C8Kkls15cRxh3W-xO4BGFl-zgP9Wab-fDTvw2tVE9Ylwbfxqk5-NNw==

GET
H/1.1 200
OK banner.css
downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/ Frame 9096 813 B
1 KB 111ms
54ms Stylesheet
text/css 18.245.46.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/banner.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21fd2df4903c9e47405d1c908cb002759b1cbed9027a21c198e4eeff4a52c492

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 08:49:35 GMT
Via: 1.1 e4a4a1d8cbc68200b55d6f49ec5eb07a.cloudfront.net (CloudFront)
Last-Modified: Tue, 04 Jun 2024 16:58:29 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P9
Age: 36590
x-amz-server-side-encryption: AES256
ETag: "03dc514068214f6d7d052c91c8492206"
Vary: Accept-Encoding, Origin
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 813
X-Amz-Cf-Id: I3p35dGwTsp2F7obcNbx6vsgrefUeQQZYs8qQPk-8CG4ScqhYS3sJg==

GET
H/1.1 200
OK common.css
downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/ Frame 8567 10 KB
0 51ms
51ms Stylesheet
text/css 18.245.46.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/common.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d61cb56d53c3bc09f69f5dc1728f9fadf2f931023984c8901af8af352db10b01

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 08 Jul 2024 19:04:53 GMT
Content-Encoding: br
Via: 1.1 e4a4a1d8cbc68200b55d6f49ec5eb07a.cloudfront.net (CloudFront)
Last-Modified: Tue, 04 Jun 2024 16:58:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P9
Age: 86072
x-amz-server-side-encryption: AES256
ETag: W/"22d453e74fdbe5b73dac8b53e669122e"
Vary: Accept-Encoding, Origin
X-Cache: Hit from cloudfront
Content-Type: text/css
X-Amz-Cf-Id: C8Kkls15cRxh3W-xO4BGFl-zgP9Wab-fDTvw2tVE9Ylwbfxqk5-NNw==

GET
H/1.1 200
OK layout-2.css
downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/ Frame 8567 1 KB
929 B 155ms
53ms Stylesheet
text/css 18.245.46.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/layout-2.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c398b4ce94e2b1e42a4eb77ec66dfd228fcff631fdd9c0c74f8cce047d12072

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 00:21:54 GMT
Content-Encoding: br
Via: 1.1 3d95fd99ed5f07db9d464a35af433056.cloudfront.net (CloudFront)
Last-Modified: Tue, 04 Jun 2024 16:58:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P9
Age: 67051
x-amz-server-side-encryption: AES256
ETag: W/"689415cef3fb916a12beabcfa7ff4244"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: text/css
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 1_0bWM0xv0It6E-odQWTPnA9bX8UaI0mq3K6aZp1glboUG0OFptC4A==

GET
H/1.1 200
OK modal.css
downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/ 3 KB
1 KB 158ms
53ms Stylesheet
text/css 18.245.46.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/modal.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 118ac60d6d1855fdbd7379f012f9b6a97bd538293299472759a666b4d26ac843

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 08:49:35 GMT
Content-Encoding: br
Via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
Last-Modified: Tue, 04 Jun 2024 16:58:29 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P9
Age: 36590
x-amz-server-side-encryption: AES256
ETag: W/"bb442b187fc78727105fd57962ce4b14"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: text/css
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: Wl6Xfa9PkeMFS3iIBO2fPsS720H4ptQqPrRXi3Djm48EE8a1LSh3ew==

GET
H2 200 search-widget
rewardflightfinder.com/ Frame D7FB 0
0 142ms
142ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rewardflightfinder.com/search-widget

Requested by

Host: hefamue.cyou
URL: https://hefamue.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://hefamue.cyou/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 66533
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a0a8d0c2d1cbed3-LHR
content-encoding: br
content-type: text/html
date: Tue, 09 Jul 2024 18:59:24 GMT
last-modified: Mon, 08 Jul 2024 10:26:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0CfQueS%2FYQQT4Em0lSsEHadgQVcq2pUCbVtqciLafiu%2BFkmiBoAhvkyHgw1yWcXik2FIlEW8ckCgZ1AaC23joceR9jJtIpJFys%2FFVA3ykwgLlKI2DyHJpNZsN0gv%2BiYLz5XfhBmbkIoZdG2K%2FWdAMM4fepsK"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000
vary: Accept-Encoding
via: 1.1 6b044dd2ae76c466251b3be8f6ece716.cloudfront.net (CloudFront)
x-amz-cf-id: A0j6O7g9COTGBr9BtTy51Fn4KZrgJ42yTGNU9cxb7RAImRYTNLpE3A==
x-amz-cf-pop: LHR50-P7
x-amz-server-side-encryption: AES256
x-amz-version-id: XGnOmE3ZDjjprltZnTpYZj280aBlhYnb
x-cache: Error from cloudfront

GET
H2 200 app.7.284.0.js Show response
faves.grow.me/ 245 KB
74 KB 52ms
52ms Script
text/javascript 151.101.194.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://faves.grow.me/app.7.284.0.js

Requested by

Host: faves.grow.me
URL: https://faves.grow.me/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.49 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

46d215be4c2f2724e39f3b12926076aee752e58782cbb6c8a63d997a74464b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:24 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: 6KSSSF6A7EAN5EGG
age: 80442
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 75484
x-amz-id-2: 61Js3Y6prKSvKZU/ujyeABuSFs1yMBcKlj0iBt7IkaJZ+gdUGNBvweYnwkoLuGGDg2F9GlSzORk=
x-served-by: cache-fra-etou8220061-FRA
last-modified: Mon, 08 Jul 2024 17:55:22 GMT
server: AmazonS3
x-timer: S1720551564.194479,VS0,VE0
etag: "4477dba48f9bd98f843a479f00890d77"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-cache-hits: 1578

GET
H2 200 TQR1N8z_Zpc
www.youtube.com/embed/ Frame 3845 0
0 249ms
138ms Document
text/html 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/TQR1N8z_Zpc?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fhefamue.cyou&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9ed4a7e1/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hefamue.cyou/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jul 2024 18:59:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
log.pinterest.com/ 0
350 B 205ms
81ms Image
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=VumaSfEHxyUp&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&button_hover=1&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-GB&via=https%3A%2F%2Fhefamue.cyou%2F
Requested by: Host: hefamue.cyou
URL: https://hefamue.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 09 Jul 2024 18:59:24 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1730962273571853
content-length: 0
x-served-by: cache-fra-etou8220059-FRA
pragma: no-cache
server: envoy
x-timer: S1720551565.940547,VS0,VE27
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 204 826b256fb3 Show response
bam.nr-data.net/ins/1/ 0
265 B 332ms
165ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/ins/1/826b256fb3?a=21735165&sa=1&v=1158.afc605b&t=Unnamed%20Transaction&rst=3000&ref=https://hefamue.cyou/
Requested by: Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://hefamue.cyou
date: Tue, 09 Jul 2024 18:59:26 GMT
access-control-allow-credentials: true
Connection: close
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
x-served-by: cache-fra-etou8220139-FRA

GET
H2 200 adjustments Show response
scripts.mediavine.com/amazon/v1/ 53 KB
13 KB 56ms
55ms XHR
application/json 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.mediavine.com/amazon/v1/adjustments?offering=mediavine

Requested by

Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/3.4.38/wrapper.min.js?bust=1504163642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

b72240d2a5f928854cccccf0d15b68456d1ba7e5f3be7b09c560540f7c1150dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefamue.cyou/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:59:27 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 1
x-powered-by: Express
x-cache: HIT, HIT
content-length: 12458
x-served-by: cache-iad-kcgs7200050-IAD, cache-fra-etou8220090-FRA
x-timer: S1720551568.787861,VS0,VE2
etag: W/"d55a-+ZOHLrz7k5ZKCX6KEyXhTsSn2tQ"
vary: offering=mediavine, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, no cache
accept-ranges: bytes
x-cache-hits: 702546, 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d31qbv1cthcecs.cloudfront.net
URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js

Domain: www.youtube.com
URL: https://www.youtube.com/watch?v=TQR1N8z_Zpc&t=12s&_=1

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.stay22.com/	1970-01-20 21:55:53	Name: __cf_bm Value: hGWjKDZi.QJkKpMSLo1i.qK8TDwRRgk9.b9x7e90NOM-1720551562-1.0.1.1-7Jy7PyTj28G.XjLwnJuD0r_cgSsr_gEYM5FJkP4LRtwLEz4goDvlC6GevL80gKH55O5rakQWCeRfFt1BM3jSQw
.hefamue.cyou/	1970-01-21 07:31:51	Name: _ga_R84S57NPX6 Value: GS1.1.1720551563.1.0.1720551563.60.0.0
.hefamue.cyou/	1970-01-21 07:31:51	Name: _ga Value: GA1.2.932975351.1720551563
.hefamue.cyou/	1970-01-20 21:57:17	Name: _gid Value: GA1.2.326088649.1720551563
.hefamue.cyou/	1970-01-20 21:55:51	Name: _gat_gtag_UA_88381644_1 Value: 1
hefamue.cyou/	1969-12-31 23:59:59	Name: utm_source Value:
hefamue.cyou/	1969-12-31 23:59:59	Name: utm_campaign Value:
hefamue.cyou/	1970-01-21 06:41:27	Name: am_gpp_cmp_version Value: v2test
hefamue.cyou/	1970-01-21 06:41:27	Name: euconsent-v2 Value:
hefamue.cyou/	1970-01-21 06:41:27	Name: am_gpp Value: DBACPeA~CQBfOcAQBfOcAAuACAENA8EgAAAAAAAAAAwIAAAAAAAA.YAAAAAAAAAAA~1---~BqgAAAAAAgA
.list-manage.com/	1970-01-21 06:41:27	Name: _abck Value: 14875F2897035A6EB9B09ED89C701EDA~-1~YAAQlo8UAjwD9ZGQAQAAr2LdmAyp4WBJbQNVVwSnD9xqjb1Z/8GX+zsVMQyS13ZZKkR968Fs/DhDteV2FhIIo0xtmbGzvgYRdgIQeRdyyu/fQsQgfxGOfbqva2A9IK475OTCcrHI+QUiqKI9fGIEpvyf6LHFs1ki31H9/8k5BwhWY24M23w62My/eZDsWR6jjH5ElusuqcNtWA5x5yZSdN5dLBBha1lfJlQQYol5vA1S304TRHauYbfMxkPi97IvVxtfKLGnMBMxU91Tiet/COboE/IoMpI2mG/oWl7k0NMCD3hl47RDq5kncq1Tibi5Ww/bdbISOFphser7SdJSNO53+ZF5CxJfMb0gxtvRh0jXyVInh1SVSQqn35AZRSFM~-1~-1~-1
.us17.list-manage.com/	1970-01-20 21:55:58	Name: ak_bmsc Value: FE28C8A8A290B4E75CBDBC0C55285D4C~000000000000000000000000000000~YAAQlo8UAj0D9ZGQAQAAr2LdmBi1KMw1jjJD/wv3pvf8B0Q5cSivQgPGxUmgFLA2kldK1Fgg4GfwWkoRuMul22TdSdQcTNETgaBdSCBz4nFSV7XELFS5F/a2T2nBLMw/+2PmuEB90MOcnsKRHYNU13jHSLDh1PMopkZp+JO9EwPfRi9PnjqCL9oxrKr2Jn7muKB4T+BbkR0kcI5lq3r2Z9voJKN2toaRFGKfMFhZl1G40IcJXziT4sXQ2284sa+4G/A1u2BCg+ab9IC9wWoJqX2EHxDwKqkv+nGJxOcyM0yVuHpgyGcLmPWUyc6IllAJBsKp0M8IfpPMNIawmq+yqbX7v6jFrh+FzMUjM4W60VvL7FwGiYLQ924b0S7aw7VaXkNYdG+9Z5M0b7GXbMX064Ofwdk=
.list-manage.com/	1970-01-20 21:56:05	Name: bm_sz Value: D3DCF61BBA705328641000A386394EBB~YAAQlo8UAj4D9ZGQAQAAr2LdmBgmhfub+NRTUB8PzPRnC5Q4JfzntnVgT4J3jqkpnCIyiCpnVyVTmr7NMQrc8P4CyMi90+KczEHoqhgc8KlM/Vh8DDnTbIURNd+FD4cpOlfgiwlBqHNEyJloF7Sx22C2ErOOw5I9rb40hNKBOVrRTnqNZygXLxiUWhmYT8bq7K2jOm9qrCOkkU7w+dCGFXHVtx7IOCEvsvyDnjAM0YhA7seNugssn85U4Sgu8NW/AYm+cpICqwFzmVFd9H6gS1oj7WsrF/dl6RkiWTRQdhLPwyS/WXPJF4o67R8y6HKv9Df3d4Q5Wb967DImRA0LbYeDQbJc1kdPGcmoW6wVasRc+VQ4sgc6jCLCtS4=~3294264~3425332
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 6TnaTftVvYk
.youtube.com/	1970-01-21 02:15:03	Name: VISITOR_INFO1_LIVE Value: vnJveSAra1o
.youtube.com/	1970-01-21 02:15:03	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgUg%3D%3D
www.stay22.com/	1970-01-20 23:35:13	Name: session22 Value: s%3A3e3f36a6-373b-4f62-859a-56ea8dd8049b.B9MTV4yK4XvdE8K6MGHNUT9kGmNjqZ2RzhalSpO5Fug
www.clarity.ms/	1970-01-21 06:41:27	Name: CLID Value: 0dfe7faf273c4c6795115e2d31ff7e4e.20240709.20250709
sibautomation.com/	1970-01-21 02:16:51	Name: uuid Value: fd2fc6e8-6ff8-49ad-80da-472295021c69
.d.adroll.com/	1970-01-21 07:24:39	Name: __adroll Value: e55007900dbdef8004ced0706a2d9bef-a_1720551565
.d.adroll.com/	1970-01-21 07:24:39	Name: receive-cookie-deprecation Value: 1
.adroll.com/	1970-01-21 07:24:39	Name: receive-cookie-deprecation Value: 1
.adroll.com/	1970-01-21 07:24:39	Name: __adroll_shared Value: e55007900dbdef8004ced0706a2d9bef-a_1720551565
.twitter.com/	1970-01-21 07:31:51	Name: personalization_id Value: "v1_z4kqYrdpqut7QsLRqX4pbw=="
.t.co/	1970-01-21 07:31:51	Name: muc_ads Value: 0facc8bf-2028-494d-b4ed-1029d30f18d0
.bing.com/	1970-01-21 07:17:27	Name: MUID Value: 3D64B3BF884069D0257EA70889EC686F
.c.bing.com/	1970-01-20 22:05:56	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:17:27	Name: SRM_B Value: 3D64B3BF884069D0257EA70889EC686F
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:17:27	Name: MUID Value: 3D64B3BF884069D0257EA70889EC686F
.c.clarity.ms/	1970-01-20 22:05:56	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 21:55:52	Name: ANONCHK Value: 0
.casalemedia.com/	1970-01-21 06:41:27	Name: CMID Value: Zo2IjbmqPIEAAE2xAJe2dwAA
.casalemedia.com/	1970-01-21 00:05:27	Name: CMPS Value: 1198
.casalemedia.com/	1970-01-21 00:05:27	Name: CMPRO Value: 1198
.pubmatic.com/	1970-01-21 00:05:27	Name: KRTBCOOKIE_10 Value: 22808-ZTU1MDA3OTAwZGJkZWY4MDA0Y2VkMDcwNmEyZDliZWY&KRTB&22883-ZTU1MDA3OTAwZGJkZWY4MDA0Y2VkMDcwNmEyZDliZWY&KRTB&23504-ZTU1MDA3OTAwZGJkZWY4MDA0Y2VkMDcwNmEyZDliZWY
.pubmatic.com/	1970-01-20 22:39:03	Name: PugT Value: 1720551566
.adnxs.com/	1970-01-21 07:31:51	Name: receive-cookie-deprecation Value: 1
.bing.com/	1970-01-21 07:17:27	Name: MSPTC Value: 8XG2pwJ8B9-S8dEppPmV9lKu5PW9lXcrGRKC-S4zSro

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hefamue.cyou/wp-content/uploads/2022/10/leftforless.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://hefamue.cyou/wp-content/uploads/2022/10/leftforless.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://keywords.mediavine.com/keyword/web.keywords.js?pageUrl=https://hefamue.cyou/ Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://www.youtube.com/s/player/9ed4a7e1/www-widgetapi.vflset/www-widgetapi.js(Line 201) Message: Unrecognized feature: 'web-share'.
security	warning	URL: https://www.youtube.com/s/player/9ed4a7e1/www-widgetapi.vflset/www-widgetapi.js(Line 208) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://hefamue.cyou').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.grow.me
assets.pinterest.com
bam.nr-data.net
chimpstatic.com
d31qbv1cthcecs.cloudfront.net
downloads.mailchimp.com
exchange.mediavine.com
faves.grow.me
fonts.googleapis.com
fonts.gstatic.com
hefamue.cyou
keywords.mediavine.com
l.sharethis.com
log.pinterest.com
mc.us17.list-manage.com
pixel.wp.com
platform-api.sharethis.com
privacy-center.fides.mediavine.com
region1.analytics.google.com
rewardflightfinder.com
rules.quantcount.com
s.w.org
s3.amazonaws.com
scripts.mediavine.com
scripts.stay22.com
secure.quantserve.com
securepubads.g.doubleclick.net
snippet.affilimate.io
snippet.affilimatejs.com
stats.g.doubleclick.net
stats.wp.com
www.anrdoezrs.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.qksrv.net
www.stay22.com
www.turningleftforless.com
www.yceml.net
www.youtube.com
d31qbv1cthcecs.cloudfront.net
www.youtube.com
104.18.11.219
142.250.185.99
151.101.0.84
151.101.194.49
151.101.65.181
151.101.65.195
151.101.65.7
151.101.66.49
162.247.243.29
167.99.89.69
172.217.16.196
172.217.18.2
172.67.186.9
18.245.46.13
192.0.76.3
192.0.77.48
199.36.158.100
2.17.177.117
2001:4860:4802:32::36
23.212.222.60
2600:9000:223c:1400:6:44e3:f8c0:93a1
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:802::2003
2a00:1450:4001:803::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::200e
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9c
2a02:26f0:3500:892::1931
2a06:98c1:3121::3
3.127.20.100
3.160.150.14
3.64.189.227
52.216.33.24
89.207.16.75
95.101.44.28
00cf6659824ed41fa936895cf6804eb7a895b27bf606c2a99d4bb92cd6a1955f
03d34df785270643ee08fa2367dc9d5812edd17fa161c7b40689a7f3e613c86e
0737421a35efeeb7a27533696579034f9f01762686b6b6a9b03e1fafc991796b
0d16fd6a34517f29f62a8248d8fd9fc57748cdeee291a9f26e221ad9224bfad7
0e1ab6eafdc94aa4dbb937fc110bea7fccc2cb9912131b469d9698f0ae477beb
0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a
0f19b52531bdaad2062b2ecb18d3339f81bafa150583641a939d5c4b733c2744
118ac60d6d1855fdbd7379f012f9b6a97bd538293299472759a666b4d26ac843
118ba737969e71c32640f675184b4c2642b96e43fbd5855e0a5e19fe43bc72b7
11eaad0a2520ec7d97f81a7015c5edf3894363d828d263d0708580418f2cbeaf
13081d86b2f11a8db3398c0532fe59915f1fe03ffb4b9240d578c6a0b76a03eb
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1495b7b7161186933fab1445c9abd37212b53577eca92a748b5109eb6cbc0eb2
17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
19182fd038b6a090ff840f8eadb5f412fd9792b3055fb7a5baa633a91d0d0a93
1d053a5d4a0a9af2e14a71ef11ba4a7815a3ac98cf4a49dcc5e8fb872ca3a6b7
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
201dc695ba7ad24f5b671ffbb0074bcf1880605ab9bbf91a380465b6fe760988
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
21fd2df4903c9e47405d1c908cb002759b1cbed9027a21c198e4eeff4a52c492
23b4e7aeadd1864de5efe8c9b74a247f010f835690e01350e8c918d809e22264
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2bee9a57b1db076dfb8957bb0794b9110857b10b193b33f5b7b5d3fcc1253fe3
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f86770d5cbb970bb5c21159bb4fe43379ad386dabbcdfe5eb211ff4d79b5994
32a0c02d50103b9051274849cca15c30faa2f8a23852963e4fc877360e01c35d
34d48c86ab72aa08edca933d9e353be2f0e80e798ff6f3c6e9fdef9d332716be
3622df8df3ede6ddefd995acf32ded83a2ec5f2fd2edd0b25d321844d8adb9a4
36eccd25e922f2ef376422fee81b618917c57387cf6104f30fc191369b6c7784
37217cfedb39356d2a0fd317e4a8ee87d225f4364e3afc7473ab5a8e7d97ec64
39b995393fce12b21bc0ad400311d917bd61bed8f38c26b5045509fdfc6f1e5d
3c57c3917aa04277fe1a2b6763e6668a03162f1176feef126204b20ce1412182
3f7c946bb410e22a177889b5e12480cdd50353edb377796575ac3b5c46d45319
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
42b7e1ece199538675470b4721013288f4fc920aea90fa6b3f8b44ffac3e982d
452769557ec752ffe3186b5ec8ec302bd7593adc5027f5e30296f865de4e6235
46d215be4c2f2724e39f3b12926076aee752e58782cbb6c8a63d997a74464b97
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
47015a47abc7688778d4051ee9ce369b9397fde21a2d856a08a38bb864044c56
4a5e06820ae6a362b909822b0e75a5813e2c88d27b949ad2929b9327f2b3922a
4b2352fc90aadf02315b6a2c332f359f5663f98059e56e4b73ea6baa02a73448
4d6245253a2cb7225adf9586cf593ba11cd65f29ac1bb8c8438e0d43d940b7a7
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4e89f3ad5bdb2d4d4cc5d42e1ee2a9891e1e2f17c543892139a6e8ac4f9b2d5b
4eb0f14e71d4c62883f3b7ba1d5ed2b06416c533059c81082ec5ef9dadbc307a
4ed5aaeb00d8aa009b566deb19844423cfd6cafc9a5f6d97ea3177b008ebc9bb
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
519beb41aebb3d912d399ccb671ce36846d1059a4d94d6aebba7d86c34388fb5
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54a504534926ac56a180a12fcc5f4ee930dfbacd07fdc56cc7e3e12af0114f2e
56800bb9208eaa19294acbc4008cc2c6f96e95fd262b620c44da32b6f8f2301d
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
5d2c0c945c4974e73b969f7011aac63bc2429b0776cc020b613d9c252872d9c9
5d732357500246577d45b2040712de5ad03c49f22231e1e5f1b9d190884f8096
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
66001596dc3e106bdf8fbcb15e48ee7606991aad8cf0f8c6847f30978d6e4540
6713efa1c8f2aebe1876b9ceb7c757c2dab37459687b70de4476f0c45cef89c5
683a4ba894963b7d3a386842dbfc7e9e7ec80f0027c240d4dc5ec673f6a64769
684e82d57e0e22cfe1ea891ae71a007654c2eb7e69ccca318351ee9d0e9cf644
69d142504bf1d052d91b1e6145beda8f6a7cae3b9346bc716326b679f738cbcd
6aa736f40eaad43214fcf3866fa8b56f002668d2da78b570a758241ee44c0046
6b80b000b912a8543acdf7cb222a87f3cb33a6d9299bc402e294bf2a5e749e74
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
722a90d42ef2bd0ea38f0fdac6b4c0523aa4a027e9ffe889972100746e165582
751c3152934bf2df8ec036ad72cd8100c1b5260b539070d0f0a1f6be91aff5d9
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b
79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45
7b60162c61975a0e69e84375f5252acc1707f791a4ccfff8cff0abd048d1b869
7b7b27ecfc951cfef94dac6f5bdbdff0ac8487286825cf2d95368cebed885a20
7bc80ee33564d316de94f8d910c700f9d85e6332c9984423703af42d9981ab58
7f7ec3eb5d4b91fd715acd94d0df382855d4e6aea636c41c65804957ec7c839e
8a80622c62b4e1fe8def7f6b9063ebf3b356040989dc663db034a656c4d962b9
8c398b4ce94e2b1e42a4eb77ec66dfd228fcff631fdd9c0c74f8cce047d12072
8d1d84d05ce9271c058c2c7312e16ce4cb05cea916911281aff207b5cf259ee4
95e7ec8f85df2a8bbdf8a9ae396a09d0f9e0bd32d6db82be33ec59d4cec75803
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
9a3949de6a2feec927478cae9c4842c1bb49d07f4cf82756b48405dbf2f3a204
a27cd454a79b5036e0169cea6e189e0d5d566f18f5c9ef571dbfa6fabba56e9d
a3cfbde18aa8afdd228074ce7a6014aec152e90a412a2ec4a7e3d621c5041560
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a85bbf1385399ae7378c4dd69210b2a2f058ed5bd29bf407c9150a2fcaa0a228
a8850a74e6a79860ce1d72e003d6e1e78d6e3f8dacd1e16b53475ab29b48681a
ac2703bdccf412e09b63cf5fce781a258a9b8548ba8a314330c8e5a5b8e9fa5b
ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9
ae9705a0f62d33950e90c8f8292f169735281bfca461129b9e222914b05d8b90
aecb6cb22b886048bba8243816b1fad84809e2844c45dc5d5e38201bf7a99a72
b11ea4bedd59bd12fe4c58f0f3a2de5b4b111b85e0daad04623c19e9335f8195
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
b367b2c44fb204bd792dd921f37c6c501c28c74589518519a294c60a677682fe
b502ab252945a458d735b12948006ce62c4d6172a900274dd022087721cce87a
b57fed9b632f15d53c7a78442d8fb3173c12375851f87f4aea1a8df1e3cf2cdf
b6472537bb5d9d9e5354123e8581ee3427ef0677066297742e46533a58d278bc
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
b72240d2a5f928854cccccf0d15b68456d1ba7e5f3be7b09c560540f7c1150dc
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b7ff142423ac2b27d2619c931ef512a0e2b267d11f4f2cd47f8e390126b176a3
b8a559ce01528b41e0c648cab47344bccf609b9c3b0138d1fd03b5c6817d004c
b8f41b649537a954d81ea15e6e8fb78cb37bb477c2d639df7aa73e5f2f71733c
b980de510153ccc22adad3566da7f145c28f084c085af2d43074bc546e23b317
ba19beacf91a3a7cb6e7f0238a634d78f77538a1678b929f3dc4e6fc538fd8f6
bbb68f6c7f54f9c56e942c56418da718e434b3b8545589569bdae153820cd53e
bc25c7f20512037f9ca3e0c763ddb32bc7eab83bf0ab294094db3c1ffb8e2f68
bd1ab104c70d9ba6354bac5d98b92c6e9d04d8c9dbe8920144e2b68c4adab1e5
bdc2ebfd0807142b97008af83560052928ca99a5ab6965da22986fdc9907e985
bfc94fb6c153113a291637f853f7f936dd5051a3a0c846a34d4f0fdf3e61986a
bfda294ab6ad68db71c8f151df47e02a49b5530ba878ad74ab9be1b5f970c3a9
c04b19d6164eeb32f19f589f46a309f571fae6a472f643e2bb19463d578a2521
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c5d5c870a8cbf1cbf6ed11b64fcdcd3bd9469e757b27de7c43113026bcdac23a
c74d7d8a17c91b049e5dadbf2ffb333c14afdae9c7f0f425ccc5c14c1be44a47
c7b2e204729cdcf466d509a1efb8685424759294d298721de68b0b3c7a3bf6a8
cb34150905a3d5ae56c7b9d66a658a0ed0de85b1e9a41282e2e82c326831aec0
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf5ec94418985157e19aeccf148862eb21a62c5a66a94ead08dde6fc41170b02
cfdc52d688c16a02b9dd455bdf7571a7facd26bed96f87240d0a1bfdcfaefb8e
d0bd9692f9b65d7e101d08c4d2ce3bba42dcf16c193815b33e18d8a462de7ece
d61cb56d53c3bc09f69f5dc1728f9fadf2f931023984c8901af8af352db10b01
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516
d85a0ef5f46167b7a9b6bec7590651c10c9dadf99e9672f7d3bbe43fda21e761
d9d7569f8a4aeb17823989198c5588085e6160879e909de72024b37202aab408
da3df6b0dac82dfec42c728ac48792128057ca6e52612e5052d3b19391cc010e
db82fd7d887901886cd7b4e6d354cade4fe6705f9fa105b9074ea856bf78cd85
dc2341bcef953b4b7ef25e7f072ebe82a29f78f5e4214d45c736ec318949e2b4
dc510b264cc5b68ed3dd91056d54b022dac511df6f4f3c8051b5562aad7912ca
dcdd47a9cee3291e0896ee98a3b40c20f4f650dc98c91d6bf7b76398b425f907
dd686b8b62e7e767fc428095a3b57144884d439d55ae8a16c67ecb79ea9ec14a
ddf1ff5bc7b7b23fd9b607827d541b878f68116cea9928011651b37a9534632d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b
e17d4d0339ce34ba1ee3274fdc98a1bd5ca4a8f309861b63b746970a609d7d63
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4080595da996fef3fa3f88b99413660cca66cc1d79145077c454bbd6fcfb772
e7dc2d96e7b17036114e965bc4fd20227f0285f0e0a7530015fb57e6ee3a959c
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ee390366f52cb58359c2e36e947f3b133c7876aafdc578f66f92ad8b4d3ae741
eeee889349dc933c0e2dccced4da3c634a8ed4107ee442299f3b2f6721ebee75
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f015581f7876b2ff421d4f1a2a97af2bfbfb5a6d896d5cf3bf0e6a91a9bf6cba
f1fc11f5d7e67c20a1924eeaaeb0c91fc412475405e5f56ce2910a3ebcbadad0
f27076bb1347d444ce8713bfe00efd482d649ee22866bf172894344072587fb0
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95
f6a57b036356de77dac88f56212207bd7f3d2fdfe217f65ca7946813f7f0b837
f6f152b53917b29b1b77b3ced5df85be3ef87dc4d37eaf437d2642fdbe5f5858
f7d8065cf7109af2655d23b96ce925d036e2fae7b4914b3b63af9bc32316b522
fa1b08354ed78abd809faf88a06d622495d6ff413573815e6def342806959c34
fb41aae2affebd3ba9e7a5c8afcccb63309ea3141bc9e734e8c78cbc42bae57f
fc0b35809a1741c1d447395ce0b88e4b115a9623b7f96dc8207793c358329ed4
fe0a2abfe223d36ff3e251c34c2675171f4203487c66798b63cac1cfb1a893e7
fec422cd3d21f8a35e3f7ddc97ca4134226be248e3d308f310771eddbc4b111b

hefamue.cyou Open in urlscan Pro 167.99.89.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

171 Requests

97 %HTTPS

34 %IPv6

31 Domains

42 Subdomains

39 IPs

6 Countries

4260 kBTransfer

9346 kBSize

39 Cookies

26 Outgoing links

Redirected requests

171 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

hefamue.cyou Open in urlscan Pro
167.99.89.69 Public Scan

Screenshot
Live screenshot

Full Image

171
Requests

97 %
HTTPS

34 %
IPv6

31
Domains

42
Subdomains

39
IPs

6
Countries

4260 kB
Transfer

9346 kB
Size

39
Cookies

171 HTTP transactions
6 data transactions