www.gesa.com Open in urlscan Pro
141.193.213.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.freedomforschool.com.gesacu.com/
Effective URL:
https://www.gesa.com/
Submission: On September 07 via api (September 7th 2023, 10:45:39 pm UTC) from US — Scanned from US

Summary HTTP 340 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 60 IPs in 7 countries across 75 domains to perform 340 HTTP transactions. The main IP is 141.193.213.21, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.gesa.com. The Cisco Umbrella rank of the primary domain is 861246.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2023. Valid for: a year.

This is the only time www.gesa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	193.243.189.83 193.243.189.83	56655 (TERRAHOST) (TERRAHOST)
1 200	141.193.213.21 141.193.213.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	151.101.192.114 151.101.192.114	54113 (FASTLY) (FASTLY)
2	52.146.86.174 52.146.86.174	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:4004:c09::61	15169 (GOOGLE) (GOOGLE)
2	75.101.139.62 75.101.139.62	14618 (AMAZON-AES) (AMAZON-AES)
4	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::9b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c17::66	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.160.41.49 18.160.41.49	16509 (AMAZON-02) (AMAZON-02)
5	2600:1402:b80... 2600:1402:b800:3::172f:cc34	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
2	74.208.214.109 74.208.214.109	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	185.167.164.47 185.167.164.47	198622 (ADFORM) (ADFORM)
2	18.160.0.29 18.160.0.29	16509 (AMAZON-02) (AMAZON-02)
1	44.239.145.12 44.239.145.12	16509 (AMAZON-02) (AMAZON-02)
4	54.85.243.92 54.85.243.92	14618 (AMAZON-AES) (AMAZON-AES)
2	44.228.100.41 44.228.100.41	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
3	18.160.18.45 18.160.18.45	16509 (AMAZON-02) (AMAZON-02)
1	104.26.10.16 104.26.10.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::9b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::93	15169 (GOOGLE) (GOOGLE)
1	35.186.228.179 35.186.228.179	15169 (GOOGLE) (GOOGLE)
3	52.88.183.153 52.88.183.153	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 18	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
35	2600:9000:20a... 2600:9000:20aa:ec00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
2 3	54.85.196.221 54.85.196.221	14618 (AMAZON-AES) (AMAZON-AES)
1	23.47.65.161 23.47.65.161	16625 (AKAMAI-AS) (AKAMAI-AS)
2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	18.158.134.1 18.158.134.1	16509 (AMAZON-02) (AMAZON-02)
1 1	23.105.12.150 23.105.12.150	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1 2	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
1	38.98.139.150 38.98.139.150	26558 (FREEWHEEL) (FREEWHEEL)
2 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1	2600:1f18:612... 2600:1f18:612b:4264:dff3:a5b7:8008:2892	14618 (AMAZON-AES) (AMAZON-AES)
1 2	172.64.148.101 172.64.148.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	50.16.174.192 50.16.174.192	14618 (AMAZON-AES) (AMAZON-AES)
1	50.16.197.56 50.16.197.56	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 2	54.86.123.255 54.86.123.255	14618 (AMAZON-AES) (AMAZON-AES)
2	184.28.136.218 184.28.136.218	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	34.251.137.112 34.251.137.112	16509 (AMAZON-02) (AMAZON-02)
1	52.92.4.48 52.92.4.48	16509 (AMAZON-02) (AMAZON-02)
1 1	141.94.171.215 141.94.171.215	16276 (OVH) (OVH)
1 2	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	142.251.163.155 142.251.163.155	15169 (GOOGLE) (GOOGLE)
1	3.221.126.30 3.221.126.30	14618 (AMAZON-AES) (AMAZON-AES)
3 4	68.67.160.132 68.67.160.132	29990 (ASN-APPNEX) (ASN-APPNEX)
1	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.165.98.35 18.165.98.35	16509 (AMAZON-02) (AMAZON-02)
2 3	52.55.229.9 52.55.229.9	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.206.20.105 52.206.20.105	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.160.18.73 18.160.18.73	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	23.212.144.235 23.212.144.235	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.7.24.177 52.7.24.177	14618 (AMAZON-AES) (AMAZON-AES)
3 3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3 4	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	23.206.123.93 23.206.123.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2600:9000:230... 2600:9000:2305:5c00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	100.25.123.161 100.25.123.161	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1 1	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
1	3.210.56.21 3.210.56.21	14618 (AMAZON-AES) (AMAZON-AES)
1	107.178.244.119 107.178.244.119	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
340	60

1 193.243.189.83 (Kansas City, United States) 1 redirects

ASN56655 (TERRAHOST, NO)
PTR: redir.epik.com

www.freedomforschool.com.gesacu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

200 141.193.213.21 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.gesa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.114 (United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.146.86.174 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secure.node7seat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.101.139.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-139-62.compute-1.amazonaws.com

gesacu.us-1.evergage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::9b (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::66 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.41.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-49.iad55.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1402:b800:3::172f:cc34 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.208.214.109 (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ns1.marketplan.io

app.marketplan.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.47 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.160.0.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-0-29.iad12.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.145.12 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-145-12.us-west-2.compute.amazonaws.com

app.truconversion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.85.243.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-243-92.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.228.100.41 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-100-41.us-west-2.compute.amazonaws.com

app.leadsrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.160.18.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-45.iad12.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.10.16 (None, )

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::93 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.228.179 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 179.228.186.35.bc.googleusercontent.com

google-analytics.bi.owox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.88.183.153 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-183-153.us-west-2.compute.amazonaws.com

api.alpharank.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.alpharank.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.167.164.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2600:9000:20aa:ec00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.85.196.221 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-196-221.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.47.65.161 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-65-161.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.134.1 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-134-1.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.150 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.65.202 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.98.139.150 (Chicago, United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:dff3:a5b7:8008:2892 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.148.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.174.192 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-174-192.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.86.123.255 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-123-255.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.28.136.218 (Sterling, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-136-218.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.137.112 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-137-112.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.4.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.215 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:db6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.163.155 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.221.126.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-126-30.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.132 (New York, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.98.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-35.iad55.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.55.229.9 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-229-9.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.206.20.105 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-20-105.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.18.73 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-73.iad12.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Weil am Rhein, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.144.235 (Ashburn, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-144-235.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.7.24.177 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-24-177.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (Seattle, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.95.98.64 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.123.93 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-123-93.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2305:5c00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.25.123.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-123-161.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.161.21 (United States) 1 redirects

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.56.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-56-21.compute-1.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.244.119 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com

pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
200	gesa.com 1 redirects www.gesa.com — Cisco Umbrella Rank: 861246	10 MB
35	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1139	13 KB
19	adform.net 2 redirects s2.adform.net — Cisco Umbrella Rank: 7767 a2.adform.net — Cisco Umbrella Rank: 10922 c1.adform.net — Cisco Umbrella Rank: 660 dmp.adform.net — Cisco Umbrella Rank: 3578	44 KB
7	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 53 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 cm.g.doubleclick.net — Cisco Umbrella Rank: 259	4 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 405 www.linkedin.com — Cisco Umbrella Rank: 636 px4.ads.linkedin.com — Cisco Umbrella Rank: 6338	5 KB
5	licdn.com snap.licdn.com — Cisco Umbrella Rank: 909	23 KB
4	id5-sync.com 3 redirects id5-sync.com — Cisco Umbrella Rank: 432	5 KB
4	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 500 ib.adnxs.com — Cisco Umbrella Rank: 279	3 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	288 B
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3318	9 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 793 script.hotjar.com — Cisco Umbrella Rank: 1084	105 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 186	158 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 524	1 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 379	1 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2910	2 KB
3	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 743 ice.360yield.com — Cisco Umbrella Rank: 2355	1 KB
3	alpharank.io api.alpharank.io — Cisco Umbrella Rank: 88082 pixel.alpharank.io — Cisco Umbrella Rank: 93670	47 KB
3	google.com analytics.google.com — Cisco Umbrella Rank: 181 www.google.com — Cisco Umbrella Rank: 2	815 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 404	14 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 440	720 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 13731	631 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1052	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 234	2 KB
2	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 3359 mwzeom.zeotap.com — Cisco Umbrella Rank: 3456	876 B
2	openx.net 1 redirects eu-u.openx.net — Cisco Umbrella Rank: 2750	501 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 701	791 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 957	839 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 447	817 B
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 1178	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 629	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 369	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 352	490 B
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 3119	691 B
2	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 662 pixel.rubiconproject.com — Cisco Umbrella Rank: 385	1 KB
2	leadsrx.com app.leadsrx.com — Cisco Umbrella Rank: 12821	19 KB
2	cloudfront.net d10lpsik1i8c69.cloudfront.net	95 KB
2	marketplan.io app.marketplan.io — Cisco Umbrella Rank: 596519	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	21 KB
2	evergage.com gesacu.us-1.evergage.com — Cisco Umbrella Rank: 983870	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	199 KB
2	node7seat.com secure.node7seat.com — Cisco Umbrella Rank: 658741	12 KB
1	sojern.com pixel.sojern.com — Cisco Umbrella Rank: 7855	156 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2249	120 B
1	e-volution.ai 1 redirects sync.e-volution.ai — Cisco Umbrella Rank: 3196	464 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1633	109 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 29874	49 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 1143	376 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 780	610 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1452	278 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 2140	641 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1767	456 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 558	646 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 26721	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 896	472 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 745	338 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3243	398 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 31626	407 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 911	632 B
1	exelator.com loadm.exelator.com — Cisco Umbrella Rank: 1801	324 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1330	175 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 605	594 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 730	669 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4660	400 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 26527	467 B
1	owox.com google-analytics.bi.owox.com — Cisco Umbrella Rank: 88846	14 B
1	luckyorange.net settings.luckyorange.net — Cisco Umbrella Rank: 10665	1 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1605	637 B
1	truconversion.com app.truconversion.com — Cisco Umbrella Rank: 83488	1 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1412	8 KB
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 4488	47 KB
1	gesacu.com 1 redirects www.freedomforschool.com.gesacu.com	123 B
0	1dmp.io Failed sync.1dmp.io Failed
0	ib-ibi.com Failed global.ib-ibi.com Failed
0	semasio.net Failed uipglob.semasio.net Failed
340	75

	Domain	Requested by
200	www.gesa.com	1 redirects www.gesa.com
35	cdn.linkedin.oribi.io	snap.licdn.com
12	c1.adform.net	1 redirects a2.adform.net c1.adform.net
5	snap.licdn.com	www.googletagmanager.com snap.licdn.com
4	id5-sync.com	3 redirects c1.adform.net
4	dmp.adform.net	c1.adform.net
4	px.ads.linkedin.com	3 redirects c1.adform.net
4	www.facebook.com	www.gesa.com
4	tags.srv.stackadapt.com	www.gesa.com tags.srv.stackadapt.com
4	connect.facebook.net	www.gesa.com connect.facebook.net
3	pixel.tapad.com	3 redirects
3	match.adsrvr.org	3 redirects
3	a.audrte.com	2 redirects c1.adform.net
3	secure.adnxs.com	2 redirects c1.adform.net
3	cm.g.doubleclick.net	3 redirects
3	script.hotjar.com	static.hotjar.com script.hotjar.com www.gesa.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.gesa.com
2	eb2.3lift.com	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	eu-u.openx.net	1 redirects c1.adform.net
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	idsync.rlcdn.com	2 redirects
2	ps.eyeota.net	1 redirects c1.adform.net
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	a2.adform.net	1 redirects www.gesa.com
2	api.alpharank.io	www.googletagmanager.com api.alpharank.io
2	www.google.com	www.gesa.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	app.leadsrx.com	www.gesa.com app.leadsrx.com
2	d10lpsik1i8c69.cloudfront.net	www.gesa.com d10lpsik1i8c69.cloudfront.net
2	app.marketplan.io	www.googletagmanager.com app.marketplan.io
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	gesacu.us-1.evergage.com	cdn.evgnet.com
2	www.googletagmanager.com	www.gesa.com www.googletagmanager.com
2	secure.node7seat.com	www.gesa.com secure.node7seat.com
1	pixel.alpharank.io	api.alpharank.io
1	pixel.sojern.com	c1.adform.net
1	e1.emxdgt.com	c1.adform.net
1	pixel.rubiconproject.com	c1.adform.net
1	sync.e-volution.ai	1 redirects
1	bpi.rtactivate.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	sync.taboola.com	c1.adform.net
1	s.ad.smaato.net	1 redirects
1	sync.teads.tv	c1.adform.net
1	ib.adnxs.com	1 redirects
1	ice.360yield.com	1 redirects
1	pixel.mathtag.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	mwzeom.zeotap.com	c1.adform.net
1	spl.zeotap.com	1 redirects
1	pixel.onaudience.com	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	pippio.com	1 redirects
1	loadm.exelator.com	c1.adform.net
1	partners.tremorhub.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	1 redirects
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	a1.seadform.net	www.gesa.com
1	px4.ads.linkedin.com	www.gesa.com
1	www.linkedin.com	1 redirects
1	google-analytics.bi.owox.com	www.gesa.com
1	analytics.google.com	www.googletagmanager.com
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	alb.reddit.com	www.gesa.com
1	app.truconversion.com	www.gesa.com
1	s2.adform.net	www.gesa.com
1	www.redditstatic.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	cdn.evgnet.com	www.gesa.com
1	www.freedomforschool.com.gesacu.com	1 redirects
0	sync.1dmp.io Failed	c1.adform.net
0	global.ib-ibi.com Failed	c1.adform.net
0	uipglob.semasio.net Failed	c1.adform.net
340	89

This site contains links to these domains. Also see Links.

Domain
applyonline.gesa.com
onlinexpress.gesa.com
www.gesauniversity.com
www.facebook.com
www.instagram.com
twitter.com
vimeo.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.gesa.com Cloudflare Inc ECC CA-3	`2023-06-16` - `2024-06-14`	a year	crt.sh
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-06` - `2024-03-04`	a year	crt.sh
secure.norm0care.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-10` - `2024-07-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.us-1.evergage.com Amazon RSA 2048 M02	`2023-07-05` - `2024-08-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-17` - `2023-09-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
app.marketplan.io R3	`2023-08-07` - `2023-11-05`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
www.truconversion.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-11` - `2023-10-14`	a year	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-02-27` - `2023-11-07`	8 months	crt.sh
*.leadsrx.com GeoTrust TLS ECC CA G1	`2023-05-02` - `2024-06-01`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-30` - `2024-04-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
google-analytics.bi.owox.com GTS CA 1D4	`2023-07-31` - `2023-10-29`	3 months	crt.sh
api.alpharank.io R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-09`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-18`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2023-06-14` - `2024-06-14`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
pixel.alpharank.io R3	`2023-08-04` - `2023-11-02`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.gesa.com/
Frame ID: E8193E929D64BCFD2C9EAB59947D8EA3
Requests: 307 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Frame ID: B426C2F2702B880E4DBAF9AF3F7A524D
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Frame ID: E8F0DBAE5B8A73CE81C2D8F0749C2D16
Requests: 48 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F2A270670827B55A41918E71A38FC267
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Washington Credit Union | Loans | Savings Accounts | Gesa

Page URL History Show full URLs

https://www.freedomforschool.com.gesacu.com/ HTTP 301
http://www.gesa.com/ HTTP 301
https://www.gesa.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*elementor/assets

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Weglot (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

wp-content/plugins/weglot

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

340
Requests

91 %
HTTPS

21 %
IPv6

75
Domains

89
Subdomains

60
IPs

7
Countries

10683 kB
Transfer

15108 kB
Size

128
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://applyonline.gesa.com/VirtualCapture/Products?ProductSubCategory=Savings
Title: Join Gesa

Search URL Search Domain Scan URL

URL: https://onlinexpress.gesa.com/Banking/SignIn.aspx
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.gesauniversity.com/
Title: Start learning at Gesa University

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GesaCU
Title: Facebook-f

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gesacu/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/GesaCU
Title: Twitter

Search URL Search Domain Scan URL

URL: http://vimeo.com/gesacu
Title: Vimeo .cls-1{fill:none;}.cls-2{fill:#31414f;}

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gesa-credit-union
Title: Linkedin

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.freedomforschool.com.gesacu.com/ HTTP 301
http://www.gesa.com/ HTTP 301
https://www.gesa.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 250

https://a2.adform.net/Serving/TrackPoint/?pm=2179965&ADFdivider=%7C&ord=796062282147&ADFtpmode=2&loc=https%3A%2F%2Fwww.gesa.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2179965&ADFdivider=%7C&ord=796062282147&ADFtpmode=2&loc=https%3A%2F%2Fwww.gesa.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 297

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4860388&time=1694126733030&url=https%3A%2F%2Fwww.gesa.com%2F&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4860388&time=1694126733030&url=https%3A%2F%2Fwww.gesa.com%2F&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4860388%26time%3D1694126733030%26url%3Dhttps%253A%252F%252Fwww.gesa.com%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4860388&time=1694126733030&url=https%3A%2F%2Fwww.gesa.com%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4860388&time=1694126733030&url=https%3A%2F%2Fwww.gesa.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLtyyy06L-HSgAAAYpx0nh5j7xoa7CP9u4XrUQ1Zu2Rx0FQBbkjbCpfePnmbJPJzMO57g

Request Chain 308

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=5787578933027778291&Expiration=1695336333 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5787578933027778291&Expiration=1695336333

Request Chain 311

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5787578933027778291&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5787578933027778291&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=cd31e8b0cd7c4c30a922cc571f93e2bc HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=84409d25281882687cfafb82973e600761ea3f6c2de2db52c47ae6a917f63127

Request Chain 312

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=5787578933027778291&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
https://c1.adform.net/serving/cookie/match?party=10&cid=3061448840794273251

Request Chain 313

https://ups.analytics.yahoo.com/ups/55944/sync?uid=5787578933027778291&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=5787578933027778291&_origin=1&verify=true

Request Chain 315

https://x.bidswitch.net/sync?dsp_id=70&user_id=5787578933027778291 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=5787578933027778291 HTTP 302
https://partners.tremorhub.com/sync?UIBS=0c97a7cd-efa4-4e08-b39f-045166213eef&gdpr=&gdpr_consent=&us_privacy=

Request Chain 316

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5787578933027778291&expiration=1695336333 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5787578933027778291&expiration=1695336333&C=1

Request Chain 318

https://ps.eyeota.net/match?uid=5787578933027778291&bid=9gdtmu1 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=5787578933027778291&bid=9gdtmu1

Request Chain 320

https://idsync.rlcdn.com/398366.gif?partner_uid=5787578933027778291 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNTc4NzU3ODkzMzAyNzc3ODI5MRAAGg0IjaXppwYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=867b21edc17515aa69c8e237d0dad82b52e6d624d152e047c6e58b1201c627cd791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=867b21edc17515aa69c8e237d0dad82b52e6d624d152e047c6e58b1201c627cd791426b5417dce21&rand=00035953

Request Chain 321

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5787578933027778291/gdpr=/gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5787578933027778291/gdpr=/gdpr_consent=

Request Chain 323

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5787578933027778291 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5787578933027778291

Request Chain 324

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 325

https://pixel.onaudience.com/?mapped=5787578933027778291&partner=68 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=7fd3b9eebf44c39d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=27ee0705-a39d-4ef6-4445-074276ee5503&reqId=c663df25-eeed-42fe-577d-0c1748764723&zcluid=7fd3b9eebf44c39d&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEOhoAS6pwuwgnbVoxeDn2Go&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=27ee0705-a39d-4ef6-4445-074276ee5503&reqId=c663df25-eeed-42fe-577d-0c1748764723&zcluid=7fd3b9eebf44c39d&zdid=1332

Request Chain 327

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTc4NzU3ODkzMzAyNzc3ODI5MQ HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELvhf1E1ny7oo2op2M8yZZ8&google_cver=1&google_ula=1641347,0

Request Chain 328

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=3718072090947261817&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=5787578933027778291

Request Chain 332

https://a.audrte.com/a?adform_uid=5787578933027778291 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aWMzdUFqRzFrSGFSaXFSNmJEaUFQUDN6QQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 333

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=5787578933027778291&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=5787578933027778291&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=69250196544509240360270454557119392257&noredirect=1

Request Chain 334

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=5787578933027778291 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=215020604632012978129

Request Chain 335

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7276218917818857631

Request Chain 337

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=565e64fa-528e-4e00-b3bf-08accedca7f3

Request Chain 338

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=l5ln6jnM1QEnKK5

Request Chain 339

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=499e5c59-7370-4b7a-b4eb-ef16a1fa42c0

Request Chain 341

https://id5-sync.com/s/10/0.gif?puid=5787578933027778291 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=5787578933027778291&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-97cbE0M_RR7BsiBm6jZtGbEs-R4pyaDSyQCJnSuCwQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/cq/10/124/1/2.gif?puid=105e2a18-828e-4560-a43e-c84cc546b385&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/0/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/10/2/0/3.gif?puid=3718072090947261817&gdpr=0&gdpr_consent=

Request Chain 342

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2274694957 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=V5MDv8TKjlK/mnpmHfL8K.

Request Chain 345

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=5787578933027778291 HTTP 302
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=5ec638d5b7&gdpr=0&gdpr_consent=

Request Chain 346

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=5787578933027778291&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=5787578933027778291&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ca7951a4-7bdf-48a2-aa09-ad44fd620653%252Chttps%25253A%25252F%25252Fc1.adform.net%25252Fserving%25252Fcookie%25252Fmatch%25253Fparty%25253D2007%252526cid%25253Dca7951a4-7bdf-48a2-aa09-ad44fd620653%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=499e5c59-7370-4b7a-b4eb-ef16a1fa42c0&ttd_puid=ca7951a4-7bdf-48a2-aa09-ad44fd620653%2Chttps%253A%252F%252Fc1.adform.net%252Fserving%252Fcookie%252Fmatch%253Fparty%253D2007%2526cid%253Dca7951a4-7bdf-48a2-aa09-ad44fd620653%2C HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=ca7951a4-7bdf-48a2-aa09-ad44fd620653

Request Chain 349

https://eb2.3lift.com/xuid?mid=7354&xuid=5787578933027778291&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=5787578933027778291&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

Request Chain 350

https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=5787578933027778291 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

340 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.gesa.com/
Redirect Chain

https://www.freedomforschool.com.gesacu.com/
http://www.gesa.com/
https://www.gesa.com/

653 KB
61 KB

189ms
130ms

Document
text/html

141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

23f089aaea27beaaf0eb1f331c6623e8dd59ee0ee3def6b6b45e902c30a9229e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 80327b5c8ec2288c-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 22:45:24 GMT
link: <https://www.gesa.com/wp-json/>; rel="https://api.w.org/" <https://www.gesa.com/wp-json/wp/v2/pages/47>; rel="alternate"; type="application/json" <https://www.gesa.com/>; rel=shortlink
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
referrer-policy: origin
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 54
x-cache-group: normal
x-cacheable: SHORT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: WP Engine
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 80327b5abdcf25e3-MIA
Connection: keep-alive
Content-Type: text/html
Date: Thu, 07 Sep 2023 22:45:24 GMT
Location: https://www.gesa.com/
Referrer-Policy: origin
Server: cloudflare
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
alt-svc: h3=":443"; ma=86400

GET
H2 200 styles.min.css
www.gesa.com/wp-content/plugins/wp-store-locator/css/ 15 KB
4 KB 62ms
60ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/wp-store-locator/css/styles.min.css?ver=2.2.235

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a2adf4c1187ff44afb6596a750c078a97b07717364daade11a8c337771832e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 19554816
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Dec 2022 19:15:09 GMT
server: cloudflare
etag: W/"63977dbd-3a83"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 80327b5d58c6288c-MIA

GET
H2 200 front-css.css
www.gesa.com/wp-content/plugins/weglot/dist/css/ 51 KB
6 KB 57ms
56ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/weglot/dist/css/front-css.css?ver=4.0.2

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbbf83c45cce424c26bb4d929e053d264b713b70b8dcee428343b64e06a22056

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4782282
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 15 Jun 2023 15:45:46 GMT
server: cloudflare
etag: W/"648b322a-cca5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b5d58cb288c-MIA

GET
H2 200 new-flags.css
www.gesa.com/wp-content/plugins/weglot/app/styles/ 86 KB
3 KB 63ms
62ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/weglot/app/styles/new-flags.css?ver=4.0.2

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b48bb25e1fe530912d872438ef532de73c7fddad96fadc6affb18fdbd097c1d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4782282
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 15 Jun 2023 15:45:46 GMT
server: cloudflare
etag: W/"648b322a-15817"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b5d58d1288c-MIA

GET
H2 200 elementor-icons.min.css
www.gesa.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 49ms
48ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

83059e4c1a5c210e5585d96779fe655170817193d43e247c78dffaae7b7ba3a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4773709
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 07 Jun 2023 18:28:43 GMT
server: cloudflare
etag: W/"6480cc5b-4b4f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b5d58d4288c-MIA

GET
H2 200 frontend.min.css
www.gesa.com/wp-content/plugins/elementor/assets/css/ 158 KB
20 KB 64ms
63ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.8.1

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b091fb04aeb43da4cec3392a4de451d0f6b97a91235e0dc68560bc271c2b83c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4773709
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 07 Jun 2023 18:28:46 GMT
server: cloudflare
etag: W/"6480cc5e-27687"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b5d58da288c-MIA

GET
H2 200 frontend.min.css
www.gesa.com/wp-content/plugins/elementor-pro/assets/css/ 483 KB
45 KB 52ms
50ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.8.1

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b10604af435fcda6674878212b06d1b8d557aee0f5c877dc5befab22ebf71c9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4773709
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 07 Jun 2023 18:28:39 GMT
server: cloudflare
etag: W/"6480cc57-78c7d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b5d891b288c-MIA

GET
H2 200 default.min.css
www.gesa.com/wp-content/plugins/tablepress/css/ 5 KB
2 KB 49ms
48ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/tablepress/css/default.min.css?ver=1.14

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4773709
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 07 Jun 2023 18:28:13 GMT
server: cloudflare
etag: W/"6480cc3d-13e4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b5d891d288c-MIA

GET
H2 200 responsive.css
www.gesa.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/ 30 KB
3 KB 50ms
49ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.7.4

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

73b2fdcf25aa909c7b0f072cf791066350ab834ca1d0d01ef096bb5583318213

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2509758
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 06 Jun 2023 17:49:44 GMT
server: cloudflare
etag: W/"647f71b8-764b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b5d891f288c-MIA

GET
H2 200 foundation.css
www.gesa.com/wp-content/themes/gesa/assets/css/ 167 KB
18 KB 65ms
64ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/themes/gesa/assets/css/foundation.css?ver=6.5.3

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e77dafe902b5371d42c7e236b778a91874bfb8bdb2dc82b3ee3d4803d20fd9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4773709
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 26 Jan 2023 20:31:12 GMT
server: cloudflare
etag: W/"63d2e310-29dfd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b5d8920288c-MIA

GET
H2 200 custom.css
www.gesa.com/wp-content/themes/gesa/assets/css/ 353 KB
46 KB 73ms
72ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/themes/gesa/assets/css/custom.css?ver=1.0.22

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e18b9694e50520d13ba30b0825d6d47dd3eff828d49e4f9485e484ca502f188d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4775470
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 29 Jun 2023 00:08:23 GMT
server: cloudflare
etag: W/"649ccb77-58274"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b5d8922288c-MIA

GET
H2 200 style.css
www.gesa.com/wp-content/themes/gesa/ 1 KB
635 B 48ms
47ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/themes/gesa/style.css?ver=1.1.0

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

69bba50b17d75423288fd69eb23a6bf3a4ad2b63e762f64bd01c973228204e28

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4782282
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 11 Jul 2023 08:13:53 GMT
server: cloudflare
etag: W/"64ad0f41-453"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b5d8923288c-MIA

GET
H2 200 front-js.js Show response
www.gesa.com/wp-content/plugins/weglot/dist/ 4 KB
2 KB 52ms
52ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/weglot/dist/front-js.js?ver=4.0.2

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

14ab9d038257f517c4e1b485d7a9228fe500c0ebfa571350232f73f2c1c8e991

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4782282
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 15 Jun 2023 15:45:46 GMT
server: cloudflare
etag: W/"648b322a-1124"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b5d8925288c-MIA

GET
H2 200 jquery.min.js Show response
www.gesa.com/wp-includes/js/jquery/ 85 KB
31 KB 57ms
55ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1269163
x-wpe-request-id: 1ddc19017dc6eefc5f4dba7c6d4b4fea
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Fri, 26 May 2023 11:33:35 GMT
server: cloudflare
etag: W/"6470990f-155ba"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b5d8927288c-MIA

GET
H2 200 jquery.bind-first-0.2.3.min.js Show response
www.gesa.com/wp-content/plugins/pixelyoursite/dist/scripts/ 1 KB
825 B 52ms
51ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.3

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1269163
x-wpe-request-id: 5c82e11a6008ae54a6ede75c0d42afd2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 22 Aug 2023 23:34:58 GMT
server: cloudflare
etag: W/"64e54622-525"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b5d892a288c-MIA

GET
H2 200 js.cookie-2.1.3.min.js Show response
www.gesa.com/wp-content/plugins/pixelyoursite/dist/scripts/ 2 KB
973 B 61ms
60ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1377838
x-wpe-request-id: bdd08a3841c8b7cadc4f706659ba3268
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 22 Aug 2023 23:34:58 GMT
server: cloudflare
etag: W/"64e54622-6ad"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b5d892d288c-MIA

GET
H2 200 public.js Show response
www.gesa.com/wp-content/plugins/pixelyoursite/dist/scripts/ 108 KB
18 KB 69ms
69ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.4.2

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffe894f0b96b4663c3e50d90cc93d2a99e2d2fb8e1aa87be6a9fd8a6be9dfad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 127636
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 22 Aug 2023 23:34:58 GMT
server: cloudflare
etag: W/"64e54622-1af2c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b5db9b0288c-MIA

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/gesacu/gesa_prod/scripts/ 194 KB
47 KB 123ms
65ms Script
application/javascript 151.101.192.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/gesacu/gesa_prod/scripts/evergage.min.js
Requested by: Host: www.gesa.com
URL: https://www.gesa.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57281860acb6e40d2a7427273de8f14fe40100d41dc3da8da477633efbcaa72a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: bU7EloZhkub98V.QkdF7k5f4YqPi5nj1
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 07 Sep 2023 22:45:24 GMT
x-amz-request-id: R167VVCFCFFTT4K3
age: 23
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: PENDING
content-length: 47781
x-amz-id-2: wXgPKa7MqPAOF6JIAuVWkn6iq6KtvZznJiN0bwBM429Dm3U8ym/zCX5WEFJwIuu7sM+YEaPznM4=
x-served-by: cache-iad-kcgs7200023-IAD, cache-mia-kmia1760037-MIA
x-amz-meta-evergage-sum: 5780d06c3059de4114cbc85f02a55f457d3edb02
last-modified: Thu, 31 Aug 2023 20:31:55 GMT
server: AmazonS3
x-timer: S1694126725.786176,VS0,VE39
etag: "fc16837ce3109d93e5a840522baa45c3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
x-amz-meta-evergage-beacon-ver: 16
x-cache-hits: 23741, 1

GET
H/1.1 200
OK 219777.js Show response
secure.node7seat.com/js/ 24 KB
11 KB 3586ms
3253ms Script
text/javascript 52.146.86.174
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.node7seat.com/js/219777.js
Requested by: Host: www.gesa.com
URL: https://www.gesa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.146.86.174 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 959cebca7f138c790398730f074d9f08786d0537389390ca18d67b7988d13ac3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 07 Sep 2023 22:45:28 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-store, must-revalidate
Connection: keep-alive
Request-Context: appId=cid-v1:bc2713c3-85d3-454a-adab-7b0fd01bd9ed

GET
H3 200 AFF-College-Place-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 50 KB
51 KB 150ms
133ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-College-Place-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b900014a85bda70cde617cdaae7a8a91727943c760cfc92b40760c29cef14312

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 502969
cf-polished: origFmt=png, origSize=56881
x-wpe-request-id: b34540228e341fbf1aef5f4093a308e3
content-disposition: inline; filename="AFF-College-Place-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 51584
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-de31"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b749fdb8df4-MIA

GET
H3 200 AFF-Columbia-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 53 KB
54 KB 160ms
143ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Columbia-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

79c2f8e000136ab8664c9c2f22cbc8aafbee419a1eac3fec7ec32822c925cf7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6188
cf-polished: origFmt=png, origSize=60576
content-disposition: inline; filename="AFF-Columbia-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 54748
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-eca0"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b749fe78df4-MIA

GET
H3 200 AFF-Davis-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 19 KB
20 KB 176ms
160ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Davis-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9796bc60fc921b490963396feaf198b84c0791bfdf574b230f75e451fb6368ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3967
cf-polished: origFmt=png, origSize=22616
content-disposition: inline; filename="AFF-Davis-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 19544
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-5858"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b749fea8df4-MIA

GET
H3 200 dc-college-heritage.png
www.gesa.com/wp-content/uploads/2023/04/ 12 KB
13 KB 176ms
160ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2023/04/dc-college-heritage.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a71c1b9c1b84a8603ced9fcc3a73fc59521065a35fe045a03c3fcd6f6c01977

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 356580
cf-polished: origFmt=png, origSize=27560
content-disposition: inline; filename="dc-college-heritage.webp"
alt-svc: h3=":443"; ma=86400
content-length: 12654
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Fri, 14 Apr 2023 18:09:26 GMT
server: cloudflare
etag: "643996d6-6ba8"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74aff78df4-MIA

GET
H3 200 AFF-Delta-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 42 KB
43 KB 181ms
165ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Delta-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3026106731138872e882acce33910e82c9280990fa45317c9e900e1535e5039b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273341
cf-polished: origFmt=png, origSize=47670
content-disposition: inline; filename="AFF-Delta-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 43112
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-ba36"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74affa8df4-MIA

GET
H3 200 AFF-TCDD.png
www.gesa.com/wp-content/uploads/2022/06/ 22 KB
23 KB 183ms
167ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-TCDD.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2ba197eefdf3e395c59767820118e11190c70b206b99ac654f0155008cc62af

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272896
cf-polished: origFmt=png, origSize=26484
content-disposition: inline; filename="AFF-TCDD.webp"
alt-svc: h3=":443"; ma=86400
content-length: 22924
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-6774"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74affd8df4-MIA

GET
H3 200 AFF-Eastmont-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 54 KB
54 KB 183ms
167ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Eastmont-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

334d5e7f9a35f81aeabf466f3ee3c0c9522077a4f14c336998c7cb9827e7b21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 645100
cf-polished: origFmt=png, origSize=60044
x-wpe-request-id: 6d74577d0ebfa91973e580fc25049425
content-disposition: inline; filename="AFF-Eastmont-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 55142
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-ea8c"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74a8098df4-MIA

GET
H3 200 AFF-Edmonds-Heights-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 45 KB
45 KB 187ms
171ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Edmonds-Heights-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5716bdd72281749566ea5f0b5961c0c3b9c9d7ac0ba04cf45e064f0cd8bada0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6187
cf-polished: origFmt=png, origSize=51532
content-disposition: inline; filename="AFF-Edmonds-Heights-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 45584
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-c94c"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74a80a8df4-MIA

GET
H3 200 AFF-Edmonds-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 27 KB
28 KB 200ms
184ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Edmonds-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d2f6022504259884302bb439c2b3782b0fa686af2a040f3766119cc5a83d464

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19153
cf-polished: origFmt=png, origSize=31194
content-disposition: inline; filename="AFF-Edmonds-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 27696
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-79da"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74a80d8df4-MIA

GET
H3 200 AFF-Eisenhower-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 23 KB
24 KB 205ms
189ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Eisenhower-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

119c68cafab2592ca4b6c4c435cc38885313eefbaf9b6373f9ad20c37d172d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1394088
cf-polished: origFmt=png, origSize=26444
x-wpe-request-id: d74ed184f9280722a258f2536179c5df
content-disposition: inline; filename="AFF-Eisenhower-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 23558
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-674c"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74a80f8df4-MIA

GET
H3 200 AFF-LH-Fire.png
www.gesa.com/wp-content/uploads/2022/06/ 109 KB
109 KB 205ms
189ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-LH-Fire.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fffd742919bedf3c6281c0f6b22c79d1d9c618255adedcda280cc1fdaf6b45c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272895
cf-polished: origFmt=png, origSize=127363
content-disposition: inline; filename="AFF-LH-Fire.webp"
alt-svc: h3=":443"; ma=86400
content-length: 111310
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-1f183"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74b81f8df4-MIA

GET
H3 200 dc-affinity-hs-hanford.png
www.gesa.com/wp-content/uploads/2022/06/ 26 KB
26 KB 217ms
201ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/dc-affinity-hs-hanford.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ef003c90c31f90a2abb3b6003fa3c8c463d1eb66eb3c2379b2bd2d7cac626e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 356580
cf-polished: origFmt=png, origSize=59872
content-disposition: inline; filename="dc-affinity-hs-hanford.webp"
alt-svc: h3=":443"; ma=86400
content-length: 26372
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:09 GMT
server: cloudflare
etag: "63977dbd-e9e0"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74b8208df4-MIA

GET
H3 200 dc-affinity-hs-kamiakin.png
www.gesa.com/wp-content/uploads/2022/06/ 30 KB
30 KB 217ms
201ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/dc-affinity-hs-kamiakin.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0afe04cfbce95f98b08ab24d6d787e27054a02c3c02c6bb7da44c86c8515e132

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273341
cf-polished: origFmt=png, origSize=64021
content-disposition: inline; filename="dc-affinity-hs-kamiakin.webp"
alt-svc: h3=":443"; ma=86400
content-length: 30314
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:09 GMT
server: cloudflare
etag: "63977dbd-fa15"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74b8228df4-MIA

GET
H3 200 AFF-Kennewick-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 44 KB
45 KB 218ms
202ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Kennewick-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfbd42ebc962e0689ff68829d89849ec773ce8dd88ba545355753384cca4ca58

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 502968
cf-polished: origFmt=png, origSize=49732
x-wpe-request-id: 60e3f36020c28cb1b6b56590015b9c3c
content-disposition: inline; filename="AFF-Kennewick-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 45106
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-c244"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74b8268df4-MIA

GET
H3 200 dc-affinity-hs-kibe.png
www.gesa.com/wp-content/uploads/2022/06/ 84 KB
85 KB 219ms
203ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/dc-affinity-hs-kibe.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ae8d74f433ccc26f492867cb1964639892e27298c26e169bfc0777ccd1626b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273341
cf-polished: origFmt=png, origSize=133591
content-disposition: inline; filename="dc-affinity-hs-kibe.webp"
alt-svc: h3=":443"; ma=86400
content-length: 86124
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:10 GMT
server: cloudflare
etag: "63977dbe-209d7"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74b8288df4-MIA

GET
H3 200 dc-affinity-hs-prosser-1920x1210.png
www.gesa.com/wp-content/uploads/2023/07/ 224 KB
225 KB 223ms
207ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2023/07/dc-affinity-hs-prosser-1920x1210.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe9c1f23cc3e0d87a3ed0094d41727945ab61b28651e45441f0f98f9ac309153

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 200335
cf-polished: origFmt=png, origSize=457633
content-disposition: inline; filename="dc-affinity-hs-prosser-1920x1210.webp"
alt-svc: h3=":443"; ma=86400
content-length: 229794
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Tue, 18 Jul 2023 23:15:30 GMT
server: cloudflare
etag: "64b71d12-6fba1"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74c82f8df4-MIA

GET
H3 200 AFF-Lynnwood-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 52 KB
52 KB 240ms
224ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Lynnwood-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e87f2df7792f0f76c391e34fb95c32c45c1eebc228f7eadfe6e7191997d4d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3967
cf-polished: origFmt=png, origSize=59030
content-disposition: inline; filename="AFF-Lynnwood-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 53118
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-e696"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74c8308df4-MIA

GET
H3 200 AFF-Meadowdale-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 46 KB
47 KB 243ms
227ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Meadowdale-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e779c3a7445c68e4334fbf89302ecb07ef48ba033e02ac0485ad8ca410be6d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 502968
cf-polished: origFmt=png, origSize=52525
x-wpe-request-id: f55994cd995af935dae745a15a350f81
content-disposition: inline; filename="AFF-Meadowdale-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 47248
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-cd2d"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74c8328df4-MIA

GET
H3 200 dc-affinity-hs-vanguard-academy.png
www.gesa.com/wp-content/uploads/2023/07/ 24 KB
24 KB 244ms
229ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2023/07/dc-affinity-hs-vanguard-academy.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

55bf0bda5de576f5026effeddf372974746d1ed1309ad882b39e24fbc9eb6c0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273340
cf-polished: origFmt=png, origSize=56203
content-disposition: inline; filename="dc-affinity-hs-vanguard-academy.webp"
alt-svc: h3=":443"; ma=86400
content-length: 24600
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Fri, 18 Aug 2023 23:47:08 GMT
server: cloudflare
etag: "64e002fc-db8b"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74c8338df4-MIA

GET
H3 200 AFF-Mountlake-Terrace-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 47 KB
48 KB 244ms
229ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Mountlake-Terrace-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97ab3d97b58d92065b53294cd5fc2afd4215498de07727f585321cf01a0d6bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1394088
cf-polished: origFmt=png, origSize=54344
x-wpe-request-id: 65d172a47941edbe42f46d43b355b9a3
content-disposition: inline; filename="AFF-Mountlake-Terrace-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 48622
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-d448"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74c8358df4-MIA

GET
H3 200 AFF-New-Horizons-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 56 KB
56 KB 245ms
230ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-New-Horizons-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dbfeb7d4f8335eba017f0cbb0b779b34122d5e1f2b478e08afd0dd439bdf597

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3967
cf-polished: origFmt=png, origSize=62417
content-disposition: inline; filename="AFF-New-Horizons-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 57248
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-f3d1"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74c8438df4-MIA

GET
H3 200 AFF-Pasco-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 57 KB
57 KB 246ms
231ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Pasco-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

22cb7afd879af42251168f826b48ee24fc02073275e079dbf9760af9d7e074e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 471098
cf-polished: origFmt=png, origSize=64476
content-disposition: inline; filename="AFF-Pasco-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 58356
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-fbdc"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74c8448df4-MIA

GET
H3 200 AFF-Richland-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 48 KB
49 KB 247ms
232ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Richland-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c668b9785b8c2c0bb2479b6bd16f736385324a5a39870a92cf3d9e801080f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2527500
cf-polished: origFmt=png, origSize=55744
content-disposition: inline; filename="AFF-Richland-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 49456
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-d9c0"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74c8458df4-MIA

GET
H3 200 AFF-LH-Law.png
www.gesa.com/wp-content/uploads/2022/06/ 78 KB
78 KB 248ms
233ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-LH-Law.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c0364839511190adcbff9a36a5e132148ceb13b68cbf9e15754731d674343d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6187
cf-polished: origFmt=png, origSize=91673
content-disposition: inline; filename="AFF-LH-Law.webp"
alt-svc: h3=":443"; ma=86400
content-length: 79582
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-16619"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74c8468df4-MIA

GET
H3 200 AFF-Riverview-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 52 KB
52 KB 249ms
235ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Riverview-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5961d71393baae1c306262924f46d57353e352e001f9e20f694f16c074502438

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3377564
cf-polished: origFmt=png, origSize=58634
content-disposition: inline; filename="AFF-Riverview-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 52874
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-e50a"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74c8478df4-MIA

GET
H3 200 AFF-Scriber-Lake-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 49 KB
50 KB 251ms
236ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Scriber-Lake-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e657f7cbb9079a832a9376c1c8d207f573e432cf5be12a3d25edbac232ec9115

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3967
cf-polished: origFmt=png, origSize=55222
content-disposition: inline; filename="AFF-Scriber-Lake-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 50292
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-d7b6"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74d84a8df4-MIA

GET
H3 200 AFF-Southridge-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 48 KB
48 KB 251ms
237ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Southridge-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

06610fe2a43b1065a10fef2028f0e284be932e564723402722764bc7e9b4bee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3967
cf-polished: origFmt=png, origSize=54525
content-disposition: inline; filename="AFF-Southridge-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 49072
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-d4fd"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74d84c8df4-MIA

GET
H3 200 AFF-St-Patrick-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 25 KB
25 KB 252ms
237ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-St-Patrick-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

971c32a32a129e8bc0d7eed9d55e997308e4fb48d3af5c89f38f9af6ff1907f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 502968
cf-polished: origFmt=png, origSize=28495
x-wpe-request-id: 4a3f71c1224a431f2f29caab871f1ef0
content-disposition: inline; filename="AFF-St-Patrick-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 25432
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-6f4f"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74d84f8df4-MIA

GET
H3 200 AFF-LH-Teacher.webp
www.gesa.com/wp-content/uploads/2022/06/ 180 KB
181 KB 258ms
243ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-LH-Teacher.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

226898bfae2c40913fd46106a6634772385e08dddfd767474385770ebae28e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3355077
alt-svc: h3=":443"; ma=86400
content-length: 184432
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-2d070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74d8518df4-MIA

GET
H3 200 AFF-LH-Veteran.webp
www.gesa.com/wp-content/uploads/2022/06/ 196 KB
196 KB 267ms
252ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-LH-Veteran.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcce3372b7f8e6f3f73291a90fe22268c87fb0ba4c149f89e1463e8b7675ce42

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273340
alt-svc: h3=":443"; ma=86400
content-length: 200436
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-30ef4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74d8558df4-MIA

GET
H3 200 AFF-Walla-Walla-Debit.webp
www.gesa.com/wp-content/uploads/2022/06/ 41 KB
41 KB 272ms
258ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Walla-Walla-Debit.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e92a53ce94858393660decb26aa46fd5884ac7d407bd03081b624602e04dd0c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273340
alt-svc: h3=":443"; ma=86400
content-length: 42088
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-a468"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74d85f8df4-MIA

GET
H3 200 AFF-Wenatchee-Debit-1.webp
www.gesa.com/wp-content/uploads/2022/06/ 111 KB
112 KB 273ms
259ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Wenatchee-Debit-1.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fac441fc28156645fa152344532bfd8005e06c134980dd4112fbd0eaf4d7662f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1394088
x-wpe-request-id: 9393104fa667d793af4b9760fecd234b
alt-svc: h3=":443"; ma=86400
content-length: 114018
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-1bd62"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74d8608df4-MIA

GET
H3 200 AFF-Westside-Debit.webp
www.gesa.com/wp-content/uploads/2022/06/ 111 KB
111 KB 277ms
263ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Westside-Debit.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

241d5d37ce41bf5054b2a911827b9480f99e669dc2aa7982dca688028b35cb51

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1394088
x-wpe-request-id: 2a2e044403a965ce96a5163f58ac7e26
alt-svc: h3=":443"; ma=86400
content-length: 113498
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-1bb5a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74d8618df4-MIA

GET
H3 200 dc-affinity-hs-edmonds-woodway.png
www.gesa.com/wp-content/uploads/2022/12/ 31 KB
31 KB 280ms
266ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/12/dc-affinity-hs-edmonds-woodway.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

137ce284058103233f12c23f00cb0ce873387bf0d46ce523b5fb1dfb22d8cb05

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273339
cf-polished: origFmt=png, origSize=69435
content-disposition: inline; filename="dc-affinity-hs-edmonds-woodway.webp"
alt-svc: h3=":443"; ma=86400
content-length: 31420
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 22 Dec 2022 23:35:32 GMT
server: cloudflare
etag: "63a4e9c4-10f3b"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74d8628df4-MIA

GET
H3 200 forevergreen-min-1920x1210.png
www.gesa.com/wp-content/uploads/2023/04/ 110 KB
111 KB 281ms
267ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2023/04/forevergreen-min-1920x1210.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb5bb791c0aa0ded45801e3762ee1507cee4076d3ac4f3b155e3d25d68c15422

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 200335
cf-polished: origFmt=png, origSize=235113
content-disposition: inline; filename="forevergreen-min-1920x1210.webp"
alt-svc: h3=":443"; ma=86400
content-length: 112662
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Tue, 25 Apr 2023 16:52:13 GMT
server: cloudflare
etag: "6448053d-39669"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74d8648df4-MIA

GET
H3 200 dc-affinity-hs-talley.png
www.gesa.com/wp-content/uploads/2022/10/ 72 KB
72 KB 282ms
268ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/10/dc-affinity-hs-talley.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cc56655684dd02ce927521ac8435d2b35c0482a7153a2fadac60b4a91cd8f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3967
cf-polished: origFmt=png, origSize=111681
content-disposition: inline; filename="dc-affinity-hs-talley.webp"
alt-svc: h3=":443"; ma=86400
content-length: 73642
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:07 GMT
server: cloudflare
etag: "63977dbb-1b441"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74e86b8df4-MIA

GET
H3 200 dc-affinity-hs-renton.png
www.gesa.com/wp-content/uploads/2022/10/ 26 KB
26 KB 284ms
270ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/10/dc-affinity-hs-renton.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c42b88e1c62f40544d064489d9ec2ff8a1b3053bd12cb579a41ba6bfdcc2fb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273339
cf-polished: origFmt=png, origSize=56304
content-disposition: inline; filename="dc-affinity-hs-renton.webp"
alt-svc: h3=":443"; ma=86400
content-length: 26252
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:06 GMT
server: cloudflare
etag: "63977dba-dbf0"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74e86e8df4-MIA

GET
H3 200 dc-affinity-hs-lindbergh.png
www.gesa.com/wp-content/uploads/2022/10/ 34 KB
35 KB 284ms
270ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/10/dc-affinity-hs-lindbergh.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f6593da5f5c0c28ddb6413992e1f3dcbbce263b0790eae02daf1ae8df812bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6187
cf-polished: origFmt=png, origSize=70604
content-disposition: inline; filename="dc-affinity-hs-lindbergh.webp"
alt-svc: h3=":443"; ma=86400
content-length: 35128
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:06 GMT
server: cloudflare
etag: "63977dba-113cc"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74e8718df4-MIA

GET
H3 200 dc-affinity-hs-hazen.png
www.gesa.com/wp-content/uploads/2022/10/ 41 KB
42 KB 285ms
271ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/10/dc-affinity-hs-hazen.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

10bd18f098e5cef6e2a15898fe091a6b7821fb97f3f524349552bb3a4f3576d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3967
cf-polished: origFmt=png, origSize=85198
content-disposition: inline; filename="dc-affinity-hs-hazen.webp"
alt-svc: h3=":443"; ma=86400
content-length: 42412
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:06 GMT
server: cloudflare
etag: "63977dba-14cce"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74e8728df4-MIA

GET
H3 200 AFF-WSU-Debit-Retro.webp
www.gesa.com/wp-content/uploads/2022/06/ 29 KB
29 KB 286ms
272ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-WSU-Debit-Retro.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

03875f5ffa03acb3b4e09691ae36cdb0f1a4d3af8da45b8f4d998ed175236f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3967
alt-svc: h3=":443"; ma=86400
content-length: 29602
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-73a2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74e8748df4-MIA

GET
H3 200 AFF-LH-Healthcare.webp
www.gesa.com/wp-content/uploads/2022/06/ 112 KB
112 KB 287ms
273ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-LH-Healthcare.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

326b21d33a052c868180ff94d32409cdc689aa9ba9b68ca6787a2853100a1ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1394088
x-wpe-request-id: afd61534941f0240173a23da197c0e8b
alt-svc: h3=":443"; ma=86400
content-length: 114426
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-1befa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74e87c8df4-MIA

GET
H3 200 AFF-WSU-Debit-2.webp
www.gesa.com/wp-content/uploads/2022/06/ 63 KB
64 KB 290ms
276ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-WSU-Debit-2.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dffbec59d2319c3236a3edfe56f55f12ada2d9023eed6f204fc7f83b32c0cb40

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3355076
alt-svc: h3=":443"; ma=86400
content-length: 64664
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-fc98"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74e87e8df4-MIA

GET
H3 200 AFF-WSU-Debit-1.webp
www.gesa.com/wp-content/uploads/2022/06/ 93 KB
93 KB 292ms
278ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-WSU-Debit-1.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c26c8fee132cba88ff48de65daefb51c9972fab6d3d13136d54634033d0e9bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1394088
x-wpe-request-id: a9fba26d3f36b11b87b544e3cda20474
alt-svc: h3=":443"; ma=86400
content-length: 94978
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-17302"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74e87f8df4-MIA

GET
H3 200 AFF-WSU-Credit.webp
www.gesa.com/wp-content/uploads/2022/06/ 29 KB
29 KB 294ms
280ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-WSU-Credit.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c9ef83e9ca2f04a0a6ef605ecdc810c7ea0b36e7b9767bdcf6bdc38c6a8e831

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3355076
alt-svc: h3=":443"; ma=86400
content-length: 29664
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-73e0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74e8818df4-MIA

GET
H3 200 AFF-WSU-Credit-1.webp
www.gesa.com/wp-content/uploads/2022/06/ 20 KB
20 KB 321ms
307ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-WSU-Credit-1.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d428752937c011563195cd8738502cfbefb1f52d1ace608bf297eabda0e64e5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1394088
x-wpe-request-id: f7532f7787fd85a0275ed5b4ef05ddb3
alt-svc: h3=":443"; ma=86400
content-length: 20314
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-4f5a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74e8848df4-MIA

GET
H3 200 AFF-WSU-Debit-3.webp
www.gesa.com/wp-content/uploads/2022/06/ 46 KB
46 KB 295ms
281ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-WSU-Debit-3.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

251f896d186d1d27c03670e3ea1894bff902ba52479c5ae148fa28cd218e9625

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3967
alt-svc: h3=":443"; ma=86400
content-length: 47076
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-b7e4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74e8858df4-MIA

GET
H3 200 AFF-Highline-Debit-2.png
www.gesa.com/wp-content/uploads/2022/06/ 36 KB
36 KB 323ms
310ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Highline-Debit-2.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3169045b619f079c09edc6c6dc04268c645697430b7f0ccdfe815b8735c199d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2527500
cf-polished: origFmt=png, origSize=41188
content-disposition: inline; filename="AFF-Highline-Debit-2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 36530
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-a0e4"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74e8888df4-MIA

GET
H3 200 AFF-Highline-Debit-1.png
www.gesa.com/wp-content/uploads/2022/06/ 34 KB
35 KB 296ms
283ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Highline-Debit-1.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d31b51d4ac3d588bbcc4a10aed1abafcf50fb626b656fa5309fedaed567645cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 107450
cf-polished: origFmt=png, origSize=40882
content-disposition: inline; filename="AFF-Highline-Debit-1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 35172
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-9fb2"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74e8898df4-MIA

GET
H3 200 AFF-CBC-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 27 KB
27 KB 297ms
284ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-CBC-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

63046617ab9c0650fb173a815023797cbd872c48898e0f57b6ec8fca7bd1d390

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6186
cf-polished: origFmt=png, origSize=31577
content-disposition: inline; filename="AFF-CBC-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 27596
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-7b59"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74e88b8df4-MIA

GET
H3 200 AFF-Naches-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 50 KB
51 KB 323ms
310ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Naches-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

92af5c3016059719e31e89d97c6c9a63cbeaa5e938ce63e2c16dc7e8bc6d54fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1394088
cf-polished: origFmt=png, origSize=55683
x-wpe-request-id: af663efb4fe9655e5cd0204e9b5858e7
content-disposition: inline; filename="AFF-Naches-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 51314
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-d983"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74e88d8df4-MIA

GET
H3 200 dc-affinity-hs-westvalley.png
www.gesa.com/wp-content/uploads/2023/01/ 32 KB
32 KB 297ms
284ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2023/01/dc-affinity-hs-westvalley.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dba8bca52aa39a7625f4d95945248c572f6d15999b2f539effcafd17a3c61528

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1394088
cf-polished: origFmt=png, origSize=72168
x-wpe-request-id: da6fc1680d19b63dbc1acfa059c20190
content-disposition: inline; filename="dc-affinity-hs-westvalley.webp"
alt-svc: h3=":443"; ma=86400
content-length: 32608
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Wed, 11 Jan 2023 20:38:41 GMT
server: cloudflare
etag: "63bf1e51-119e8"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74e88f8df4-MIA

GET
H3 200 dc-affinity-hs-moseslake.png
www.gesa.com/wp-content/uploads/2022/06/ 56 KB
57 KB 325ms
312ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/dc-affinity-hs-moseslake.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb82eb390a781039b7a17650eaf12f0d043c5df1a46e260977c0e5bb9c030b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272892
cf-polished: origFmt=png, origSize=109428
content-disposition: inline; filename="dc-affinity-hs-moseslake.webp"
alt-svc: h3=":443"; ma=86400
content-length: 57848
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:10 GMT
server: cloudflare
etag: "63977dbe-1ab74"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74f8988df4-MIA

GET
H3 200 AFF-Liberty-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 52 KB
52 KB 326ms
313ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Liberty-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef101c7141faba6cb722927ca4ec51fde7482befad59c13b9ecee64eba139060

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1394088
cf-polished: origFmt=png, origSize=58152
x-wpe-request-id: 0092af31f5e7cf7852fc9b2b114b3076
content-disposition: inline; filename="AFF-Liberty-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 52762
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-e328"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74f89b8df4-MIA

GET
H3 200 AFF-TCA-1.png
www.gesa.com/wp-content/uploads/2022/06/ 22 KB
23 KB 299ms
286ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-TCA-1.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aba30c4a7bbf09cdd029e920b0c2e78f1ab14cb99c78443c1a684c0270b15212

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273339
cf-polished: origFmt=png, origSize=26018
content-disposition: inline; filename="AFF-TCA-1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 22590
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-65a2"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74f89c8df4-MIA

GET
H3 200 AFF-Chiawana-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 58 KB
58 KB 327ms
314ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Chiawana-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f28f5c6a226dcd2c3b80fca12f7ef0b43a0385bd27cb69c698c8443f050d66d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273339
cf-polished: origFmt=png, origSize=65059
content-disposition: inline; filename="AFF-Chiawana-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 59116
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-fe23"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74f8a08df4-MIA

GET
H3 200 animations.min.css
www.gesa.com/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 51ms
50ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4359365
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 06 Jun 2023 17:49:30 GMT
server: cloudflare
etag: W/"647f71aa-4824"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b5e8ef08df4-MIA

GET
H3 200 frontend-script.js Show response
www.gesa.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/ 40 B
470 B 43ms
43ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.7.4

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8166c5475df6a64ab2456e95f64564164ed697d258e8bfed8cebca40efd6fa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 507736
x-wpe-request-id: 9b1358c11eabf2b9e055066208ad5136
alt-svc: h3=":443"; ma=86400
content-length: 40
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 06 Jun 2023 17:49:44 GMT
server: cloudflare
etag: "647f71b8-28"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b5edf728df4-MIA

GET
H3 200 widget-scripts.js Show response
www.gesa.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 134 KB
37 KB 3245ms
3244ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.7.4

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdaa4c91b5bc3dd4ce8e1345b453844dd414602022a182ce2853d87bd4b9a9d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2313271
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 06 Jun 2023 17:49:44 GMT
server: cloudflare
etag: W/"647f71b8-2193f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b738df78df4-MIA

GET
H3 200 core.min.js Show response
www.gesa.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 41ms
40ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 19558319
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Dec 2022 19:15:05 GMT
server: cloudflare
etag: W/"63977db9-53c0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 80327b740ec18df4-MIA

GET
H3 200 menu.min.js Show response
www.gesa.com/wp-includes/js/jquery/ui/ 10 KB
3 KB 48ms
47ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.2

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc50c28f1db50dbce579d4738a0e55001a5f954df3307ca5d502f42202d1d05c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3393268
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 02 Feb 2023 16:36:32 GMT
server: cloudflare
etag: W/"63dbe690-2782"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b740ec48df4-MIA

GET
H3 200 selectmenu.min.js Show response
www.gesa.com/wp-includes/js/jquery/ui/ 9 KB
3 KB 93ms
76ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-includes/js/jquery/ui/selectmenu.min.js?ver=1.13.2

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6816ba59d3757e525880fbf568b3faf808ffc743411d46ebfb33a543247ad628

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3967
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 19 Sep 2022 18:04:09 GMT
server: cloudflare
etag: W/"6328af19-2483"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b742f128df4-MIA

GET
H3 200 foundation.min.js Show response
www.gesa.com/wp-content/themes/gesa/assets/js/ 46 KB
16 KB 65ms
48ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/themes/gesa/assets/js/foundation.min.js?ver=6.5.3

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

58a752f5a1298d0757f7953670951352ab722958e4332e1f1f20a315f836e6e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4359369
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 26 Jan 2023 20:31:12 GMT
server: cloudflare
etag: W/"63d2e310-b835"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b742f188df4-MIA

GET
H3 200 slick.min.js Show response
www.gesa.com/wp-content/themes/gesa/assets/js/plugins/ 52 KB
12 KB 102ms
84ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/themes/gesa/assets/js/plugins/slick.min.js?ver=1.8.1

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e6c39ab37a92035619ffbf66dd293f6d6980fc1bebdaeb9a0b922775abc32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3377565
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 26 Jan 2023 20:31:13 GMT
server: cloudflare
etag: W/"63d2e311-d13f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b742f1b8df4-MIA

GET
H3 200 lazyload.min.js Show response
www.gesa.com/wp-content/themes/gesa/assets/js/plugins/ 8 KB
3 KB 75ms
58ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/themes/gesa/assets/js/plugins/lazyload.min.js?ver=12.4.0

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7866661e9747c63d27963b389bd0bbc19c29dc5255cf7393b727368927e9b06c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3386207
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 26 Jan 2023 20:31:13 GMT
server: cloudflare
etag: W/"63d2e311-1f24"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b742f208df4-MIA

GET
H3 200 jquery.matchHeight-min.js Show response
www.gesa.com/wp-content/themes/gesa/assets/js/plugins/ 3 KB
2 KB 76ms
58ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/themes/gesa/assets/js/plugins/jquery.matchHeight-min.js?ver=0.7.2

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

246faa0aca51a7be47ae13827bffdec1f0e69699d291c727646b56e83ee1fd0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4359369
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 26 Jan 2023 20:31:13 GMT
server: cloudflare
etag: W/"63d2e311-d39"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b742f248df4-MIA

GET
H3 200 jquery.fancybox.v3.js Show response
www.gesa.com/wp-content/themes/gesa/assets/js/plugins/ 67 KB
22 KB 76ms
59ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/themes/gesa/assets/js/plugins/jquery.fancybox.v3.js?ver=3.5.2

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff4961dda4383b1a3727e5aa981024c40cb07005f89e3264a3ab423eb356380f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3396031
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 26 Jan 2023 20:31:13 GMT
server: cloudflare
etag: W/"63d2e311-10aa1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b742f278df4-MIA

GET
H3 200 webpack.runtime.min.js Show response
www.gesa.com/wp-content/plugins/elementor/assets/js/ 5 KB
3 KB 95ms
77ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6eb858ead7f15dcd18541c5433714e0c0966d81b8d009a2d49e5a181e548fbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4786482
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 07 Jun 2023 18:28:45 GMT
server: cloudflare
etag: W/"6480cc5d-135d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b742f298df4-MIA

GET
H3 200 frontend-modules.min.js Show response
www.gesa.com/wp-content/plugins/elementor/assets/js/ 32 KB
11 KB 65ms
48ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d80f13fd7524318f81eb1301170d4d0fbee242c12403c01f3a06c9f681192c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 697709
x-wpe-request-id: 71398f2a4ed40e05dae71262a178dab6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 07 Jun 2023 18:28:44 GMT
server: cloudflare
etag: W/"6480cc5c-80b3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b742f2d8df4-MIA

GET
H3 200 waypoints.min.js Show response
www.gesa.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 122ms
104ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3967
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 06 Jun 2023 17:49:30 GMT
server: cloudflare
etag: W/"647f71aa-2fa6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b742f2f8df4-MIA

GET
H3 200 frontend.min.js Show response
www.gesa.com/wp-content/plugins/elementor/assets/js/ 40 KB
13 KB 122ms
105ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ceb0c2088d29cecbe3ee571dc3cf6fec764bbb7c73f0e22c73007149a2ce68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3393268
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 07 Jun 2023 18:28:44 GMT
server: cloudflare
etag: W/"6480cc5c-9e41"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b743f508df4-MIA

GET
H3 200 global.js Show response
www.gesa.com/wp-content/themes/gesa/assets/js/ 42 KB
11 KB 123ms
106ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/themes/gesa/assets/js/global.js?ver=1.0.18

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f708c31ba347c4b2bd756b4d2fd4d371f250182b241c0306268d3a0ec340b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4359369
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 11 Jul 2023 08:13:53 GMT
server: cloudflare
etag: W/"64ad0f41-a661"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b743f548df4-MIA

GET
H3 200 jquery.smartmenus.min.js Show response
www.gesa.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/ 25 KB
8 KB 123ms
106ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1413637
x-wpe-request-id: 6095efa427c1d898e45354be946818a1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 06 Jun 2023 17:49:37 GMT
server: cloudflare
etag: W/"647f71b1-6272"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b743f578df4-MIA

GET
H3 200 imagesloaded.min.js Show response
www.gesa.com/wp-includes/js/ 5 KB
2 KB 124ms
107ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3377565
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
server: cloudflare
etag: W/"5ee520a7-15fd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b746f9b8df4-MIA

GET
H3 200 webpack-pro.runtime.min.js Show response
www.gesa.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
3 KB 124ms
107ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.1

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc65806adf6c251323693c9b7adb6b97e19879aa2f5428f2f05c0f08fca18404

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3967
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 07 Jun 2023 18:28:38 GMT
server: cloudflare
etag: W/"6480cc56-1472"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b746f9e8df4-MIA

GET
H3 200 wp-polyfill-inert.min.js Show response
www.gesa.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 126ms
109ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 9698
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 18 Jan 2023 11:16:33 GMT
server: cloudflare
etag: W/"63c7d511-1feb"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b746fa18df4-MIA

GET
H3 200 regenerator-runtime.min.js Show response
www.gesa.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 127ms
110ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 507740
x-wpe-request-id: adfc5e987ff2507c0087ca67ba1b0a06
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 07 Feb 2023 15:56:37 GMT
server: cloudflare
etag: W/"63e274b5-19cf"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b747faa8df4-MIA

GET
H3 200 wp-polyfill.min.js Show response
www.gesa.com/wp-includes/js/dist/vendor/ 16 KB
6 KB 127ms
110ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3967
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 27 Jun 2023 14:24:19 GMT
server: cloudflare
etag: W/"649af113-3f12"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b747fac8df4-MIA

GET
H3 200 hooks.min.js Show response
www.gesa.com/wp-includes/js/dist/ 5 KB
2 KB 127ms
110ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 507740
x-wpe-request-id: 17acfc991ad481f7f0c76222611d6b96
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 27 Jun 2023 14:24:19 GMT
server: cloudflare
etag: W/"649af113-1213"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b747fae8df4-MIA

GET
H3 200 i18n.min.js Show response
www.gesa.com/wp-includes/js/dist/ 9 KB
4 KB 133ms
117ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1253114
x-wpe-request-id: f0506bb159e46370c48373ef461d5ff9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 28 Jun 2023 20:08:46 GMT
server: cloudflare
etag: W/"649c934e-24e5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b748fb98df4-MIA

GET
H3 200 frontend.min.js Show response
www.gesa.com/wp-content/plugins/elementor-pro/assets/js/ 21 KB
6 KB 134ms
117ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.1

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a7fdd491f449c314d884b9b9b6d11cfe037179d84e567a62e1e19584881e3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 6188
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 07 Jun 2023 18:28:37 GMT
server: cloudflare
etag: W/"6480cc55-543b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b748fba8df4-MIA

GET
H3 200 elements-handlers.min.js Show response
www.gesa.com/wp-content/plugins/elementor-pro/assets/js/ 24 KB
6 KB 146ms
129ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.1

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

27c3bae726c78894582c23e5b507dda2dacd2c5c8aa9afe17ae179519e4ba3e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 187989
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 07 Jun 2023 18:28:37 GMT
server: cloudflare
etag: W/"6480cc55-60dc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b748fbc8df4-MIA

GET
H3 200 animate-circle.js Show response
www.gesa.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 810 B
868 B 147ms
130ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.7.4

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8667a50fdab17dd946e43e37c6fd1623583b9440bdca887e44cc726e48feedaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 507740
x-wpe-request-id: 0aafc72cd800da10f2faf5162f844cbf
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 06 Jun 2023 17:49:44 GMT
server: cloudflare
etag: W/"647f71b8-32a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b748fc78df4-MIA

GET
H3 200 elementor.js Show response
www.gesa.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 18 KB
5 KB 147ms
130ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.7.4

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a496ca0aa2b9981aef70474b2219472dcf25db655779c48e3ab018e268857558

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3967
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 07 Jun 2023 18:28:33 GMT
server: cloudflare
etag: W/"6480cc51-461c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b748fc98df4-MIA

GET
H3 200 swiper.min.js Show response
www.gesa.com/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
36 KB 148ms
131ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=2.7.4

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4359369
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 06 Jun 2023 17:49:30 GMT
server: cloudflare
etag: W/"647f71aa-21f91"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b749fd68df4-MIA

GET
H3 200 jquery.sticky.min.js Show response
www.gesa.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ 4 KB
2 KB 149ms
133ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.8.1

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3382455
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 06 Jun 2023 17:49:37 GMT
server: cloudflare
etag: W/"647f71b1-e89"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b749fd78df4-MIA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 362 KB
104 KB 209ms
89ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MTFL685

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e93f08ba83c1527dbae68dd1033bdc1f1a8a8e6a0e4979a4a1c41be634106f64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105971
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 21:54:49 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Sep 2023 22:45:28 GMT

GET
H/1.1 200
OK Capture.aspx Show response
secure.node7seat.com/Track/ 0
184 B 86ms
73ms Script
text/plain 52.146.86.174
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.node7seat.com/Track/Capture.aspx?retType=js&trk_uid=&trk_user=219777&trk_sw=1600&trk_sh=1200&trk_ref=&trk_tit=Washington%20Credit%20Union%20%7C%20Loans%20%7C%20Savings%20Accounts%20%7C%20Gesa&trk_loc=https%3A%2F%2Fwww.gesa.com%2F&trk_agn=Netscape&trk_agv=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.179%20Safari%2F537.36.lfcd24.lflng&trk_dom=www.gesa.com&trk_cookie=NA&trk_culid=01H9RX4S3N9W02VMJ1RCSWMNDK
Requested by: Host: secure.node7seat.com
URL: https://secure.node7seat.com/js/219777.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.146.86.174 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 22:45:28 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0
Request-Context: appId=cid-v1:bc2713c3-85d3-454a-adab-7b0fd01bd9ed

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8aa916be8ee9babafc0055de42bd64e344202fe3223d463d0cc35e1637f1ea1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 641611b58754d802f2a7672c62a4d15ee0950f47c28f1bb9b2c1f38d9f7bca50

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f085b0387d391f11026a10c6ea821ebbe9e2b7f7e065a4368ef5ff6589a79737

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09bb15f21c30116957d4917230f723fd982a18e323b9728dee8825ee409b5715

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa40111e30b48fba40d8a719f9102bcf3bab3faedce696673fd4e13998e16e0a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 049998472f24fe69a2a5d946806e7d7772f733953c2e8947dfee3c925becf9ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4af9a2e261fb48aca31900045f77d2a6d7dbd55df0c5967c40743f94dd8de0c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6fa6a7c8f92bfe1fe10d8700f08cfcca04d16558cc130fdf78643b66986a998

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff0a79ec21356d69477f2e854838c684d1a18f82c8c384dc8530efd60392f18b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 white-logo.svg
www.gesa.com/wp-content/themes/gesa/assets/images/ 12 KB
6 KB 281ms
280ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/themes/gesa/assets/images/white-logo.svg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/wp-content/themes/gesa/assets/css/custom.css?ver=1.0.22

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4543785910eab419295691033691a60ec304e11afe3927e18e2442445bea2f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3967
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 26 Jan 2023 20:31:12 GMT
server: cloudflare
etag: W/"63d2e310-3130"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b74f8a18df4-MIA

GET
H3 200 Patterns.png
www.gesa.com/wp-content/uploads/2022/07/ 15 KB
15 KB 272ms
272ms Image
image/png 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/07/Patterns.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

402c047e48c28bd9d49d6a18a3dc1a38d37fbb0cfb7a5fc9112cb284d84dd93b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3396031
cf-polished: origSize=15975, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 15269
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:07 GMT
server: cloudflare
etag: "63977dbb-3e67"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74f8ac8df4-MIA

GET
H3 200 Commercial-Banking-icon.svg
www.gesa.com/wp-content/themes/gesa/assets/images/ 1 KB
718 B 273ms
273ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/themes/gesa/assets/images/Commercial-Banking-icon.svg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/wp-content/themes/gesa/assets/css/custom.css?ver=1.0.22

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d849984aadfbd799da2ee8e12277ac18a70d5e5a2166f73418ba4b46d382432

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3355078
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 26 Jan 2023 20:31:12 GMT
server: cloudflare
etag: W/"63d2e310-436"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b74f8b08df4-MIA

GET
H3 200 Loans-icon.svg
www.gesa.com/wp-content/themes/gesa/assets/images/ 794 B
851 B 273ms
273ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/themes/gesa/assets/images/Loans-icon.svg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/wp-content/themes/gesa/assets/css/custom.css?ver=1.0.22

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec335d354b53a8fd44ef06fddfb6663dea667f2da5631d8526df515db8d9d3e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3967
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 26 Jan 2023 20:31:12 GMT
server: cloudflare
etag: W/"63d2e310-31a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b74f8b28df4-MIA

GET
H3 200 Credit-Cards-icon.svg
www.gesa.com/wp-content/themes/gesa/assets/images/ 2 KB
1 KB 273ms
273ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/themes/gesa/assets/images/Credit-Cards-icon.svg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/wp-content/themes/gesa/assets/css/custom.css?ver=1.0.22

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bc396bf8a3b9e6cd2c8275599ba07f84ae64a6833d38ae8739e44ca553daf0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1394088
x-wpe-request-id: d881b3f917e2adddc3ca42e7cf5879d5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 26 Jan 2023 20:31:12 GMT
server: cloudflare
etag: W/"63d2e310-9da"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b74f8b38df4-MIA

GET
H3 200 Investments-icon.svg
www.gesa.com/wp-content/themes/gesa/assets/images/ 2 KB
811 B 273ms
273ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/themes/gesa/assets/images/Investments-icon.svg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/wp-content/themes/gesa/assets/css/custom.css?ver=1.0.22

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e72cd55c905f3b710316c822d2dcfc305b17460b58d73639294b9b5867ec7d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3967
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 26 Jan 2023 20:31:12 GMT
server: cloudflare
etag: W/"63d2e310-659"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b74f8b48df4-MIA

GET
H3 200 girl-photo.jpg
www.gesa.com/wp-content/uploads/2022/06/ 40 KB
40 KB 274ms
273ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/girl-photo.jpg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

99ae31397cc4d7d17099739f75a952c286250fb6cef2b1481a04480d36c64271

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3355078
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 40618
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:10 GMT
server: cloudflare
etag: "63977dbe-9eaa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74f8b78df4-MIA

GET
H3 200 CircularXXWeb-Bold.woff2
www.gesa.com/wp-content/uploads/2022/06/ 73 KB
74 KB 299ms
299ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/CircularXXWeb-Bold.woff2

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2d92ee9c3d13c54f11e88045a5f5ed45550cee1ce7c1b653a9da645d65400fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gesa.com/
Origin: https://www.gesa.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3381998
alt-svc: h3=":443"; ma=86400
content-length: 75010
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-12502"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b745f668df4-MIA

GET
H3 200 fa-solid-900.woff
www.gesa.com/wp-content/themes/gesa/assets/fonts/ 96 KB
96 KB 274ms
274ms Font
font/woff 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/themes/gesa/assets/fonts/fa-solid-900.woff

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/wp-content/themes/gesa/assets/css/custom.css?ver=1.0.22

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

00bca6a9271b5e1cbb3965a74f48c1ce0b72bcbf08790aa2cab95f8dc5362153

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gesa.com/
Origin: https://www.gesa.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3381998
alt-svc: h3=":443"; ma=86400
content-length: 98016
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 26 Jan 2023 20:31:12 GMT
server: cloudflare
etag: "63d2e310-17ee0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b745f698df4-MIA

GET
H3 200 CircularXXWeb-Medium.woff2
www.gesa.com/wp-content/uploads/2022/06/ 70 KB
70 KB 302ms
302ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/CircularXXWeb-Medium.woff2

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5ea45f8ad8b8df8cdebe87f18cfce232468b3e6a028880773a8d09e13789ac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gesa.com/
Origin: https://www.gesa.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 301869
alt-svc: h3=":443"; ma=86400
content-length: 71779
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-11863"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b745f848df4-MIA

GET
H3 200 Sentinel-Medium_Web.woff2
www.gesa.com/wp-content/uploads/2022/05/ 58 KB
58 KB 276ms
276ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/uploads/2022/05/Sentinel-Medium_Web.woff2

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2d5b4ad97c4e3931210f9cb298663e8cdd2ba788b89d78292166b6341dcca51

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gesa.com/
Origin: https://www.gesa.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4097368
alt-svc: h3=":443"; ma=86400
content-length: 59136
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:09 GMT
server: cloudflare
etag: "63977dbd-e700"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b745f858df4-MIA

GET
H3 200 CircularXXWeb-Book.woff2
www.gesa.com/wp-content/uploads/2022/06/ 67 KB
68 KB 304ms
304ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/CircularXXWeb-Book.woff2

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

884ec4af3e42aa326e687947185fce05ecdbd42e4a4481de91495ab423a5259c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gesa.com/
Origin: https://www.gesa.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3381998
alt-svc: h3=":443"; ma=86400
content-length: 69026
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-10da2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b745f888df4-MIA

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f30381d45f347ae210ebd73a518a8747d5d5a0cb1e0d855b7bca3e2459853dca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b354a0e73e811d7d49e6a34cff8a1ca999296498a411ace5efad1c5fc7f58bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88bd92a6561a1c265ddd5add029ede12c5acbe96ff6c2d7f0b24c983758466b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 968 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0020646d32da84bf3e786d16ad939d610e989ba3bc2304fb68072f3537c60ee0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 270 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34b57f0562e1b835d9472015a0eb0d81b245448db3585cf7f7933755814d1268

Request headers

Referer: https://www.gesa.com/
Origin: https://www.gesa.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 382 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cca1717f080b29c4fdf49aaa58be8b1dea0182de5f7c2e1ac0b0dd296922fb83

Request headers

Referer: https://www.gesa.com/
Origin: https://www.gesa.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 158 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b12dcafa099963cebe0c7c8356a45e78886befccfa6a4c1645bbc0d3766ac9e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 hunger-action-pattern-2.svg
www.gesa.com/wp-content/uploads/2023/08/ 20 KB
4 KB 265ms
264ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2023/08/hunger-action-pattern-2.svg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b3464b4637eafb04b7b4ed743f6462e7ba2c0c63c18fb9e7a89d121255545df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 543134
x-wpe-request-id: 2833d51bce463ae6f594a91312435dfd
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 30 Aug 2023 20:45:37 GMT
server: cloudflare
etag: W/"64efaa71-505f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b74f8b98df4-MIA

GET
H3 200 numbers-bg-1-1.jpg
www.gesa.com/wp-content/uploads/2022/06/ 69 KB
69 KB 264ms
264ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/numbers-bg-1-1.jpg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a6bcd4b92a238ece494d91ba838734ac5768625dcdbda4e8f994b3a54af2471

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272892
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 70219
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:11 GMT
server: cloudflare
etag: "63977dbf-1124b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74f8bc8df4-MIA

GET
H3 200 fa-brands-400.woff
www.gesa.com/wp-content/themes/gesa/assets/fonts/ 85 KB
86 KB 260ms
259ms Font
font/woff 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/themes/gesa/assets/fonts/fa-brands-400.woff

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/wp-content/themes/gesa/assets/css/custom.css?ver=1.0.22

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ad88e6a32db51a41cff1741970ca95b3e433fbfb8be269c72f881a42f2b88c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gesa.com/
Origin: https://www.gesa.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 301869
alt-svc: h3=":443"; ma=86400
content-length: 87520
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 26 Jan 2023 20:31:12 GMT
server: cloudflare
etag: "63d2e310-155e0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b74a8068df4-MIA

GET
H3 200 populate-rates-on-page-api.php Show response
www.gesa.com/wp-content/plugins/rates-widget-plugin/ 120 KB
6 KB 126ms
126ms XHR
text/html 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/rates-widget-plugin/populate-rates-on-page-api.php

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

dbb704a8945a470dc81e7f862275a814d1c09558fac40f91af5a3fdecf2fb182

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.gesa.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
x-cache-group: normal
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cacheable: SHORT
cf-cache-status: DYNAMIC
content-encoding: br
x-powered-by: WP Engine
x-cache: HIT: 76
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: max-age=600, must-revalidate
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b763a438df4-MIA

GET
H2 200 gesa_prod Show response
gesacu.us-1.evergage.com/api2/event/ 137 B
792 B 324ms
73ms XHR
application/json 75.101.139.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gesacu.us-1.evergage.com/api2/event/gesa_prod?event=eyJhY3Rpb24iOiJWaWV3IEhvbWVwYWdlIiwiaXRlbUFjdGlvbiI6bnVsbCwic291cmNlIjp7InBhZ2VUeXBlIjoiSG9tZXBhZ2UiLCJjb250ZW50Wm9uZXMiOlsiZ2xvYmFsX2luZm9iYXJfdG9wX29mX3BhZ2UiLCJnbG9iYWxfaW5mb2Jhcl9ib3R0b21fb2ZfcGFnZSIsImdsb2JhbF9wb3B1cCIsImluZm9iYXIiLCJob21lX2hlcm8iXSwidXJsIjoiaHR0cHM6Ly93d3cuZ2VzYS5jb20vIiwidXJsUmVmZXJyZXIiOiIiLCJjaGFubmVsIjoiV2ViIiwiYmVhY29uVmVyc2lvbiI6MTYsImNvbmZpZ1ZlcnNpb24iOiIxNzIifSwiZmxhZ3MiOnsicGFnZVZpZXciOnRydWV9LCJ1c2VyIjp7ImF0dHJpYnV0ZXMiOnt9LCJhbm9uSWQiOiI3NjJhYmMyZDBmODQzNzYwIn0sInBlcmZvcm1hbmNlIjp7fSwiZGVidWciOnsiZXhwbGFuYXRpb25zIjp0cnVlfSwiY2F0YWxvZyI6e30sImNvbnNlbnRzIjpbXSwiYWNjb3VudCI6e30sIl90b29sc0V2ZW50TGlua0lkIjoiODM2ODEyMDAwNDQ5NDMwOCJ9

Requested by

Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/gesacu/gesa_prod/scripts/evergage.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.101.139.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-75-101-139-62.compute-1.amazonaws.com

Software

Resource Hash

67311e03f7050739af9e1ca1af6a3748c24b281a8c0fab55487eac50e621202b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.gesa.com
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 193 KB
52 KB 284ms
53ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 07 Sep 2023 22:45:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 52127
x-xss-protection: 0
pragma: public
x-fb-debug: zaBWntau3Y2alW7/DsZLk9LOmxyS0P6JpklSRumejjBdRdigO3851E3EKtvnrU3f6tKjrD0IsZy7bSANBJ302g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 dialog.min.js Show response
www.gesa.com/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
4 KB 44ms
43ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 19562516
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Dec 2022 19:15:17 GMT
server: cloudflare
etag: W/"63977dc5-29ba"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 80327b76db088df4-MIA

GET
H3 200 ajax-loader.gif
www.gesa.com/wp-content/themes/gesa/assets/images/ 5 KB
5 KB 39ms
39ms Image
image/gif 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/themes/gesa/assets/images/ajax-loader.gif

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/wp-content/themes/gesa/assets/css/custom.css?ver=1.0.22

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5f8dcddbce06b4db5870951026ef227ad3e09c20b74c61ddedc0f832eeedab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272892
cf-polished: origSize=9477, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 4906
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 26 Jan 2023 20:31:12 GMT
server: cloudflare
etag: "63d2e310-2505"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b76fb2a8df4-MIA

GET
H3 200 high-yield-savings-min.jpg
www.gesa.com/wp-content/uploads/2022/12/ 175 KB
175 KB 58ms
56ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/12/high-yield-savings-min.jpg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e2153f09a9755105eb03cfa9aafc634350bf12c398f155229a75ba3c98d494f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 250512
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 179023
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Tue, 20 Dec 2022 01:05:08 GMT
server: cloudflare
etag: "63a10a44-2bb4f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77bc3b8df4-MIA

GET
H3 200 member-calendar-23.jpg
www.gesa.com/wp-content/uploads/2023/06/ 304 KB
304 KB 56ms
46ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2023/06/member-calendar-23.jpg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c69204d2580a695c4b1572f4127f93c8cbb2fbf75c19fac0d4ac58f2f545f12e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6186
cf-polished: origSize=350340
alt-svc: h3=":443"; ma=86400
content-length: 310887
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 24 Aug 2023 15:13:21 GMT
server: cloudflare
etag: "64e77391-55884"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc4b8df4-MIA

GET
H3 200 refer-a-friend-sweepstakes-min.jpg
www.gesa.com/wp-content/uploads/2023/08/ 42 KB
42 KB 53ms
44ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2023/08/refer-a-friend-sweepstakes-min.jpg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c6dff56285c242a4845a3ff3e182ef9abeb37b941095d88dc418f84b2e0aec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1398360
cf-polished: status=not_needed
x-wpe-request-id: 7064f3c6a7224c490722865d6ff44200
alt-svc: h3=":443"; ma=86400
content-length: 42891
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 10 Aug 2023 16:45:01 GMT
server: cloudflare
etag: "64d5140d-a78b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc4c8df4-MIA

GET
H3 200 bump-cd-promo.png
www.gesa.com/wp-content/uploads/2023/07/ 7 KB
8 KB 73ms
63ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2023/07/bump-cd-promo.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6d55c5c0c5bcddaa5166e1d40a964d14eba04df59a4f57d2a26382f235986b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2527499
cf-polished: origFmt=png, origSize=21179
content-disposition: inline; filename="bump-cd-promo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 7570
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 31 Jul 2023 21:26:30 GMT
server: cloudflare
etag: "64c82706-52bb"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc4e8df4-MIA

GET
H3 200 forevergreen-card.png
www.gesa.com/wp-content/uploads/2023/04/ 64 KB
65 KB 78ms
69ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2023/04/forevergreen-card.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f779a4170605053c3e4592a74b0b5a6d6db4b453c7ce848c50a33ab671d76349

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1389506
cf-polished: origFmt=png, origSize=125284
x-wpe-request-id: a95960859a7444ab5bd2b14a713bca83
content-disposition: inline; filename="forevergreen-card.webp"
alt-svc: h3=":443"; ma=86400
content-length: 65754
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Fri, 28 Apr 2023 14:00:23 GMT
server: cloudflare
etag: "644bd177-1e964"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc4f8df4-MIA

GET
H3 200 SmartPlusSavings-min.jpg
www.gesa.com/wp-content/uploads/2022/06/ 175 KB
176 KB 73ms
64ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/SmartPlusSavings-min.jpg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0fb395a717c723d1b8f3e3b03be323ba0dfa434db3c5828e760058037e0dd95

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6186
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 179424
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Sun, 01 Jan 2023 02:45:06 GMT
server: cloudflare
etag: "63b0f3b2-2bce0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc518df4-MIA

GET
H3 200 AFF-Chiawana-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 58 KB
58 KB 81ms
72ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Chiawana-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f28f5c6a226dcd2c3b80fca12f7ef0b43a0385bd27cb69c698c8443f050d66d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273339
cf-polished: origFmt=png, origSize=65059
content-disposition: inline; filename="AFF-Chiawana-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 59116
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-fe23"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc528df4-MIA

GET
H3 200 AFF-TCA-1.png
www.gesa.com/wp-content/uploads/2022/06/ 22 KB
23 KB 82ms
73ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-TCA-1.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aba30c4a7bbf09cdd029e920b0c2e78f1ab14cb99c78443c1a684c0270b15212

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273339
cf-polished: origFmt=png, origSize=26018
content-disposition: inline; filename="AFF-TCA-1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 22590
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-65a2"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc538df4-MIA

GET
H3 200 AFF-Liberty-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 52 KB
52 KB 82ms
73ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Liberty-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef101c7141faba6cb722927ca4ec51fde7482befad59c13b9ecee64eba139060

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1394088
cf-polished: origFmt=png, origSize=58152
x-wpe-request-id: 0092af31f5e7cf7852fc9b2b114b3076
content-disposition: inline; filename="AFF-Liberty-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 52762
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-e328"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc568df4-MIA

GET
H3 200 dc-affinity-hs-moseslake.png
www.gesa.com/wp-content/uploads/2022/06/ 56 KB
57 KB 110ms
102ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/dc-affinity-hs-moseslake.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb82eb390a781039b7a17650eaf12f0d043c5df1a46e260977c0e5bb9c030b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272892
cf-polished: origFmt=png, origSize=109428
content-disposition: inline; filename="dc-affinity-hs-moseslake.webp"
alt-svc: h3=":443"; ma=86400
content-length: 57848
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:10 GMT
server: cloudflare
etag: "63977dbe-1ab74"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc578df4-MIA

GET
H3 200 dc-affinity-hs-westvalley.png
www.gesa.com/wp-content/uploads/2023/01/ 32 KB
32 KB 83ms
74ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2023/01/dc-affinity-hs-westvalley.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dba8bca52aa39a7625f4d95945248c572f6d15999b2f539effcafd17a3c61528

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1394088
cf-polished: origFmt=png, origSize=72168
x-wpe-request-id: da6fc1680d19b63dbc1acfa059c20190
content-disposition: inline; filename="dc-affinity-hs-westvalley.webp"
alt-svc: h3=":443"; ma=86400
content-length: 32608
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Wed, 11 Jan 2023 20:38:41 GMT
server: cloudflare
etag: "63bf1e51-119e8"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc588df4-MIA

GET
H3 200 AFF-Naches-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 50 KB
51 KB 84ms
75ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Naches-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

92af5c3016059719e31e89d97c6c9a63cbeaa5e938ce63e2c16dc7e8bc6d54fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1394088
cf-polished: origFmt=png, origSize=55683
x-wpe-request-id: af663efb4fe9655e5cd0204e9b5858e7
content-disposition: inline; filename="AFF-Naches-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 51314
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-d983"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc598df4-MIA

GET
H3 200 AFF-CBC-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 27 KB
27 KB 85ms
76ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-CBC-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

63046617ab9c0650fb173a815023797cbd872c48898e0f57b6ec8fca7bd1d390

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6186
cf-polished: origFmt=png, origSize=31577
content-disposition: inline; filename="AFF-CBC-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 27596
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-7b59"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc5a8df4-MIA

GET
H3 200 AFF-Highline-Debit-1.png
www.gesa.com/wp-content/uploads/2022/06/ 34 KB
35 KB 85ms
76ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Highline-Debit-1.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d31b51d4ac3d588bbcc4a10aed1abafcf50fb626b656fa5309fedaed567645cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 107450
cf-polished: origFmt=png, origSize=40882
content-disposition: inline; filename="AFF-Highline-Debit-1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 35172
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-9fb2"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc5b8df4-MIA

GET
H3 200 AFF-Highline-Debit-2.png
www.gesa.com/wp-content/uploads/2022/06/ 36 KB
36 KB 86ms
77ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Highline-Debit-2.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3169045b619f079c09edc6c6dc04268c645697430b7f0ccdfe815b8735c199d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2527500
cf-polished: origFmt=png, origSize=41188
content-disposition: inline; filename="AFF-Highline-Debit-2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 36530
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-a0e4"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc5c8df4-MIA

GET
H3 200 AFF-WSU-Debit-3.webp
www.gesa.com/wp-content/uploads/2022/06/ 46 KB
46 KB 87ms
78ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-WSU-Debit-3.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

251f896d186d1d27c03670e3ea1894bff902ba52479c5ae148fa28cd218e9625

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3967
alt-svc: h3=":443"; ma=86400
content-length: 47076
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-b7e4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc5d8df4-MIA

GET
H3 200 AFF-College-Place-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 50 KB
51 KB 90ms
81ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-College-Place-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b900014a85bda70cde617cdaae7a8a91727943c760cfc92b40760c29cef14312

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 502969
cf-polished: origFmt=png, origSize=56881
x-wpe-request-id: b34540228e341fbf1aef5f4093a308e3
content-disposition: inline; filename="AFF-College-Place-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 51584
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-de31"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc5e8df4-MIA

GET
H3 200 AFF-Columbia-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 53 KB
54 KB 90ms
82ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Columbia-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

79c2f8e000136ab8664c9c2f22cbc8aafbee419a1eac3fec7ec32822c925cf7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6188
cf-polished: origFmt=png, origSize=60576
content-disposition: inline; filename="AFF-Columbia-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 54748
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-eca0"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc5f8df4-MIA

GET
H3 200 AFF-Davis-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 19 KB
20 KB 92ms
83ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Davis-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9796bc60fc921b490963396feaf198b84c0791bfdf574b230f75e451fb6368ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3967
cf-polished: origFmt=png, origSize=22616
content-disposition: inline; filename="AFF-Davis-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 19544
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-5858"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc618df4-MIA

GET
H3 200 dc-college-heritage.png
www.gesa.com/wp-content/uploads/2023/04/ 12 KB
13 KB 92ms
83ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2023/04/dc-college-heritage.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a71c1b9c1b84a8603ced9fcc3a73fc59521065a35fe045a03c3fcd6f6c01977

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 356580
cf-polished: origFmt=png, origSize=27560
content-disposition: inline; filename="dc-college-heritage.webp"
alt-svc: h3=":443"; ma=86400
content-length: 12654
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Fri, 14 Apr 2023 18:09:26 GMT
server: cloudflare
etag: "643996d6-6ba8"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc628df4-MIA

GET
H3 200 AFF-Delta-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 42 KB
43 KB 94ms
85ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Delta-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3026106731138872e882acce33910e82c9280990fa45317c9e900e1535e5039b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273341
cf-polished: origFmt=png, origSize=47670
content-disposition: inline; filename="AFF-Delta-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 43112
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-ba36"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc638df4-MIA

GET
H3 200 AFF-TCDD.png
www.gesa.com/wp-content/uploads/2022/06/ 22 KB
23 KB 95ms
86ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-TCDD.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2ba197eefdf3e395c59767820118e11190c70b206b99ac654f0155008cc62af

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272896
cf-polished: origFmt=png, origSize=26484
content-disposition: inline; filename="AFF-TCDD.webp"
alt-svc: h3=":443"; ma=86400
content-length: 22924
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-6774"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc648df4-MIA

GET
H3 200 AFF-Eastmont-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 54 KB
54 KB 122ms
113ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Eastmont-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

334d5e7f9a35f81aeabf466f3ee3c0c9522077a4f14c336998c7cb9827e7b21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 645100
cf-polished: origFmt=png, origSize=60044
x-wpe-request-id: 6d74577d0ebfa91973e580fc25049425
content-disposition: inline; filename="AFF-Eastmont-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 55142
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-ea8c"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc668df4-MIA

GET
H3 200 AFF-Edmonds-Heights-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 45 KB
45 KB 123ms
114ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Edmonds-Heights-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5716bdd72281749566ea5f0b5961c0c3b9c9d7ac0ba04cf45e064f0cd8bada0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6187
cf-polished: origFmt=png, origSize=51532
content-disposition: inline; filename="AFF-Edmonds-Heights-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 45584
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-c94c"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc678df4-MIA

GET
H3 200 AFF-Edmonds-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 27 KB
28 KB 125ms
116ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Edmonds-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d2f6022504259884302bb439c2b3782b0fa686af2a040f3766119cc5a83d464

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19153
cf-polished: origFmt=png, origSize=31194
content-disposition: inline; filename="AFF-Edmonds-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 27696
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-79da"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc688df4-MIA

GET
H3 200 AFF-Eisenhower-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 23 KB
24 KB 126ms
117ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Eisenhower-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

119c68cafab2592ca4b6c4c435cc38885313eefbaf9b6373f9ad20c37d172d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1394088
cf-polished: origFmt=png, origSize=26444
x-wpe-request-id: d74ed184f9280722a258f2536179c5df
content-disposition: inline; filename="AFF-Eisenhower-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 23558
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-674c"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc6a8df4-MIA

GET
H3 200 AFF-LH-Fire.png
www.gesa.com/wp-content/uploads/2022/06/ 109 KB
109 KB 95ms
86ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-LH-Fire.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fffd742919bedf3c6281c0f6b22c79d1d9c618255adedcda280cc1fdaf6b45c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272895
cf-polished: origFmt=png, origSize=127363
content-disposition: inline; filename="AFF-LH-Fire.webp"
alt-svc: h3=":443"; ma=86400
content-length: 111310
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-1f183"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc6b8df4-MIA

GET
H3 200 dc-affinity-hs-hanford.png
www.gesa.com/wp-content/uploads/2022/06/ 26 KB
26 KB 97ms
88ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/dc-affinity-hs-hanford.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ef003c90c31f90a2abb3b6003fa3c8c463d1eb66eb3c2379b2bd2d7cac626e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 356580
cf-polished: origFmt=png, origSize=59872
content-disposition: inline; filename="dc-affinity-hs-hanford.webp"
alt-svc: h3=":443"; ma=86400
content-length: 26372
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:09 GMT
server: cloudflare
etag: "63977dbd-e9e0"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc6c8df4-MIA

GET
H3 200 dc-affinity-hs-kamiakin.png
www.gesa.com/wp-content/uploads/2022/06/ 30 KB
30 KB 98ms
89ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/dc-affinity-hs-kamiakin.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0afe04cfbce95f98b08ab24d6d787e27054a02c3c02c6bb7da44c86c8515e132

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273341
cf-polished: origFmt=png, origSize=64021
content-disposition: inline; filename="dc-affinity-hs-kamiakin.webp"
alt-svc: h3=":443"; ma=86400
content-length: 30314
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:09 GMT
server: cloudflare
etag: "63977dbd-fa15"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc6d8df4-MIA

GET
H3 200 AFF-Kennewick-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 44 KB
45 KB 99ms
90ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Kennewick-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfbd42ebc962e0689ff68829d89849ec773ce8dd88ba545355753384cca4ca58

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 502968
cf-polished: origFmt=png, origSize=49732
x-wpe-request-id: 60e3f36020c28cb1b6b56590015b9c3c
content-disposition: inline; filename="AFF-Kennewick-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 45106
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-c244"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc708df4-MIA

GET
H3 200 dc-affinity-hs-kibe.png
www.gesa.com/wp-content/uploads/2022/06/ 84 KB
85 KB 109ms
100ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/dc-affinity-hs-kibe.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ae8d74f433ccc26f492867cb1964639892e27298c26e169bfc0777ccd1626b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273341
cf-polished: origFmt=png, origSize=133591
content-disposition: inline; filename="dc-affinity-hs-kibe.webp"
alt-svc: h3=":443"; ma=86400
content-length: 86124
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:10 GMT
server: cloudflare
etag: "63977dbe-209d7"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc718df4-MIA

GET
H3 200 dc-affinity-hs-prosser-1920x1210.png
www.gesa.com/wp-content/uploads/2023/07/ 224 KB
225 KB 111ms
102ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2023/07/dc-affinity-hs-prosser-1920x1210.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe9c1f23cc3e0d87a3ed0094d41727945ab61b28651e45441f0f98f9ac309153

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 200335
cf-polished: origFmt=png, origSize=457633
content-disposition: inline; filename="dc-affinity-hs-prosser-1920x1210.webp"
alt-svc: h3=":443"; ma=86400
content-length: 229794
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Tue, 18 Jul 2023 23:15:30 GMT
server: cloudflare
etag: "64b71d12-6fba1"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc728df4-MIA

GET
H3 200 AFF-Lynnwood-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 52 KB
52 KB 117ms
108ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Lynnwood-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e87f2df7792f0f76c391e34fb95c32c45c1eebc228f7eadfe6e7191997d4d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3967
cf-polished: origFmt=png, origSize=59030
content-disposition: inline; filename="AFF-Lynnwood-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 53118
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-e696"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc738df4-MIA

GET
H3 200 AFF-Meadowdale-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 46 KB
47 KB 118ms
109ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Meadowdale-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e779c3a7445c68e4334fbf89302ecb07ef48ba033e02ac0485ad8ca410be6d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 502968
cf-polished: origFmt=png, origSize=52525
x-wpe-request-id: f55994cd995af935dae745a15a350f81
content-disposition: inline; filename="AFF-Meadowdale-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 47248
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-cd2d"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc768df4-MIA

GET
H3 200 dc-affinity-hs-vanguard-academy.png
www.gesa.com/wp-content/uploads/2023/07/ 24 KB
24 KB 126ms
117ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2023/07/dc-affinity-hs-vanguard-academy.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

55bf0bda5de576f5026effeddf372974746d1ed1309ad882b39e24fbc9eb6c0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273340
cf-polished: origFmt=png, origSize=56203
content-disposition: inline; filename="dc-affinity-hs-vanguard-academy.webp"
alt-svc: h3=":443"; ma=86400
content-length: 24600
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Fri, 18 Aug 2023 23:47:08 GMT
server: cloudflare
etag: "64e002fc-db8b"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc7a8df4-MIA

GET
H3 200 AFF-Mountlake-Terrace-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 47 KB
48 KB 128ms
119ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Mountlake-Terrace-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97ab3d97b58d92065b53294cd5fc2afd4215498de07727f585321cf01a0d6bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1394088
cf-polished: origFmt=png, origSize=54344
x-wpe-request-id: 65d172a47941edbe42f46d43b355b9a3
content-disposition: inline; filename="AFF-Mountlake-Terrace-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 48622
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-d448"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc7c8df4-MIA

GET
H3 200 AFF-New-Horizons-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 56 KB
56 KB 129ms
120ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-New-Horizons-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dbfeb7d4f8335eba017f0cbb0b779b34122d5e1f2b478e08afd0dd439bdf597

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3967
cf-polished: origFmt=png, origSize=62417
content-disposition: inline; filename="AFF-New-Horizons-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 57248
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-f3d1"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc7d8df4-MIA

GET
H3 200 AFF-Pasco-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 57 KB
57 KB 129ms
120ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Pasco-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

22cb7afd879af42251168f826b48ee24fc02073275e079dbf9760af9d7e074e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 471098
cf-polished: origFmt=png, origSize=64476
content-disposition: inline; filename="AFF-Pasco-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 58356
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-fbdc"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc7f8df4-MIA

GET
H3 200 AFF-Richland-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 48 KB
49 KB 132ms
124ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Richland-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c668b9785b8c2c0bb2479b6bd16f736385324a5a39870a92cf3d9e801080f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2527500
cf-polished: origFmt=png, origSize=55744
content-disposition: inline; filename="AFF-Richland-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 49456
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-d9c0"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc808df4-MIA

GET
H3 200 AFF-LH-Law.png
www.gesa.com/wp-content/uploads/2022/06/ 78 KB
78 KB 133ms
125ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-LH-Law.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c0364839511190adcbff9a36a5e132148ceb13b68cbf9e15754731d674343d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6187
cf-polished: origFmt=png, origSize=91673
content-disposition: inline; filename="AFF-LH-Law.webp"
alt-svc: h3=":443"; ma=86400
content-length: 79582
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-16619"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc818df4-MIA

GET
H3 200 AFF-Riverview-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 52 KB
52 KB 135ms
126ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Riverview-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5961d71393baae1c306262924f46d57353e352e001f9e20f694f16c074502438

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3377564
cf-polished: origFmt=png, origSize=58634
content-disposition: inline; filename="AFF-Riverview-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 52874
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-e50a"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc828df4-MIA

GET
H3 200 AFF-Scriber-Lake-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 49 KB
50 KB 137ms
128ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Scriber-Lake-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e657f7cbb9079a832a9376c1c8d207f573e432cf5be12a3d25edbac232ec9115

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3967
cf-polished: origFmt=png, origSize=55222
content-disposition: inline; filename="AFF-Scriber-Lake-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 50292
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-d7b6"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc838df4-MIA

GET
H3 200 AFF-Southridge-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 48 KB
48 KB 138ms
129ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Southridge-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

06610fe2a43b1065a10fef2028f0e284be932e564723402722764bc7e9b4bee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3967
cf-polished: origFmt=png, origSize=54525
content-disposition: inline; filename="AFF-Southridge-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 49072
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-d4fd"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc848df4-MIA

GET
H3 200 AFF-St-Patrick-Debit.png
www.gesa.com/wp-content/uploads/2022/06/ 25 KB
25 KB 139ms
130ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-St-Patrick-Debit.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

971c32a32a129e8bc0d7eed9d55e997308e4fb48d3af5c89f38f9af6ff1907f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 502968
cf-polished: origFmt=png, origSize=28495
x-wpe-request-id: 4a3f71c1224a431f2f29caab871f1ef0
content-disposition: inline; filename="AFF-St-Patrick-Debit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 25432
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-6f4f"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc868df4-MIA

GET
H3 200 AFF-LH-Teacher.webp
www.gesa.com/wp-content/uploads/2022/06/ 180 KB
181 KB 140ms
131ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-LH-Teacher.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

226898bfae2c40913fd46106a6634772385e08dddfd767474385770ebae28e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3355077
alt-svc: h3=":443"; ma=86400
content-length: 184432
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-2d070"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc888df4-MIA

GET
H3 200 AFF-LH-Veteran.webp
www.gesa.com/wp-content/uploads/2022/06/ 196 KB
196 KB 142ms
133ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-LH-Veteran.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcce3372b7f8e6f3f73291a90fe22268c87fb0ba4c149f89e1463e8b7675ce42

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273340
alt-svc: h3=":443"; ma=86400
content-length: 200436
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-30ef4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc898df4-MIA

GET
H3 200 AFF-Walla-Walla-Debit.webp
www.gesa.com/wp-content/uploads/2022/06/ 41 KB
41 KB 145ms
136ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Walla-Walla-Debit.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e92a53ce94858393660decb26aa46fd5884ac7d407bd03081b624602e04dd0c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273340
alt-svc: h3=":443"; ma=86400
content-length: 42088
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-a468"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc8a8df4-MIA

GET
H3 200 AFF-Wenatchee-Debit-1.webp
www.gesa.com/wp-content/uploads/2022/06/ 111 KB
112 KB 145ms
136ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Wenatchee-Debit-1.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fac441fc28156645fa152344532bfd8005e06c134980dd4112fbd0eaf4d7662f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1394088
x-wpe-request-id: 9393104fa667d793af4b9760fecd234b
alt-svc: h3=":443"; ma=86400
content-length: 114018
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-1bd62"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc8b8df4-MIA

GET
H3 200 AFF-Westside-Debit.webp
www.gesa.com/wp-content/uploads/2022/06/ 111 KB
111 KB 147ms
139ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-Westside-Debit.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

241d5d37ce41bf5054b2a911827b9480f99e669dc2aa7982dca688028b35cb51

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1394088
x-wpe-request-id: 2a2e044403a965ce96a5163f58ac7e26
alt-svc: h3=":443"; ma=86400
content-length: 113498
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-1bb5a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc8c8df4-MIA

GET
H3 200 dc-affinity-hs-edmonds-woodway.png
www.gesa.com/wp-content/uploads/2022/12/ 31 KB
31 KB 152ms
143ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/12/dc-affinity-hs-edmonds-woodway.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

137ce284058103233f12c23f00cb0ce873387bf0d46ce523b5fb1dfb22d8cb05

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273339
cf-polished: origFmt=png, origSize=69435
content-disposition: inline; filename="dc-affinity-hs-edmonds-woodway.webp"
alt-svc: h3=":443"; ma=86400
content-length: 31420
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 22 Dec 2022 23:35:32 GMT
server: cloudflare
etag: "63a4e9c4-10f3b"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc8d8df4-MIA

GET
H3 200 forevergreen-min-1920x1210.png
www.gesa.com/wp-content/uploads/2023/04/ 110 KB
111 KB 153ms
144ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2023/04/forevergreen-min-1920x1210.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb5bb791c0aa0ded45801e3762ee1507cee4076d3ac4f3b155e3d25d68c15422

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 200335
cf-polished: origFmt=png, origSize=235113
content-disposition: inline; filename="forevergreen-min-1920x1210.webp"
alt-svc: h3=":443"; ma=86400
content-length: 112662
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Tue, 25 Apr 2023 16:52:13 GMT
server: cloudflare
etag: "6448053d-39669"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc8e8df4-MIA

GET
H3 200 dc-affinity-hs-talley.png
www.gesa.com/wp-content/uploads/2022/10/ 72 KB
72 KB 157ms
148ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/10/dc-affinity-hs-talley.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cc56655684dd02ce927521ac8435d2b35c0482a7153a2fadac60b4a91cd8f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3967
cf-polished: origFmt=png, origSize=111681
content-disposition: inline; filename="dc-affinity-hs-talley.webp"
alt-svc: h3=":443"; ma=86400
content-length: 73642
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:07 GMT
server: cloudflare
etag: "63977dbb-1b441"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc908df4-MIA

GET
H3 200 dc-affinity-hs-renton.png
www.gesa.com/wp-content/uploads/2022/10/ 26 KB
26 KB 162ms
153ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/10/dc-affinity-hs-renton.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c42b88e1c62f40544d064489d9ec2ff8a1b3053bd12cb579a41ba6bfdcc2fb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273339
cf-polished: origFmt=png, origSize=56304
content-disposition: inline; filename="dc-affinity-hs-renton.webp"
alt-svc: h3=":443"; ma=86400
content-length: 26252
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:06 GMT
server: cloudflare
etag: "63977dba-dbf0"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc928df4-MIA

GET
H3 200 dc-affinity-hs-lindbergh.png
www.gesa.com/wp-content/uploads/2022/10/ 34 KB
35 KB 162ms
153ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/10/dc-affinity-hs-lindbergh.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f6593da5f5c0c28ddb6413992e1f3dcbbce263b0790eae02daf1ae8df812bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6187
cf-polished: origFmt=png, origSize=70604
content-disposition: inline; filename="dc-affinity-hs-lindbergh.webp"
alt-svc: h3=":443"; ma=86400
content-length: 35128
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:06 GMT
server: cloudflare
etag: "63977dba-113cc"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc948df4-MIA

GET
H3 200 dc-affinity-hs-hazen.png
www.gesa.com/wp-content/uploads/2022/10/ 41 KB
42 KB 163ms
154ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/10/dc-affinity-hs-hazen.png

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

10bd18f098e5cef6e2a15898fe091a6b7821fb97f3f524349552bb3a4f3576d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3967
cf-polished: origFmt=png, origSize=85198
content-disposition: inline; filename="dc-affinity-hs-hazen.webp"
alt-svc: h3=":443"; ma=86400
content-length: 42412
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:06 GMT
server: cloudflare
etag: "63977dba-14cce"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc958df4-MIA

GET
H3 200 AFF-WSU-Debit-Retro.webp
www.gesa.com/wp-content/uploads/2022/06/ 29 KB
29 KB 164ms
155ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-WSU-Debit-Retro.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

03875f5ffa03acb3b4e09691ae36cdb0f1a4d3af8da45b8f4d998ed175236f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3967
alt-svc: h3=":443"; ma=86400
content-length: 29602
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-73a2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc968df4-MIA

GET
H3 200 AFF-LH-Healthcare.webp
www.gesa.com/wp-content/uploads/2022/06/ 112 KB
112 KB 165ms
156ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-LH-Healthcare.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

326b21d33a052c868180ff94d32409cdc689aa9ba9b68ca6787a2853100a1ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1394088
x-wpe-request-id: afd61534941f0240173a23da197c0e8b
alt-svc: h3=":443"; ma=86400
content-length: 114426
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-1befa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc998df4-MIA

GET
H3 200 AFF-WSU-Debit-2.webp
www.gesa.com/wp-content/uploads/2022/06/ 63 KB
64 KB 172ms
162ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-WSU-Debit-2.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dffbec59d2319c3236a3edfe56f55f12ada2d9023eed6f204fc7f83b32c0cb40

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3355076
alt-svc: h3=":443"; ma=86400
content-length: 64664
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-fc98"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc9b8df4-MIA

GET
H3 200 AFF-WSU-Debit-1.webp
www.gesa.com/wp-content/uploads/2022/06/ 93 KB
93 KB 173ms
164ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-WSU-Debit-1.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c26c8fee132cba88ff48de65daefb51c9972fab6d3d13136d54634033d0e9bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1394088
x-wpe-request-id: a9fba26d3f36b11b87b544e3cda20474
alt-svc: h3=":443"; ma=86400
content-length: 94978
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-17302"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc9d8df4-MIA

GET
H3 200 AFF-WSU-Credit.webp
www.gesa.com/wp-content/uploads/2022/06/ 29 KB
29 KB 175ms
166ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-WSU-Credit.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c9ef83e9ca2f04a0a6ef605ecdc810c7ea0b36e7b9767bdcf6bdc38c6a8e831

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3355076
alt-svc: h3=":443"; ma=86400
content-length: 29664
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-73e0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cc9e8df4-MIA

GET
H3 200 AFF-WSU-Credit-1.webp
www.gesa.com/wp-content/uploads/2022/06/ 20 KB
20 KB 176ms
167ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/06/AFF-WSU-Credit-1.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d428752937c011563195cd8738502cfbefb1f52d1ace608bf297eabda0e64e5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1394088
x-wpe-request-id: f7532f7787fd85a0275ed5b4ef05ddb3
alt-svc: h3=":443"; ma=86400
content-length: 20314
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:08 GMT
server: cloudflare
etag: "63977dbc-4f5a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b77cca08df4-MIA

GET
H3 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
www.gesa.com/wp-content/plugins/elementor/assets/js/ 1 KB
1 KB 141ms
140ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a518bd1723da2b6011895ad68059361ebb4cb80de3eec9145eacee89ddd9745

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2313265
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 07 Jun 2023 18:28:45 GMT
server: cloudflare
etag: W/"6480cc5d-54f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b780ce18df4-MIA

GET
H3 200 nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js Show response
www.gesa.com/wp-content/plugins/elementor-pro/assets/js/ 3 KB
2 KB 140ms
140ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.1

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f47116b10e3e156f70ab31279c1fa298e34f89ff75af6eea89c2dc092362fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4786480
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 07 Jun 2023 18:28:37 GMT
server: cloudflare
etag: W/"6480cc55-ce9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b780ce58df4-MIA

GET
H3 200 load-more.54ade3cc013f1f3322a6.bundle.min.js Show response
www.gesa.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 118ms
117ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor-pro/assets/js/load-more.54ade3cc013f1f3322a6.bundle.min.js

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.1

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bd83e73599f7353210a85df22ef8b07cecc1427bfdda6cd3b0138106dcee7d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3966
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 07 Jun 2023 18:28:37 GMT
server: cloudflare
etag: W/"6480cc55-1292"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b782d268df4-MIA

GET
H3 200 posts.397aa4bedda9268558a6.bundle.min.js Show response
www.gesa.com/wp-content/plugins/elementor-pro/assets/js/ 3 KB
2 KB 116ms
112ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor-pro/assets/js/posts.397aa4bedda9268558a6.bundle.min.js

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.1

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d93bc89f182c0e2b417835d5a60dc42fe31a0deac50aceb185fe5cb0243495b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 356580
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 07 Jun 2023 18:28:38 GMT
server: cloudflare
etag: W/"6480cc56-d20"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b782d368df4-MIA

GET
H3 200 image-carousel.e02695895b33b77d89de.bundle.min.js Show response
www.gesa.com/wp-content/plugins/elementor/assets/js/ 3 KB
2 KB 114ms
111ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor/assets/js/image-carousel.e02695895b33b77d89de.bundle.min.js

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

327f9b2dcba094127adb8f8668fa6dce7bf30e14a9f9166cc7fa1f5f03aecbbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 301870
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 07 Jun 2023 18:28:44 GMT
server: cloudflare
etag: W/"6480cc5c-ad9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b783d3a8df4-MIA

GET
H3 200 blue-logo.svg
www.gesa.com/wp-content/uploads/2022/05/ 14 KB
7 KB 63ms
61ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/05/blue-logo.svg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b358915252ba0e190c01550a54e89bb37c29925c45f71d0244bfed51c188a49c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4395590
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:09 GMT
server: cloudflare
etag: W/"63977dbd-38a2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b788dde8df4-MIA

GET
H3 200 gesa-customer-banking.jpg
www.gesa.com/wp-content/uploads/2022/10/ 184 KB
185 KB 72ms
70ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/10/gesa-customer-banking.jpg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

62eae656d047defc6a444456fb8878aa962ccab6a6841a503fd275cbaeb0b59c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3967
cf-polished: origSize=210771
alt-svc: h3=":443"; ma=86400
content-length: 188772
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Dec 2022 19:15:07 GMT
server: cloudflare
etag: "63977dbb-33753"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b788de18df4-MIA

GET
H3 200 business-owner-min.jpg
www.gesa.com/wp-content/uploads/2022/10/ 71 KB
72 KB 61ms
59ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/10/business-owner-min.jpg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9a4cb0cca43a12294c833b2d4953bc0ac830fef9d1c503bd8943846a7431bbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 301870
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 72833
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Apr 2023 14:49:41 GMT
server: cloudflare
etag: "64415105-11c81"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b788de48df4-MIA

GET
H3 200 Cards-1.webp
www.gesa.com/wp-content/uploads/2022/05/ 73 KB
74 KB 63ms
61ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/05/Cards-1.webp

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

53d8923f74c6b3e4a21745f6edf891b2699aca8920c433dbbc4ff8a7c6e4df9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 716953
x-wpe-request-id: 4de0d9ddd3cddd87b749f2332132bbee
alt-svc: h3=":443"; ma=86400
content-length: 75110
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 12 Dec 2022 19:15:09 GMT
server: cloudflare
etag: "63977dbd-12566"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b788de68df4-MIA

POST
H3 200 admin-ajax.php Show response
www.gesa.com/wp-admin/ 0
508 B 367ms
367ms XHR
text/html 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-admin/admin-ajax.php

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Cache-Control: no-cache
Referer: https://www.gesa.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-powered-by: WP Engine
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.gesa.com
cache-control: no-cache, must-revalidate, max-age=0, no-store
access-control-allow-credentials: true
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
x-robots-tag: noindex
cf-ray: 80327b78fe938df4-MIA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/794148304/ 2 KB
1 KB 225ms
95ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/794148304/?random=1694126729111&cv=11&fst=1694126729111&bg=ffffff&guid=ON&async=1&gtm=45He3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gesa.com%2F&hn=www.googleadservices.com&frm=0&tiba=Washington%20Credit%20Union%20%7C%20Loans%20%7C%20Savings%20Accounts%20%7C%20Gesa&auid=1063040682.1694126729&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTFL685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f469710a1d4430efecead2c7febcd6e8d3b8d070c60c0d9f638bdaefe137358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1303
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 184ms
56ms Script
text/javascript 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTFL685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Sep 2023 21:17:01 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5308
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Sep 2023 23:17:01 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/783161191/ 2 KB
2 KB 194ms
68ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/783161191/?random=1694126729119&cv=11&fst=1694126729119&bg=ffffff&guid=ON&async=1&gtm=45He3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gesa.com%2F&hn=www.googleadservices.com&frm=0&tiba=Washington%20Credit%20Union%20%7C%20Loans%20%7C%20Savings%20Accounts%20%7C%20Gesa&auid=1063040682.1694126729&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTFL685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa4e513c27f4151020197f0db5b34832616ea4bdf49fb11573678c0616d9c94f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 171ms
51ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTFL685

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 07 Sep 2023 22:45:28 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F5FB03AF26094A47BD79B13DB3A31318 Ref B: MIAEDGE1911 Ref C: 2023-09-07T22:45:29Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H2 200 hotjar-2399688.js Show response
static.hotjar.com/c/ 11 KB
5 KB 178ms
55ms Script
application/javascript 18.160.41.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2399688.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTFL685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.41.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-41-49.iad55.r.cloudfront.net

Software

Resource Hash

ece12969077149fd83c9186fa83d01eb49db5978a7d978b9de18db35a1171909

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Sep 2023 22:45:29 GMT
via: 1.1 a770e75e0ebdb44f23f7a7ef20bbbffa.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
age: 40
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/f7e499ee4287c731005e60f5b69e120a
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: soCuHdepMqGFUK_-5HFNlW4aCWuRwbbStBd0dYK0KrdWkDZHZPLJnQ==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 193ms
57ms Script
application/x-javascript 2600:1402:b800:3::172f:cc34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTFL685

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1402:b800:3::172f:cc34 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=36576
accept-ranges: bytes
content-length: 3822

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 145ms
26ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTFL685
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 track.js Show response
app.marketplan.io/ 7 KB
2 KB 233ms
74ms Script
application/javascript 74.208.214.109
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.marketplan.io/track.js?x=1694126729130
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTFL685
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.208.214.109 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: ns1.marketplan.io
Software: nginx / PleskLin
Resource Hash: a7a48fa6cb504cd6b3a100bc030c08d4d9fdebe02e34dac731ef26ac61e92714

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
content-encoding: br
last-modified: Mon, 14 Nov 2022 17:17:38 GMT
server: nginx
etag: W/"63727832-1d56"
x-powered-by: PleskLin
content-type: application/javascript
access-control-allow-origin: *

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
31 KB 258ms
122ms Script
application/javascript 185.167.164.47
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.gesa.com
URL: https://www.gesa.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.47 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000002c3f35d322d138ac-00646c8ee1-32950a49-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT, HIT, HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 156ms
50ms Script
application/javascript 18.160.0.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: www.gesa.com
URL: https://www.gesa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.0.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-0-29.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:44:44 GMT
content-encoding: gzip
via: 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 19:59:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD12-P3
age: 46
etag: W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 5vVUUKLVBcg-Je5f7frNZcQdAHjH_q_EKinJAEvphsB_w9LGmGW1LQ==

GET
H2 200 d9707.js Show response
app.truconversion.com/ti-js/19201/ 267 B
1 KB 3597ms
3379ms Script
application/javascript 44.239.145.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truconversion.com/ti-js/19201/d9707.js

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.145.12 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-145-12.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3ea0ae12147c76e3b4e6ad26bfb580121295c8aa91480dee7b7e579dd00eb23d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' .truconversion.com http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: blob:; style-src 'self' 'unsafe-inline' http: https:; img-src http: https: data: blob:; connect-src wss://.truconversion.com wss://.intercom.io wss://.appcues.net wss://.wistia.com wss://.crisp.chat http: https: data: blob:; font-src http: https: data: blob:; object-src http: https:; media-src http: https: data: blob:; form-action 'self' http://.truconversion.com https://.truconversion.com;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
content-security-policy: default-src 'self'; frame-src 'self' *.truconversion.com http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: blob:; style-src 'self' 'unsafe-inline' http: https:; img-src http: https: data: blob:; connect-src wss://*.truconversion.com wss://*.intercom.io wss://*.appcues.net wss://*.wistia.com wss://*.crisp.chat http: https: data: blob:; font-src http: https: data: blob:; object-src http: https:; media-src http: https: data: blob:; form-action 'self' http://*.truconversion.com https://*.truconversion.com;
content-length: 267
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 07 Sep 2023 22:40:25 GMT
server: nginx
etag: "64fa5159-10b"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
cache-control: max-age=180, public, stale-while-revalidate=10, stale-if-error=10
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Thu, 07 Sep 2023 22:48:29 GMT

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 18 KB
7 KB 167ms
53ms Script
text/javascript 54.85.243.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.gesa.com
URL: https://www.gesa.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.243.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-243-92.compute-1.amazonaws.com
Software: /
Resource Hash: 8f2a9312b046892c9e47d99889c535dc59d95f94b3b40653c5d8204fa20dfa8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Sep 2023 22:45:29 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 visitor.js Show response
app.leadsrx.com/ 18 KB
19 KB 3675ms
3456ms Script
application/javascript 44.228.100.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadsrx.com/visitor.js
Requested by: Host: www.gesa.com
URL: https://www.gesa.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 44.228.100.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-228-100-41.us-west-2.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: 6b5116bd2cb4809c6634b99a9b1ea0a0aeda596a94817682a0e4811e35eccc58

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
last-modified: Thu, 07 Sep 2023 19:57:06 GMT
server: nginx/1.20.1
etag: "64fa2b12-492f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 18735

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 289 KB
95 KB 69ms
68ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H1S93VJW48&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTFL685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b75e911d7fd9214baff612c87755ecc4e7ed97f823dcf2a9a9f242f905fd6c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96843
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Sep 2023 22:45:29 GMT

POST
H2 204 pr
gesacu.us-1.evergage.com/ 0
536 B 55ms
53ms Ping
text/plain 75.101.139.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gesacu.us-1.evergage.com/pr?.top=4364&action=View%20Homepage&.tt=325&.ttdns=35&.dt=5179&.btdns=3&.bv=16&_ak=gesacu&_ds=gesa_prod&.scv=172&channel=Web&_r=573114&.anonId=762abc2d0f843760&_anon=true

Requested by

Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/gesacu/gesa_prod/scripts/evergage.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.101.139.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-75-101-139-62.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.gesa.com
date: Thu, 07 Sep 2023 22:45:29 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 649860135726018 Show response
connect.facebook.net/signals/config/ 151 KB
39 KB 99ms
98ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/649860135726018?v=2.9.125&r=stable&domain=www.gesa.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8995f47239c95ab3743c9585df9c4e7b8187eb6378c280805c021af2b850ea9f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 07 Sep 2023 22:45:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 4wR3EuCJxV7SL1FCXB5I+V8k/Aoz0dOo+kvB71OpBwaG2pixbhwjQBZpb4IQ/hWzFs5jMUWir26b3Idg0RJ6Tw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 swiper.min.js Show response
www.gesa.com/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
36 KB 50ms
50ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gesa.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 356580
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Tue, 06 Jun 2023 17:49:30 GMT
server: cloudflare
etag: W/"647f71aa-21f91"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
cf-ray: 80327b7a78ec8df4-MIA

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 127ms
60ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1694126729345&id=a2_djb52evpvbtg&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=0d128bf4-d2ff-41a4-93b1-25a11e50929a&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: www.gesa.com
URL: https://www.gesa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 modules.c7962ba31267c30299df.js Show response
script.hotjar.com/ 223 KB
55 KB 153ms
53ms Script
application/javascript 18.160.18.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.c7962ba31267c30299df.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2399688.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.18.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-18-45.iad12.r.cloudfront.net

Software

Resource Hash

f5d7e440936d0aa4088a8bacc16206224b58b6fa1882dc54c3f953450fc75563

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 08:53:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 a7a07e0b0db92670f70b5d65da05ed76.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4
age: 49942
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55578
last-modified: Thu, 07 Sep 2023 08:52:45 GMT
etag: "628a0bf92690f9881613d19390363f0b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: a_RxOYh5RUIwiwHwJdf6rayQ1mshkRoEKOlgo4rDT4aTyHkzI_d8jQ==

GET
H2 200 / Show response
settings.luckyorange.net/ 2 KB
1 KB 3512ms
3449ms Fetch
application/json 104.26.10.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.gesa.com%2F&s=287435

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27093f4f08f75d88c67eced79c17e6fc150cc67a37c14e82f424235c996b766f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.gesa.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eU2qjR9W%2FDxQH%2BYH6CBipw6I2L9RHKd%2Bev9imI43Q%2BIQ7MQ1tPAKqI7axQC7HJKBCIj5kH8MMdtJdqlZqXeXWxbyOJpSSetR6SM1HfaLoYJNA8V9yCKCk1pMFQdVkOiMjmd9SJKn1g4I1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-credentials: true
cf-ray: 80327b7afea625b5-MIA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

POST
H2 204 collect
analytics.google.com/g/ 0
252 B 108ms
39ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-H1S93VJW48&gtm=45je3960&_p=1419430577&_gaz=1&cid=623163664.1694126729&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694126729&sct=1&seg=0&dl=https%3A%2F%2Fwww.gesa.com%2F&dt=Washington%20Credit%20Union%20%7C%20Loans%20%7C%20Savings%20Accounts%20%7C%20Gesa&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H1S93VJW48&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gesa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 168ms
60ms Ping
text/plain 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H1S93VJW48&cid=623163664.1694126729&gtm=45je3960&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H1S93VJW48&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gesa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/783161191/ 42 B
455 B 3447ms
3340ms Image
image/gif 2607:f8b0:4004:c1d::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/783161191/?random=1694126729119&cv=11&fst=1694124000000&bg=ffffff&guid=ON&async=1&gtm=45He3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gesa.com%2F&frm=0&tiba=Washington%20Credit%20Union%20%7C%20Loans%20%7C%20Savings%20Accounts%20%7C%20Gesa&fmt=3&is_vtc=1&random=3949903143&rmt_tld=0&ipr=y

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
206 B 63ms
61ms XHR
text/plain 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1419430577&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gesa.com%2F&ul=en-us&de=UTF-8&dt=Washington%20Credit%20Union%20%7C%20Loans%20%7C%20Savings%20Accounts%20%7C%20Gesa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAEK~&jid=1277963382&gjid=714209932&cid=623163664.1694126729&tid=UA-32823301-1&_gid=1331610609.1694126729&_slc=1&gtm=45He3960n81MTFL685&cd1=623163664.1694126729_1694126729434&z=1686702717

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gesa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 135ms
59ms XHR
text/plain 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-32823301-1&cid=623163664.1694126729&jid=1277963382&gjid=714209932&_gid=1331610609.1694126729&_u=YCDAiEABBAAAAGAEK~&z=330297578

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 07 Sep 2023 22:45:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gesa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 collect
google-analytics.bi.owox.com/ 14 B
14 B 3430ms
3354ms Image
text/plain 35.186.228.179
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://google-analytics.bi.owox.com/collect?v=1&_v=j101&a=1419430577&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gesa.com%2F&ul=en-us&de=UTF-8&dt=Washington%20Credit%20Union%20%7C%20Loans%20%7C%20Savings%20Accounts%20%7C%20Gesa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAEK~&jid=1277963382&gjid=714209932&cid=623163664.1694126729&tid=UA-32823301-1&_gid=1331610609.1694126729&_slc=1&gtm=45He3960n81MTFL685&cd1=623163664.1694126729_1694126729434&z=1686702717
Requested by: Host: www.gesa.com
URL: https://www.gesa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.228.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 179.228.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14
content-type: text/plain

GET
H2 204 25145063.js Show response
bat.bing.com/p/action/ 0
116 B 54ms
53ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25145063.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 07 Sep 2023 22:45:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7C3F5C35EA974E159FB8EE375609B1A5 Ref B: MIAEDGE1911 Ref C: 2023-09-07T22:45:29Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
359 B 115ms
114ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25145063&tm=gtm002&Ver=2&mid=8b16a87b-d65a-4234-a6fe-d64379533d78&sid=3ea4b9a04dd011ee81afdf2d51c5d2d7&vid=3ea4f7b04dd011eebbb77b36de582c66&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Washington%20Credit%20Union%20%7C%20Loans%20%7C%20Savings%20Accounts%20%7C%20Gesa&p=https%3A%2F%2Fwww.gesa.com%2F&r=&lt=5179&evt=pageLoad&sv=1&rn=51653

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 07 Sep 2023 22:45:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5C4A99FEFE9049A08C2028FEE26D8DEE Ref B: MIAEDGE1911 Ref C: 2023-09-07T22:45:29Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 3394ms
3394ms Script
application/x-javascript 2600:1402:b800:3::172f:cc34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1402:b800:3::172f:cc34 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=46837
accept-ranges: bytes
content-length: 4862

GET
H2 200 /
www.google.com/pagead/1p-user-list/794148304/ 42 B
108 B 3394ms
3340ms Image
image/gif 2607:f8b0:4004:c1d::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/794148304/?random=1694126729111&cv=11&fst=1694124000000&bg=ffffff&guid=ON&async=1&gtm=45He3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gesa.com%2F&frm=0&tiba=Washington%20Credit%20Union%20%7C%20Loans%20%7C%20Savings%20Accounts%20%7C%20Gesa&fmt=3&is_vtc=1&random=1530630933&rmt_tld=0&ipr=y

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track.php Show response
app.marketplan.io/ 7 B
158 B 4538ms
977ms XHR
text/html 74.208.214.109
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.marketplan.io/track.php?pid=2&mpageid=undefined&user=marama&ref=&jsurl=https%3A%2F%2Fwww.gesa.com%2F
Requested by: Host: app.marketplan.io
URL: https://app.marketplan.io/track.js?x=1694126729130
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.208.214.109 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: ns1.marketplan.io
Software: nginx / PHP/7.4.23, PleskLin
Resource Hash: 348a538cfb216ee6c6f9a9b5306cf64df862e7c7dd587baa3d36583d19a440df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Sep 2023 22:45:33 GMT
content-encoding: br
server: nginx
x-powered-by: PHP/7.4.23, PleskLin
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK bc04200588d29fe97c0c8a783f268d7d6ecf1d2de1d1d417f28d36799e47de Show response
api.alpharank.io/api/pixel/script/ 495 B
848 B 3664ms
113ms Script
text/javascript 52.88.183.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.alpharank.io/api/pixel/script/bc04200588d29fe97c0c8a783f268d7d6ecf1d2de1d1d417f28d36799e47de
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTFL685
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.183.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-183-153.us-west-2.compute.amazonaws.com
Software: nginx/1.12.2 / Express
Resource Hash: 013c037f68d07cd5a0a595f89995290aec3addca27079bc47ecd128440b06b3a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 22:45:33 GMT
Server: nginx/1.12.2
X-Powered-By: Express
ETag: W/"1ef-dugMHzxjl0TnCCwJG+f12QIKVsA"
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: undefined
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 495

GET
H3 200 Queensgate-Branch-070723_4.jpg
www.gesa.com/wp-content/uploads/2022/07/ 151 KB
151 KB 46ms
45ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/07/Queensgate-Branch-070723_4.jpg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

45ed254cccf40c2bd7537604bfe5bb11773fc73611c40a1061b2acc04af162f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 187979
cf-polished: origSize=159741
alt-svc: h3=":443"; ma=86400
content-length: 154135
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 13 Jul 2023 21:54:52 GMT
server: cloudflare
etag: "64b072ac-26ffd"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b7b8a8d8df4-MIA

GET
H3 200 Paradise-Way-Branch-100723_8-1.jpg
www.gesa.com/wp-content/uploads/2022/07/ 189 KB
189 KB 59ms
58ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/07/Paradise-Way-Branch-100723_8-1.jpg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

580f189b1fa0b5d382ac4cf3c93965259e59bec2ad687d36e0f4678782de96a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 194948
cf-polished: origSize=202274
alt-svc: h3=":443"; ma=86400
content-length: 193183
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 13 Jul 2023 21:53:39 GMT
server: cloudflare
etag: "64b07263-31622"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b7b8a8f8df4-MIA

GET
H3 200 Pasco-Sylvester-Branch-300623_11.jpg
www.gesa.com/wp-content/uploads/2022/07/ 206 KB
206 KB 49ms
48ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/07/Pasco-Sylvester-Branch-300623_11.jpg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e5f88d5f3f0a3e98dbadd075c243738506d5c0b668447b08a23911c4723cd3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6187
cf-polished: origSize=218913
alt-svc: h3=":443"; ma=86400
content-length: 210648
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Fri, 07 Jul 2023 17:45:38 GMT
server: cloudflare
etag: "64a84f42-35721"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b7b8a918df4-MIA

GET
H3 200 309829729581526 Show response
connect.facebook.net/signals/config/ 143 KB
38 KB 3349ms
3348ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/309829729581526?v=2.9.125&r=stable&domain=www.gesa.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

519c7423bbe657f3b2b5e2750c5f56f7f883d9f8b3e9e0b62112a477e2e2f383

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 07 Sep 2023 22:45:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 3dAtQ1R8a4qcDXRojevglh/M7BR0VibxAejBoXhEWjVjjgAI5GBoQ2l/eEyQDb5+CzQKWeF/GZ49dKJNJJDW3g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 3437ms
53ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=649860135726018&ev=PageView&dl=https%3A%2F%2Fwww.gesa.com%2F&rl=&if=false&ts=1694126729524&cd[page_title]=Home&cd[post_type]=page&cd[post_id]=47&cd[plugin]=PixelYourSite&cd[user_role]=guest&cd[event_url]=www.gesa.com%2F&sw=1600&sh=1200&v=2.9.125&r=stable&a=dvpixelyoursite&ec=0&o=30&fbp=fb.1.1694126728748.1560947470&cs_est=true&it=1694126729302&coo=false&eid=FBVy1HZEJPm5As1jte2hIhFDJroSL2wEDYkW&rqm=GET

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 07 Sep 2023 22:45:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2179965&ADFdivider=%7C&ord=796062282147&ADFtpmode=2&loc=https%3A%2F%2Fwww.gesa.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2179965&ADFdivider=%7C&ord=796062282147&ADFtpmode=2&loc=https%3A%2F%2Fwww.gesa.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

831 B
1 KB

69ms
69ms

Script
text/javascript

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2179965&ADFdivider=%7C&ord=796062282147&ADFtpmode=2&loc=https%3A%2F%2Fwww.gesa.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

abbae81672e1194c03d550d37b6e2d89947a0a1c7fde7b5e39d2ce59164e9e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 675
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2179965&ADFdivider=%7C&ord=796062282147&ADFtpmode=2&loc=https%3A%2F%2Fwww.gesa.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 3332ms
3331ms Stylesheet
text/css 54.85.243.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.243.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-243-92.compute-1.amazonaws.com
Software: /
Resource Hash: 2e91b83c412d975aec910160ca16c213129d6d2829d7e026581e709daf84b8ff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Sep 2023 22:45:29 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 3450ms
51ms Fetch
image/jpeg 54.85.243.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.243.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-243-92.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Sep 2023 22:45:32 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 preact-incoming-feedback.56b184ce1d1b95576d05.js Show response
script.hotjar.com/ 198 KB
43 KB 3267ms
3266ms Script
application/javascript 18.160.18.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/preact-incoming-feedback.56b184ce1d1b95576d05.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.c7962ba31267c30299df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.18.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-18-45.iad12.r.cloudfront.net

Software

Resource Hash

02c711ba2568c0fe00e8a341addd5f14cc6b38581516721dd7528958ab930641

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 08:53:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 a7a07e0b0db92670f70b5d65da05ed76.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4
age: 49945
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43480
last-modified: Thu, 07 Sep 2023 08:52:45 GMT
etag: "cae68aadada1eab4f0881a31cdb7a0fa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: IBD5sgA3Jt1AueVG7Lv78-VMF05U6KypddYh28BtJqRJmZOEU7rWwQ==

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 3296ms
3296ms Script
application/x-javascript 2600:1402:b800:3::172f:cc34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1402:b800:3::172f:cc34 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=46834
accept-ranges: bytes
content-length: 4862

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 3294ms
3294ms Script
application/x-javascript 2600:1402:b800:3::172f:cc34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTFL685

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1402:b800:3::172f:cc34 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=36573
accept-ranges: bytes
content-length: 3822

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 235 B
427 B 2877ms
2877ms XHR
text/plain 54.85.243.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=CHqG--Quapl1h0Ans2jxHw&is_js=true&landing_url=https%3A%2F%2Fwww.gesa.com%2F&t=Washington%20Credit%20Union%20%7C%20Loans%20%7C%20Savings%20Accounts%20%7C%20Gesa&tip=ab4ydF8PD2esbd1jV_xqR78XgDiUyyEMFkGt4koQC3M&host=https://www.gesa.com&sa-user-id-v3=s%253AAQAKIEjX9IyUCz-LH3myccHSNBQP2Zn5PJKKuv4oZdxfBB7DEHwYBCCJpemnBjABOgT_Q_f4QgRCL1xY.6PR%252BHUHiJFW1dCVHnzMnn%252BS4IbwwGT0qXj8qwKiXTvU&sa-user-id-v2=s%253AaGQZVP-FWKlwqApFxMElgCaEdkU.kfZXQioWbxnBR7oQXs7ziZA1DFAW0NAhBQmZUA6Wkts&sa-user-id=s%253A0-68641954-ff85-58a9-70a8-0a45c4c12580.S3DfmYyocKRvvR6qQowMjMlAmvHxlAC%252BWLaW9uqT39Y
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.243.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-243-92.compute-1.amazonaws.com
Software: /
Resource Hash: 04a89601c8f437b9ab3f74714d3374609a58b1079315f8dc5d440cc80d1ed589

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin: https://www.gesa.com
date: Thu, 07 Sep 2023 22:45:32 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 235
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H3 200 Queensgate-Branch-070723_4.jpg
www.gesa.com/wp-content/uploads/2022/07/ 151 KB
151 KB 52ms
52ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/07/Queensgate-Branch-070723_4.jpg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

45ed254cccf40c2bd7537604bfe5bb11773fc73611c40a1061b2acc04af162f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 187982
cf-polished: origSize=159741
alt-svc: h3=":443"; ma=86400
content-length: 154135
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 13 Jul 2023 21:54:52 GMT
server: cloudflare
etag: "64b072ac-26ffd"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b90ba318df4-MIA

GET
H3 200 Pasco-Sylvester-Branch-300623_11.jpg
www.gesa.com/wp-content/uploads/2022/07/ 206 KB
206 KB 44ms
43ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/07/Pasco-Sylvester-Branch-300623_11.jpg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e5f88d5f3f0a3e98dbadd075c243738506d5c0b668447b08a23911c4723cd3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6190
cf-polished: origSize=218913
alt-svc: h3=":443"; ma=86400
content-length: 210648
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Fri, 07 Jul 2023 17:45:38 GMT
server: cloudflare
etag: "64a84f42-35721"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b90ca378df4-MIA

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
374 B 185ms
60ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 4FkmwZN0DCXF0VqgTa9xWzQKphtYKscj5G1B1uRggVt9vd0HjD1jsA==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
375 B 181ms
57ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: i0-4Tgj8sAjOKwniJ8OZl517CPAyWttoSCqwh0P4n9VPNXxbC_QuWA==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
373 B 181ms
58ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: C1EAd9GjeTiN9vOX44yhatQMUsIGPx4Grjhgderrxi1soZd5gF-LuA==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
375 B 180ms
58ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: ZLmQbhYlP2NGIq4LgcPxjRk6WBMysLfbvbt4OERrHAKOO_DphGHlcg==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
374 B 179ms
59ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: SXMEC28s7POjHWgM-ajKpiLJqA-M8OT_meassh5ToQk_C8UlKJnOpA==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
374 B 178ms
59ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: RS9WHdvhM1RGcImaR8cXpk0n3LKTx_nGkLoAiGDe3UNiSK8whrZIfg==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
365 B 233ms
114ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: T23r3Zfc4CFZ3v1PfAqtLOjLDAgudvCmUNm1s3FatwXFvWsJ4wqlPg==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
365 B 224ms
106ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: v1WBmOWsuS9Sq7iWOyS3ygl_0FTSHHh1o_kI6l65PTIFEnEKddM0CQ==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
374 B 177ms
60ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: VmKBqUDAeqv1wEoajSZ31pmxTeyaqi7gNaC7cmEwyq3fs3NSvzUPDw==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
365 B 231ms
115ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: pCtX2vPayzTj2V8uj-T65mihjGZdx6vB56bJ_5ZV4LnNg0f1M7FfZA==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
365 B 222ms
107ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: y5QpLJ_TI3L5zRlcWDIypHetWt3IWZWb-wftEq5sbbLbeIaqVU9qeQ==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
364 B 231ms
118ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: _XpKe8m2lbnbDQAACukCaQp1z9cNl4o60SPYRLtSxNd9yG5ws3uD8A==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
365 B 226ms
113ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: LziFkVjivQ4CS6tNY8-jst5Lb0zBosOPMh4VEHlH1q9YGc1-qTXT4g==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
363 B 226ms
114ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: bxZ3bg2k42BgEHk5C5tKg5rts8OA223jsnY4Fua3fK1llt8pEipxCA==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
364 B 228ms
117ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 4101UCV5XbIgGHZa6si-fotlXnaQI67XUoJN41j0q-KlB8Zil9MtsQ==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
365 B 219ms
108ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 5YtykQ-1V_loPwc9b-68k0q7hObmdNWfSoWBxMvfagXaIKhQEIsjvg==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
365 B 224ms
115ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: -3lr0UILYFkDOCqKkFWNko5r4O_oBx0VRHvQhfqIls2Wd4yrsZ_rKg==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
374 B 167ms
59ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: pJcOW8dyYdGGoAdbRXwzjlRWjQS-fWQ0adrnZCgIofdz9glgNsTIsQ==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
365 B 222ms
116ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: Abs9rV11s2ji8dRCCXN54cLmF5uw0vyhAaCg_ebmUpyvHUZXxHTX2g==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
365 B 221ms
116ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: i3U7DzohUomJPmmS5Bi80hKkSzV-1yYN1-GCCAarZQbc8TETnDtBvg==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
365 B 211ms
107ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: RCuXzn292O-UkUhAWafZvRB_1ElhmBtyyfF_vY-_ShB3Jj4_Zgz2eA==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
365 B 214ms
112ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: HeiiWFQ8aFUpu3QLAdO2DlLLfOg-Ld40N20SyYyU9O37FQ4vRiFIxA==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
366 B 212ms
111ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: SjjoFJQDNfQXQrYusql96LiT0_WbfSrsZZ79fmwUbpqbR_wJD6BZjw==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
365 B 211ms
111ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: E0hm6Md8gS23-2HxpeFyel5fHKPwTjqnqJHYZE4uPkm5QS5qN6igMA==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
365 B 205ms
106ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: WpSV-a6ANGMVKfRgF0c6CPI0y1vD6z6Ph6zeEVpYPcJa8fz3bTT1nw==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
363 B 216ms
118ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: BiTs_q-hBEPz2hSHTqDK9ur5y0ejCPi_s5rfiUplPliaec4v6d122Q==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
364 B 207ms
110ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: r49S-qAfbNDbJd2zb17cnGtnOgJg7FmB-GP4W4Biai70zIPAiKk5bQ==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
365 B 204ms
108ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 25tp6GxbC7Kb_rYLj4HMHDXvX_TuccqAi1Rv-LxhF8J-i6JTkapimA==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
365 B 207ms
112ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: Zd3Orc_Airkdrb_GFZlLx0UFw8d7Umz-mpw9Rwb0P1WiDU7hVTzO1g==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
366 B 199ms
105ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 7Uh67TDFTXFpcJYXvh0qD4TRakYgqKSRWj-Ooh3vG0jWDdx-4IG_pA==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
365 B 204ms
110ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: lW0ElArOvwNLd9fT0l3drBh3FQsEOm-ybMtt0q9QmqPhbSu6qeUz7Q==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
365 B 197ms
104ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: Df3lDU4Di_HiPOhpOnkDGR90DmtVdlfLc2SQyj3xvIVFfoGmV7C_cw==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
364 B 201ms
109ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: P1c6w-PoP2Kl64ab_fxBswmt28uY7rSw6wSCusRn9F3R0cbXq3f8YA==

GET
H2 200 clickstream.js Show response
d10lpsik1i8c69.cloudfront.net/js/ Frame B426 287 KB
92 KB 147ms
53ms Script
application/javascript 18.160.0.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.0.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-0-29.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08364858e416bd80eb1c1e08b68b3b0bdf8c565df9324401e800e0a781147aeb

Request headers

Referer
Origin: https://www.gesa.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 17:09:41 GMT
content-encoding: gzip
via: 1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
age: 17127352
x-cache: Hit from cloudfront
last-modified: Fri, 02 Sep 2022 19:59:47 GMT
server: AmazonS3
etag: W/"6a7ba000cc0f3518baa46608eb12410c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: HUfPYYwFEKbvR-8xPK09gB6O-WUQK9SgucRjVijVVa7i8CbrJFdL-w==

GET
H3 200 Paradise-Way-Branch-100723_8-1.jpg
www.gesa.com/wp-content/uploads/2022/07/ 189 KB
189 KB 41ms
39ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/07/Paradise-Way-Branch-100723_8-1.jpg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

580f189b1fa0b5d382ac4cf3c93965259e59bec2ad687d36e0f4678782de96a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 194951
cf-polished: origSize=202274
alt-svc: h3=":443"; ma=86400
content-length: 193183
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 13 Jul 2023 21:53:39 GMT
server: cloudflare
etag: "64b07263-31622"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327b910a9e8df4-MIA

GET
H2 200 font-hotjar_5.65042d.woff2
script.hotjar.com/ 2 KB
3 KB 146ms
53ms Font
font/woff2 18.160.18.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/font-hotjar_5.65042d.woff2

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.18.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-18-45.iad12.r.cloudfront.net

Software

Resource Hash

fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gesa.com/
Origin: https://www.gesa.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 db8c74a249442b107d8358be4371339e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4
age: 1776896
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 18 Aug 2023 09:05:29 GMT
etag: "c9fb9163f8b7be37023ebe649688bebf"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
x-robots-tag: none
x-amz-cf-id: tVtY372BmcX_bufJ-C3rqkPinz7wr_XT6DQy4b-BzYQksVlQzaswMg==

GET
H3 200 802797680067475 Show response
connect.facebook.net/signals/config/ 109 KB
29 KB 95ms
95ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/802797680067475?v=2.9.125&r=stable&domain=www.gesa.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ee1c88cace5f9a6b7dc7de99a5bbce40d876163d3f06d9c0aa69f8d8e0f1b67b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 07 Sep 2023 22:45:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: anfzyZ7Lvo5No45C+TKM/J6Lrq6qty4s09nDsstVQ9bbqHmRO+4pp11ZEtkpMHWaB7G6Ekr/HNZ6iMCSN5fMCQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 57ms
57ms Script
application/x-javascript 2600:1402:b800:3::172f:cc34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1402:b800:3::172f:cc34 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=46833
accept-ranges: bytes
content-length: 4862

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4860388&time=1694126733030&url=https%3A%2F%2Fwww.gesa.com%2F&tm=gtmv2
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4860388&time=1694126733030&url=https%3A%2F%2Fwww.gesa.com%2F&tm=gtmv2&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4860388%26time%3D1694126733030%26url%3Dhttps%253A%252F%252Fwww.gesa.com%252F%26tm...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4860388&time=1694126733030&url=https%3A%2F%2Fwww.gesa.com%2F&tm=gtmv2&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4860388&time=1694126733030&url=https%3A%2F%2Fwww.gesa.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLtyyy06L-HSgAAAYpx0nh5j7xoa7CP9u4XrUQ...

0
488 B

200ms
98ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4860388&time=1694126733030&url=https%3A%2F%2Fwww.gesa.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLtyyy06L-HSgAAAYpx0nh5j7xoa7CP9u4XrUQ1Zu2Rx0FQBbkjbCpfePnmbJPJzMO57g
Requested by: Host: www.gesa.com
URL: https://www.gesa.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:33 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 02A87B8900714677B8BC8F1D408F9436 Ref B: MIA301000105009 Ref C: 2023-09-07T22:45:33Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYEzJ4pCeqK2WdYf9z9AQ==

Redirect headers

date: Thu, 07 Sep 2023 22:45:33 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 415C8DE571BD44C381162DD286427014 Ref B: MIAEDGE2807 Ref C: 2023-09-07T22:45:33Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4860388&time=1694126733030&url=https%3A%2F%2Fwww.gesa.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLtyyy06L-HSgAAAYpx0nh5j7xoa7CP9u4XrUQ1Zu2Rx0FQBbkjbCpfePnmbJPJzMO57g
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYEzJ4meegoZD1C2wrqDg==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
366 B 120ms
119ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: OjqfjCPBqvm6yTkRxHuS3tyg-b4G2w508mu1uHfq3wrHhkOROtqJSw==

GET
H2 200 visitor.php Show response
app.leadsrx.com/ 112 B
543 B 163ms
162ms XHR
text/html 44.228.100.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.leadsrx.com/visitor.php?acctTag=huzooe43734&tz=600&ref=&u=https%3A%2F%2Fwww.gesa.com%2F&t=Washington%20Credit%20Union%20%7C%20Loans%20%7C%20Savings%20Accounts%20%7C%20Gesa&lc=null&anon=0&vin=null

Requested by

Host: app.leadsrx.com
URL: https://app.leadsrx.com/visitor.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

44.228.100.41 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-100-41.us-west-2.compute.amazonaws.com

Software

nginx/1.20.1 / PHP/5.6.40

Resource Hash

c3f65f4d7577e2ad237ee54890e160ae586b30c282f659216d5ca4585ff825dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 07 Sep 2023 22:45:33 GMT
x-content-type-options: nosniff
server: nginx/1.20.1
x-powered-by: PHP/5.6.40
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.gesa.com
access-control-allow-credentials: true

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/ 36 B
364 B 56ms
55ms XHR
application/json 2600:9000:20aa:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4860388/domain/gesa.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.gesa.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:17:33 GMT
content-encoding: gzip
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1680
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 2bvHN-AT8aoiSVXyU_JeitkBfUlPpxrLvM6rf6gVdm8ihoK2HC6WsA==

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame E8F0 5 KB
2 KB 79ms
62ms Document
text/html 185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=2179965&ADFdivider=%7C&ord=796062282147&ADFtpmode=2&loc=https%3A%2F%2Fwww.gesa.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ae225d09cc8eebd4d91d2d8cd703b217bc6d03f3e10fbe4d3cec45677bc063c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gesa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 22:45:33 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
467 B 260ms
62ms Image
image/gif 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=5787578933027778291&stamp=SMAnJSX-sYoDvP-67D9Y4w2

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 58ms
53ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=309829729581526&ev=PageView&dl=https%3A%2F%2Fwww.gesa.com&rl=&if=false&ts=1694126733131&sw=1600&sh=1200&v=2.9.125&r=stable&a=dvpixelyoursite&ec=0&o=28&fbp=fb.1.1694126728748.1560947470&cs_est=true&pm=1&hrl=8862d9&it=1694126729302&coo=false&cs_cc=1&cas=2051438564888032%2C2582691048423790&rqm=GET

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 07 Sep 2023 22:45:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 58ms
54ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=802797680067475&ev=PageView&dl=https%3A%2F%2Fwww.gesa.com&rl=&if=false&ts=1694126733132&sw=1600&sh=1200&v=2.9.125&r=stable&a=dvpixelyoursite&ec=0&o=28&fbp=fb.1.1694126728748.1560947470&pm=1&hrl=368891&it=1694126729302&coo=false&cs_cc=1&rqm=GET

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 07 Sep 2023 22:45:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame F2A2 0
18 B 55ms
55ms Document
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.gesa.com
Referer: https://www.gesa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.gesa.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 22:45:33 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK bc04200588d29fe97c0c8a783f268d7d6ecf1d2de1d1d417f28d36799e47de Show response
api.alpharank.io/api/pixel/script/ 45 KB
45 KB 211ms
211ms Script
text/javascript 52.88.183.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.alpharank.io/api/pixel/script/bc04200588d29fe97c0c8a783f268d7d6ecf1d2de1d1d417f28d36799e47de?c=n&t=1694131200000
Requested by: Host: api.alpharank.io
URL: https://api.alpharank.io/api/pixel/script/bc04200588d29fe97c0c8a783f268d7d6ecf1d2de1d1d417f28d36799e47de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.183.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-183-153.us-west-2.compute.amazonaws.com
Software: nginx/1.12.2 / Express
Resource Hash: 4a25be1f0513a03c0595d7adc16dbd4402afaa9f00fdcb2564b53613eba2ad8b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 22:45:33 GMT
Server: nginx/1.12.2
X-Powered-By: Express
ETag: W/"b34c-5l4RE/4mt4MMmx9MJ5iDiT4UXqA"
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: undefined
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 45900

GET
H2 200 plf
c1.adform.net/imatch/ Frame E8F0 0
384 B 67ms
67ms Image
text/plain 185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame E8F0
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=5787578933027778291&Expiration=1695336333
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5787578933027778291&Expiration=1695336333

43 B
425 B

55ms
54ms

Image
image/gif

54.85.196.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5787578933027778291&Expiration=1695336333
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: H2
Server: 54.85.196.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-196-221.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Sep 2023 22:45:33 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5787578933027778291&Expiration=1695336333
access-control-allow-origin: *
date: Thu, 07 Sep 2023 22:45:33 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame E8F0 0
400 B 383ms
145ms Image
text/plain 23.47.65.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=5787578933027778291
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.47.65.161 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-65-161.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Sep 2023 22:45:33 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Wed, 06 Sep 2023 22:45:33 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame E8F0 0
652 B 339ms
54ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=5787578933027778291
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 574abe46412f7df61ec8713ff1a5b646
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E8F0
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5787578933027778291&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5787578933027778291&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=cd31e8b0cd7c4c30a...
https://c1.adform.net/serving/cookie/match?party=9&uid=84409d25281882687cfafb82973e600761ea3f6c2de2db52c47ae6a917f63127

35 B
591 B

62ms
62ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=84409d25281882687cfafb82973e600761ea3f6c2de2db52c47ae6a917f63127

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=84409d25281882687cfafb82973e600761ea3f6c2de2db52c47ae6a917f63127
date: Thu, 07 Sep 2023 22:45:33 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E8F0
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=5787578933027778291&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
https://c1.adform.net/serving/cookie/match?party=10&cid=3061448840794273251

35 B
591 B

64ms
63ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=10&cid=3061448840794273251

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=10&cid=3061448840794273251
pragma: no-cache
date: Thu, 07 Sep 2023 22:45:32 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame E8F0
Redirect Chain

https://ups.analytics.yahoo.com/ups/55944/sync?uid=5787578933027778291&_origin=1
https://ups.analytics.yahoo.com/ups/55944/sync?uid=5787578933027778291&_origin=1&verify=true

0
121 B

56ms
56ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=5787578933027778291&_origin=1&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=5787578933027778291&_origin=1&verify=true
date: Thu, 07 Sep 2023 22:45:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame E8F0 43 B
594 B 301ms
63ms Image
image/gif 38.98.139.150
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=5787578933027778291
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.98.139.150 Chicago, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Sep 2023 22:45:33 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1694126733585026-439

GET
H2

200

sync
partners.tremorhub.com/ Frame E8F0
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=5787578933027778291
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=5787578933027778291
https://partners.tremorhub.com/sync?UIBS=0c97a7cd-efa4-4e08-b39f-045166213eef&gdpr=&gdpr_consent=&us_privacy=

43 B
175 B

252ms
51ms

Image
image/gif

2600:1f18:612b:4264:dff3:a5b7:8008:2892
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIBS=0c97a7cd-efa4-4e08-b39f-045166213eef&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: H2
Server: 2600:1f18:612b:4264:dff3:a5b7:8008:2892 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 07 Sep 2023 22:45:33 GMT
server: nginx
content-type: image/gif

Redirect headers

Location: //partners.tremorhub.com/sync?UIBS=0c97a7cd-efa4-4e08-b39f-045166213eef&gdpr=&gdpr_consent=&us_privacy=
Date: Thu, 07 Sep 2023 22:45:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame E8F0
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5787578933027778291&expiration=1695336333
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5787578933027778291&expiration=1695336333&C=1

43 B
337 B

73ms
72ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5787578933027778291&expiration=1695336333&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: H2
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xhgg4MCiukyU73u6Gqp54X%2FEGngtjMVjdtqzz5opOHTyQQlOBm0hhJizETCiFO5lJuhlMOBDCnOo%2BQ0GN4jdNVb0fsYOvIFh4RUwE6BfOpZYQxPKmQdBoa66ritKTU8LwKZkNYYjlGpThQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80327b942835497c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipBIr6pwhV7c43P0dRKtLqVUBBr%2F43tS3mTH22ehTQUv21SHBsuZlkVhqi8veOTk2ngx5llJ%2FpkBowjZTMRiBJss1zzM7EVvZZKVIYXJBvLgVbSP5eyT3KuR5qyw0KsE1GosrXA%2BTdwjnw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=5787578933027778291&expiration=1695336333&C=1
cache-control: no-cache
cf-ray: 80327b93bfa0497c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET info
uipglob.semasio.net/adform/1/ Frame E8F0 0
0

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame E8F0
Redirect Chain

https://ps.eyeota.net/match?uid=5787578933027778291&bid=9gdtmu1
https://ps.eyeota.net/match/bounce/?uid=5787578933027778291&bid=9gdtmu1

70 B
440 B

54ms
53ms

Image
image/gif

50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=5787578933027778291&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: HTTP/1.1
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 07 Sep 2023 22:45:33 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=5787578933027778291&bid=9gdtmu1
Date: Thu, 07 Sep 2023 22:45:33 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 /
loadm.exelator.com/load/ Frame E8F0 0
324 B 336ms
52ms Image
text/plain 50.16.197.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5787578933027778291
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-197-56.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame E8F0
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=5787578933027778291
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNTc4NzU3ODkzMzAyNzc3ODI5MRAAGg0IjaXppwYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=867b21edc17515aa69c8e237d0dad82b52e6d624d152e047c6e58b1201c627cd791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=867b21edc17515aa69c8e237d0dad82b52e6d624d152e047c6e58b1201c627cd791426b5417dce21&rand=00035953

0
144 B

88ms
88ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=867b21edc17515aa69c8e237d0dad82b52e6d624d152e047c6e58b1201c627cd791426b5417dce21&rand=00035953
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:33 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 1F939D89B53B4B78B473D8C2A4D8E825 Ref B: MIAEDGE2807 Ref C: 2023-09-07T22:45:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYEzJ4vw4W4zPN7WVL+4A==

Redirect headers

date: Thu, 07 Sep 2023 22:45:33 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=867b21edc17515aa69c8e237d0dad82b52e6d624d152e047c6e58b1201c627cd791426b5417dce21&rand=00035953
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5787578933027778291/gdpr=/ Frame E8F0
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5787578933027778291/gdpr=/gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5787578933027778291/gdpr=/gdpr_consent=

49 B
544 B

66ms
65ms

Image
image/gif

54.86.123.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5787578933027778291/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: H2
Server: 54.86.123.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-123-255.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:34 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.6.159
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:33 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5787578933027778291/gdpr=/gdpr_consent=
cache-control: no-cache
x-server: 10.40.40.143
content-length: 0
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame E8F0 62 B
431 B 433ms
224ms Image
image/gif 184.28.136.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=5787578933027778291
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.136.218 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-136-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 07 Sep 2023 22:45:34 GMT
content-length: 62
content-type: image/gif

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E8F0
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5787578933027778291
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5787578933027778291

43 B
180 B

40ms
39ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5787578933027778291
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5787578933027778291
date: Thu, 07 Sep 2023 22:45:33 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame E8F0
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

435ms
138ms

Image
image/gif

52.92.4.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: HTTP/1.1
Server: 52.92.4.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 22:45:35 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: 1FVSAZ8K35C80B8P
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: u0M9SYT20Ev8viTaPdGAcrq4+ThZ3yWY1bLAHDOVeZ+Aor2KHYfvDkB6eqh+bRzS4iO4TpjtaUo=

Redirect headers

X-Error-Reason: Missing UserId
Date: Thu, 07 Sep 2023 22:45:34 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E8F0
Redirect Chain

https://pixel.onaudience.com/?mapped=5787578933027778291&partner=68
https://spl.zeotap.com/?zdid=1332&zcluid=7fd3b9eebf44c39d
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=27ee0705-a39d-4ef6-4445-074276ee5503&reqId=c663df25-eeed-42fe-577d-0c1748764723&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEOhoAS6pwuwgnbVoxeDn2Go&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=27ee0705-a39d-4ef6-4445-074276ee5503&reqId=c663df25-eeed-42fe-577d-0c1...

95 B
165 B

151ms
142ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?google_gid=CAESEOhoAS6pwuwgnbVoxeDn2Go&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=27ee0705-a39d-4ef6-4445-074276ee5503&reqId=c663df25-eeed-42fe-577d-0c1748764723&zcluid=7fd3b9eebf44c39d&zdid=1332

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:34 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://c1.adform.net
access-control-allow-credentials: true
cf-ray: 80327b9bee083370-MIA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEOhoAS6pwuwgnbVoxeDn2Go&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=27ee0705-a39d-4ef6-4445-074276ee5503&reqId=c663df25-eeed-42fe-577d-0c1748764723&zcluid=7fd3b9eebf44c39d&zdid=1332
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame E8F0 0
338 B 279ms
52ms Image
text/plain 3.221.126.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=5787578933027778291
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.126.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-126-30.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-served-by: beacon-n007-ash-prod.krxd.net
date: Thu, 07 Sep 2023 22:45:34 GMT
cache-control: private, no-cache, no-store
x-request-time: D=43 t=1694126734
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame E8F0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTc4NzU3ODkzMzAyNzc3ODI5MQ
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELvhf1E1ny7oo2op2M8yZZ8&google_cver=1&google_ula=1641347,0

35 B
591 B

63ms
62ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELvhf1E1ny7oo2op2M8yZZ8&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELvhf1E1ny7oo2op2M8yZZ8&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
secure.adnxs.com/ Frame E8F0
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=3718072090947261817&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=5787578933027778291

43 B
836 B

81ms
81ms

Image
image/gif

68.67.160.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=5787578933027778291

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580

Protocol

Server

68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:34 GMT
an-x-request-uuid: 6bd45d5a-7899-4914-b0c5-b760494e2c4e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=5787578933027778291
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame E8F0 42 B
472 B 246ms
55ms Image
image/gif 162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5787578933027778291
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 07 Sep 2023 22:45:34 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame E8F0 0
384 B 76ms
76ms Image
text/plain 185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame E8F0 43 B
444 B 190ms
48ms Image
image/gif 18.165.98.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.98.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-98-35.iad55.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 18:19:32 GMT
Via: 1.1 305fa1d7f9df4e42edba1bba6d0ebb56.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: IAD55-P4
Age: 15961
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: hVgZNavmT7KzIv_mdAAfxEvnBZ0tN2XwOiMHUJP-iVvC5AxPCds8SA==

GET
H/1.1

200

p
a.audrte.com/ Frame E8F0
Redirect Chain

https://a.audrte.com/a?adform_uid=5787578933027778291
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aWMzdUFqRzFrSGFSaXFSNmJEaUFQUDN6QQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

235ms
235ms

Image
image/png

52.55.229.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: HTTP/1.1
Server: 52.55.229.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-229-9.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 22:45:34 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Thu, 07 Sep 2023 22:45:34 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E8F0
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=5787578933027778291&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=5787578933027778291&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=69250196544509240360270454557119392257&noredirect=1

35 B
591 B

66ms
65ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=69250196544509240360270454557119392257&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-va6-2-v049-069e90abf.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: r8FL65+fQ7U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=69250196544509240360270454557119392257&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame E8F0
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=5787578933027778291
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=215020604632012978129

35 B
600 B

67ms
63ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=215020604632012978129

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:34 GMT
via: 1.1 3f8050fbf1460156d177f2d3d6a03332.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: IAD12-P4
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=215020604632012978129
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: N40xL2MHv0C-OnNCg-T8-WEWCSXO_nSChVwruPQbWqqkfN3gXimcSA==
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame E8F0
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7276218917818857631

35 B
600 B

62ms
61ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7276218917818857631

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7276218917818857631
Date: Thu, 07 Sep 2023 22:45:34 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame E8F0 62 B
360 B 188ms
188ms Image
image/gif 184.28.136.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=5787578933027778291
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.136.218 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-136-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 07 Sep 2023 22:45:34 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E8F0
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=565e64fa-528e-4e00-b3bf-08accedca7f3

35 B
600 B

62ms
62ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=565e64fa-528e-4e00-b3bf-08accedca7f3

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Thu, 07 Sep 2023 22:45:34 GMT
Server: MT3 1031 59fd23a master iad iad-pixel-x25 config_version:"1969"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=565e64fa-528e-4e00-b3bf-08accedca7f3
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 07 Sep 2023 22:45:33 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E8F0
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=l5ln6jnM1QEnKK5

35 B
591 B

64ms
63ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=l5ln6jnM1QEnKK5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Thu, 07 Sep 2023 22:45:34 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-00f2ccd06c31eb2a2@us-east-1b@dxedge-app-us-east-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=l5ln6jnM1QEnKK5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame E8F0
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=499e5c59-7370-4b7a-b4eb-ef16a1fa42c0

35 B
591 B

69ms
69ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=499e5c59-7370-4b7a-b4eb-ef16a1fa42c0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=499e5c59-7370-4b7a-b4eb-ef16a1fa42c0
date: Thu, 07 Sep 2023 22:45:34 GMT
server: Kestrel
content-length: 225

GET image.sbmx
global.ib-ibi.com/ Frame E8F0 0
0

GET
H/1.1

200

3.gif
id5-sync.com/c/10/2/0/ Frame E8F0
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=5787578933027778291
https://id5-sync.com/c/10/10/2/1.gif?puid=5787578933027778291&gdpr=0&gdpr_consent=&us_privacy=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-97cbE0M_RR7BsiBm6jZtGbEs-R4pyaDSyQCJnSuCwQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%...
https://id5-sync.com/cq/10/124/1/2.gif?puid=105e2a18-828e-4560-a43e-c84cc546b385&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/0/3.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/10/2/0/3.gif?puid=3718072090947261817&gdpr=0&gdpr_consent=

43 B
1 KB

146ms
145ms

Image
image/gif

141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/10/2/0/3.gif?puid=3718072090947261817&gdpr=0&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580

Protocol

HTTP/1.1

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 07 Sep 2023 22:45:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:35 GMT
an-x-request-uuid: bff4ac0e-c42c-4c09-afa9-5165aff430e1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://id5-sync.com/c/10/2/0/3.gif?puid=3718072090947261817&gdpr=0&gdpr_consent=
x-proxy-origin: 38.132.118.69; 38.132.118.69; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame E8F0
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2274694957
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=V5MDv8TKjlK/mnpmHfL8K.

35 B
591 B

62ms
62ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=V5MDv8TKjlK/mnpmHfL8K.

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:34 GMT
via: 1.1 google
last-modified: Thu, 07 Sep 2023 22:45:34 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=V5MDv8TKjlK/mnpmHfL8K.
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame E8F0 23 B
278 B 303ms
119ms Image
image/gif 23.206.123.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=5787578933027778291
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.123.93 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-123-93.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires: Thu, 07 Sep 2023 22:45:34 GMT
pragma: no-cache
date: Thu, 07 Sep 2023 22:45:34 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET pixel.gif
sync.1dmp.io/ Frame E8F0 0
0

GET
H2

200

/
sync.taboola.com/sg/smaatortb-network/1/rtb-h/ Frame E8F0
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=5787578933027778291
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=5ec638d5b7&gdpr=0&gdpr_consent=

0
376 B

192ms
61ms

Image
text/plain

141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=5ec638d5b7&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: H2
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:35 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 61251

Redirect headers

date: Thu, 07 Sep 2023 22:45:34 GMT
via: 1.1 2c0478fce3b7f4f5348678901d1bf60a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD89-P2
x-cache: Miss from cloudfront
location: https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=5ec638d5b7&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 5ZKIw3VOaeRVOudGSYmkRbrHSw-9AUxS8UKhfbvXphHt6g2oBF7hvg==

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E8F0
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=5787578933027778291&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=5787578933027778291&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ca7951a4-7bdf-48a2-aa09-ad44fd620653%252Chttps%25253A%25252F%25252Fc1.adform.net%25252Fserving%25252Fcookie%25252Fmatch%2...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=499e5c59-7370-4b7a-b4eb-ef16a1fa42c0&ttd_puid=ca7951a4-7bdf-48a2-aa09-ad44fd620653%2Chttps%253A%252F%252Fc1.adform.net%25...
https://c1.adform.net/serving/cookie/match?party=2007&cid=ca7951a4-7bdf-48a2-aa09-ad44fd620653

35 B
591 B

64ms
64ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=ca7951a4-7bdf-48a2-aa09-ad44fd620653

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 22:45:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

date: Thu, 07 Sep 2023 22:45:35 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=ca7951a4-7bdf-48a2-aa09-ad44fd620653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 5787578933027778291
match.contentexchange.me/adform/ Frame E8F0 0
49 B 479ms
158ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/5787578933027778291?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:35 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame E8F0 43 B
109 B 187ms
77ms Image
image/gif 100.25.123.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=16974&user_id=5787578933027778291
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.123.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-123-161.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:35 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame E8F0
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=5787578933027778291&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=5787578933027778291&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

54ms
53ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=5787578933027778291&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 07 Sep 2023 22:45:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=5787578933027778291&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
date: Thu, 07 Sep 2023 22:45:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync.php
pixel.rubiconproject.com/exchange/ Frame E8F0
Redirect Chain

https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=5787578933027778291
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

42 B
731 B

218ms
54ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c1df09169f58a071f2a391dff1b3307b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma: no-cache
Date: Thu, 07 Sep 2023 22:45:35 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 put
e1.emxdgt.com/ Frame E8F0 43 B
120 B 211ms
51ms Image
image/gif 3.210.56.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=5787578933027778291
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.210.56.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-56-21.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:34 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2 204 adf
pixel.sojern.com/idsync/ Frame E8F0 0
156 B 104ms
44ms Image
text/plain 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=5787578933027778291
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"

GET
H2 200 plf
c1.adform.net/imatch/ Frame E8F0 0
384 B 65ms
65ms Image
text/plain 185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=5787578933027778291&agencyId=7028&advertiserId=2079361&src=tp&rnd=148580
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

POST
H/1.1 200
OK pixel.gif
pixel.alpharank.io/ 35 B
543 B 344ms
104ms Ping
application/octet-stream 52.88.183.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.alpharank.io/pixel.gif?id=bc04200588d29fe97c0c8a783f268d7d6ecf1d2de1d1d417f28d36799e47de&duid=4.32.4-btlnnnyp-lm9rbdrf&fp=36dc836bfcfce12a6e455f1a2df53c47&ev=pageload&v=4.32.4&dl=https%3A%2F%2Fwww.gesa.com%2F&ts=1694126733199&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=Washington%20Credit%20Union%20%7C%20Loans%20%7C%20Savings%20Accounts%20%7C%20Gesa&bn=Chrome%20116&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.179%20Safari%2F537.36&tz=600
Requested by: Host: api.alpharank.io
URL: https://api.alpharank.io/api/pixel/script/bc04200588d29fe97c0c8a783f268d7d6ecf1d2de1d1d417f28d36799e47de?c=n&t=1694131200000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.183.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-183-153.us-west-2.compute.amazonaws.com
Software: nginx/1.12.2 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 22:45:33 GMT
Server: nginx/1.12.2
X-Powered-By: Express
ETag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.gesa.com
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 35

GET
H3 200 Goethals-Branch-100723_2.jpg
www.gesa.com/wp-content/uploads/2022/07/ 132 KB
132 KB 40ms
39ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gesa.com/wp-content/uploads/2022/07/Goethals-Branch-100723_2.jpg

Requested by

Host: www.gesa.com
URL: https://www.gesa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

70d5e6c1d9df9766872d0d029b0c9620358f2412a08a7f9d37a1f7f24f43a2f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gesa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 22:45:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 197331
cf-polished: origSize=138490
alt-svc: h3=":443"; ma=86400
content-length: 134721
x-xss-protection: 1; mode=block
referrer-policy: origin
cf-bgj: imgq:100,h2pri
last-modified: Thu, 13 Jul 2023 21:52:31 GMT
server: cloudflare
etag: "64b0721f-21cfa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
accept-ranges: bytes
cf-ray: 80327ba77b608df4-MIA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: uipglob.semasio.net
URL: https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=5787578933027778291&sInitiator=external

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=5787578933027778291

Domain: sync.1dmp.io
URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5787578933027778291

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

128 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.gesa.com/	1970-01-20 18:54:38	Name: pbid Value: f53054eb709268e6ae7832037a5039fa4ca20e48bfc7fe07fdd9a417732a2fca
www.gesa.com/	1970-01-20 14:35:30	Name: pys_session_limit Value: true
www.gesa.com/	1969-12-31 23:59:59	Name: pys_start_session Value: true
.gesa.com/	1970-01-21 00:11:26	Name: _evga_6d54 Value: {%22uuid%22:%22762abc2d0f843760%22}
.gesa.com/	1970-01-21 00:11:26	Name: _sfid_0e63 Value: {%22anonymousId%22:%22762abc2d0f843760%22%2C%22consents%22:[]}
www.gesa.com/	1970-01-20 14:45:31	Name: pys_first_visit Value: true
www.gesa.com/	1970-01-20 14:45:31	Name: pysTrafficSource Value: direct
www.gesa.com/	1970-01-20 14:45:31	Name: pys_landing_page Value: https://www.gesa.com/
www.gesa.com/	1970-01-20 14:45:31	Name: last_pysTrafficSource Value: direct
www.gesa.com/	1970-01-20 14:45:31	Name: last_pys_landing_page Value: https://www.gesa.com/
www.gesa.com/	1970-01-20 14:45:31	Name: _fbp Value: fb.1.1694126728748.1560947470
.gesa.com/	1970-01-20 16:45:02	Name: _gcl_au Value: 1.1.1063040682.1694126729
gesacu.us-1.evergage.com/	1970-01-20 14:45:31	Name: AWSALBTGCORS Value: FKJ+WKcgCk4tnUqtQ4u5DSEf9OzYwPetEGFl+FASpyXnxEgA3M/P6+yXhOQuIqFSqmcapFAeNunnZ2IxPWKtme7taYMvws6TUK4XI3Lomq5hzLbP0WHX+TdmKkCNnRYbCFYs9WYsriyVbiVTokoWgQybCe7iPq1hFfs7axDj06+hDxWL00M=
.gesa.com/	1970-01-20 16:45:02	Name: _rdt_uuid Value: 1694126729344.0d128bf4-d2ff-41a4-93b1-25a11e50929a
.gesa.com/	1970-01-21 00:11:26	Name: _ga_H1S93VJW48 Value: GS1.1.1694126729.1.0.1694126729.60.0.0
.gesa.com/	1970-01-21 00:11:26	Name: _ga Value: GA1.2.623163664.1694126729
.gesa.com/	1970-01-20 14:36:53	Name: _gid Value: GA1.2.1331610609.1694126729
.gesa.com/	1970-01-20 14:35:26	Name: _dc_gtm_UA-32823301-1 Value: 1
.gesa.com/	1970-01-20 14:36:53	Name: _uetsid Value: 3ea4b9a04dd011ee81afdf2d51c5d2d7
.gesa.com/	1970-01-20 23:57:02	Name: _uetvid Value: 3ea4f7b04dd011eebbb77b36de582c66
tags.srv.stackadapt.com/	1970-01-20 23:21:02	Name: sa-user-id Value: s%3A0-68641954-ff85-58a9-70a8-0a45c4c12580.S3DfmYyocKRvvR6qQowMjMlAmvHxlAC%2BWLaW9uqT39Y
.srv.stackadapt.com/	1970-01-20 23:21:02	Name: sa-user-id Value: s%3A0-68641954-ff85-58a9-70a8-0a45c4c12580.S3DfmYyocKRvvR6qQowMjMlAmvHxlAC%2BWLaW9uqT39Y
tags.srv.stackadapt.com/	1970-01-20 23:21:02	Name: sa-user-id-v2 Value: s%3AaGQZVP-FWKlwqApFxMElgCaEdkU.kfZXQioWbxnBR7oQXs7ziZA1DFAW0NAhBQmZUA6Wkts
.srv.stackadapt.com/	1970-01-20 23:21:02	Name: sa-user-id-v2 Value: s%3AaGQZVP-FWKlwqApFxMElgCaEdkU.kfZXQioWbxnBR7oQXs7ziZA1DFAW0NAhBQmZUA6Wkts
tags.srv.stackadapt.com/	1970-01-20 23:21:02	Name: sa-user-id-v3 Value: s%3AAQAKIEjX9IyUCz-LH3myccHSNBQP2Zn5PJKKuv4oZdxfBB7DEHwYBCCJpemnBjABOgT_Q_f4QgRCL1xY.6PR%2BHUHiJFW1dCVHnzMnn%2BS4IbwwGT0qXj8qwKiXTvU
.srv.stackadapt.com/	1970-01-20 23:21:02	Name: sa-user-id-v3 Value: s%3AAQAKIEjX9IyUCz-LH3myccHSNBQP2Zn5PJKKuv4oZdxfBB7DEHwYBCCJpemnBjABOgT_Q_f4QgRCL1xY.6PR%2BHUHiJFW1dCVHnzMnn%2BS4IbwwGT0qXj8qwKiXTvU
.gesa.com/	1970-01-20 16:45:02	Name: _fbp Value: fb.1.1694126728748.1560947470
www.gesa.com/	1970-01-20 23:21:02	Name: sa-user-id Value: s%253A0-68641954-ff85-58a9-70a8-0a45c4c12580.S3DfmYyocKRvvR6qQowMjMlAmvHxlAC%252BWLaW9uqT39Y
www.gesa.com/	1970-01-20 23:21:02	Name: sa-user-id-v2 Value: s%253AaGQZVP-FWKlwqApFxMElgCaEdkU.kfZXQioWbxnBR7oQXs7ziZA1DFAW0NAhBQmZUA6Wkts
www.gesa.com/	1970-01-20 23:21:02	Name: sa-user-id-v3 Value: s%253AAQAKIEjX9IyUCz-LH3myccHSNBQP2Zn5PJKKuv4oZdxfBB7DEHwYBCCJpemnBjABOgT_Q_f4QgRCL1xY.6PR%252BHUHiJFW1dCVHnzMnn%252BS4IbwwGT0qXj8qwKiXTvU
.bing.com/	1970-01-20 23:57:02	Name: MUID Value: 23F25B8A62C86AB4008E480F63A46B53
.bat.bing.com/	1970-01-20 14:45:31	Name: MR Value: 0
.gesa.com/	1970-01-20 23:21:02	Name: _hjSessionUser_2399688 Value: eyJpZCI6ImI2NTA5OWIwLWE4NzYtNWNhYi04NmM4LWViZWI1ZDEyYTk1MiIsImNyZWF0ZWQiOjE2OTQxMjY3Mjk2MTYsImV4aXN0aW5nIjpmYWxzZX0=
.gesa.com/	1970-01-20 14:35:28	Name: _hjFirstSeen Value: 1
.gesa.com/	1970-01-20 14:35:26	Name: _hjIncludedInSessionSample_2399688 Value: 0
.gesa.com/	1970-01-20 14:35:28	Name: _hjSession_2399688 Value: eyJpZCI6ImFlY2JmNWU0LTA1M2MtNDI5Yy04NDg3LTU2YTA0OGI0NzA5YSIsImNyZWF0ZWQiOjE2OTQxMjY3Mjk2MTcsImluU2FtcGxlIjpmYWxzZX0=
.gesa.com/	1970-01-20 14:35:28	Name: _hjAbsoluteSessionInProgress Value: 0
.adform.net/	1970-01-20 15:18:38	Name: C Value: 1
.adform.net/	1970-01-20 16:01:50	Name: uid Value: 5787578933027778291
.adform.net/	1970-01-20 14:36:53	Name: CM Value: 1\|1
www.gesa.com/	1970-01-20 14:36:53	Name: ln_or Value: eyI0ODYwMzg4IjoiZCJ9
.adform.net/	1970-01-20 14:55:36	Name: CM14 Value: 1694213133_1694126733_1_Hu7u4e4e4R7u7u4REREeERERERHhERE
.linkedin.com/	1970-01-20 16:45:02	Name: li_sugr Value: 5f7a610d-a5a6-4d68-bb33-6d99802c42cd
.linkedin.com/	1970-01-20 23:21:02	Name: bcookie Value: "v=2&9a53aa7a-d690-44b5-808c-2300cb9ec5d0"
.linkedin.com/	1970-01-20 14:36:53	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2648:u=1:x=1:i=1694126733:t=1694213133:v=2:sig=AQGkESAyrHZ1Aad4Pgn7rFLTTe9tQwMu"
.leadsrx.com/	1970-01-20 23:21:02	Name: _lab Value: 2251800359044452
.leadsrx.com/	1970-01-20 23:21:02	Name: _lab_lastTouch Value: direct
.gesa.com/	1970-01-20 23:21:02	Name: _lab Value: 2251800359044452
.linkedin.com/	1970-01-20 15:18:38	Name: UserMatchHistory Value: AQK9DpRjO-gJjwAAAYpx0nfD-JFSXznr7edlgyga-Djzn8XY_hc27cayKK0ixbzNxOJKaD07DIuMsA
.linkedin.com/	1970-01-20 15:18:38	Name: AnalyticsSyncHistory Value: AQJRhY7vfmzYdAAAAYpx0nfDL1kl2XRVJ38s5tQJQCbUV0o-GxPPdfPopcfBONMynms3UpjphlhRgECOjybSIw
.seadform.net/	1970-01-20 16:01:54	Name: uid Value: 5787578933027778291
.www.linkedin.com/	1970-01-20 23:21:02	Name: bscookie Value: "v=1&20230907224533c3d2d96b-e42b-4f56-820b-56e3f79306eeAQH11xtOIdrx7IxJEDMTtBW8Czh1R7Jm"
.casalemedia.com/	1970-01-20 23:21:02	Name: CMID Value: ZPpSjSurarpmwZ9XLDiDmgAA
.casalemedia.com/	1970-01-20 16:45:02	Name: CMPS Value: 1656
.casalemedia.com/	1970-01-20 16:45:02	Name: CMPRO Value: 1656
.360yield.com/	1970-01-20 16:45:02	Name: tuuid Value: 105e2a18-828e-4560-a43e-c84cc546b385
.360yield.com/	1970-01-20 16:45:02	Name: tuuid_lu Value: 1694126733
.smartadserver.com/	1970-01-21 00:05:41	Name: pid Value: 3061448840794273251
.smartadserver.com/	1970-01-21 00:05:41	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 23:22:29	Name: csync Value: 22:5787578933027778291
.yahoo.com/	1970-01-20 23:21:24	Name: A3 Value: d=AQABBI1S-mQCEPrrUJQnlxPnfcyxxzxvmHsFEgEBAQGk-2QEZdxH0iMA_eMAAA&S=AQAAAvyFHZbBfbHuBS94johxSiw
.bidswitch.net/	1970-01-20 23:21:02	Name: tuuid Value: 0c97a7cd-efa4-4e08-b39f-045166213eef
.bidswitch.net/	1970-01-20 23:21:02	Name: c Value: 1694126733
.bidswitch.net/	1970-01-20 23:21:02	Name: tuuid_lu Value: 1694126733
.rubiconproject.com/	1970-01-20 23:21:02	Name: khaos Value: LM9RBDQB-V-YSS
www.gesa.com/	1970-01-21 00:11:26	Name: __arank_duid Value: 4.32.4-btlnnnyp-lm9rbdrf
.analytics.yahoo.com/	1970-01-20 23:21:02	Name: IDSYNC Value: 1760~2dsm
.eyeota.net/	1970-01-20 23:22:29	Name: mako_uid Value: 18a71d27998-5e7d0000010a4a5d
.eyeota.net/	1970-01-20 14:35:27	Name: SERVERID Value: 19037~DM
.adscale.de/	1970-01-20 23:17:42	Name: uu Value: cd31e8b0cd7c4c30a922cc571f93e2bc
.adscale.de/	1970-01-20 23:17:42	Name: cct Value: 1694126733682
.rlcdn.com/	1970-01-20 23:21:02	Name: rlas3 Value: /CB6nE6s/kDoEF2PKePCdfvK+k0QkGCOXoR2Sm7/yhU=
.rlcdn.com/	1970-01-20 16:01:50	Name: pxrc Value: CI2l6acGEgUI6AcQABIFCOhHEAA=
.ih.adscale.de/	1970-01-20 23:17:42	Name: tu Value: 4#3569551697#42~5787578933027778291~470590~0~0
.openx.net/	1970-01-20 23:21:02	Name: i Value: 28ddc516-5114-4a7d-8d35-751a1ff48d9f\|1694126733
.pippio.com/	1970-01-20 23:21:02	Name: did Value: RuAe1df-aGYkbxyE
.pippio.com/	1970-01-20 23:21:02	Name: didts Value: 1694126733
.pippio.com/	1970-01-20 16:01:50	Name: nnls Value:
.pippio.com/	1970-01-20 16:01:50	Name: pxrc Value: CI2l6acGEgYIgr0rEAA=
pixel.alpharank.io/	1970-01-21 00:11:26	Name: __arank.uid__ Value: e31c8681-c290-42ff-ac5e-b6569dc1d02c
.crwdcntrl.net/	1970-01-20 21:04:12	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 21:04:12	Name: _cc_id Value: 2f75a9ee1be388410b5ccb2ab637b135
.bluekai.com/	1970-01-20 18:57:31	Name: bku Value: /Ux99/NuIZHtygXm
.krxd.net/	1970-01-20 18:54:38	Name: _kuid_ Value: PyFlvgGC
.pubmatic.com/	1970-01-20 15:18:38	Name: KRTBCOOKIE_391 Value: 22924-5787578933027778291&KRTB&23263-5787578933027778291&KRTB&23481-5787578933027778291
.pubmatic.com/	1970-01-20 15:18:38	Name: PugT Value: 1694126734
.doubleclick.net/	1970-01-21 00:11:26	Name: IDE Value: AHWqTUmkPfc7FeZqZsKhiBjnz8KDLVT7y31EZNqPfBgNHUVUHnX2CHKxnlG5Ux_1jwk
.adnxs.com/	1970-01-20 16:45:02	Name: uuid2 Value: 3718072090947261817
.onaudience.com/	1970-01-20 23:21:02	Name: cookie Value: 7fd3b9eebf44c39d
.onaudience.com/	1970-01-20 14:36:53	Name: done_redirects219 Value: 1
.demdex.net/	1970-01-20 18:54:38	Name: demdex Value: 69250196544509240360270454557119392257
.dpm.demdex.net/	1970-01-20 18:54:38	Name: dpm Value: 69250196544509240360270454557119392257
.audrte.com/	1970-01-20 14:57:02	Name: arcki2 Value: ic3uAjG1kHaRiqR6bDiAPP3zA!20220908!1694126734304!ip#38.132.118.69
.audrte.com/	1970-01-20 14:57:02	Name: arcki2_adform Value: 5787578933027778291!20220908!1694126734307
.agkn.com/	1970-01-20 23:21:02	Name: ab Value: 0001%3AgHxO7q4PlYf1Uycwrs4c5Ijknr0JdJMI
.mathtag.com/	1970-01-21 00:01:21	Name: uuid Value: 565e64fa-528e-4e00-b3bf-08accedca7f3
.adnxs.com/	1970-01-20 16:45:02	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2C%yjB?g!!]tbPl1M66+q([OUf!M#OkObO+F3Z7VDF`Q*l1fftM^P'W8#W^N3FR@PsXH%!-Z[#?_Liy
.zeotap.com/	1970-01-20 23:21:02	Name: zc Value: 27ee0705-a39d-4ef6-4445-074276ee5503
.zeotap.com/	1970-01-20 14:36:53	Name: zsc Value: G%21%85%B9%9EiO%E2y%3D%96%16%EF%AF0%C5%CEo%2F%1E%86%8E%AE%82%D0%3F%01A%24%BC%E2o%90%C9L%85%C9%CC%C5%07%1E%F6%7D%12+%A5C%CDR%8A%89%92y%2C%81t%102%DE%EAZ%7Dc%B3%80%D4%00a%FFSG%DA+U%E39%17G%12+%5D%CD%9F
.adsrvr.org/	1970-01-20 23:22:29	Name: TDID Value: 499e5c59-7370-4b7a-b4eb-ef16a1fa42c0
.adfarm1.adition.com/	1970-01-20 16:45:02	Name: UserID1 Value: 7276218917818857631
.audrte.com/	1970-01-20 14:57:02	Name: arcki2_ddp2 Value: ic3uAjG1kHaRiqR6bDiAPP3zA!20220908!1694126734630
.w55c.net/	1970-01-21 00:05:41	Name: wfivefivec Value: l5ln6jnM1QEnKK5
.w55c.net/	1970-01-20 15:18:38	Name: matchadform Value: 5
.weborama.fr/	1970-01-21 00:01:21	Name: AFFICHE_W Value: 6UxFNqwzgvbp82
.tapad.com/	1970-01-20 16:01:50	Name: TapAd_TS Value: 1694126734924
.tapad.com/	1970-01-20 16:01:50	Name: TapAd_DID Value: ca7951a4-7bdf-48a2-aa09-ad44fd620653
.id5-sync.com/	1970-01-20 14:35:27	Name: cf Value:
.id5-sync.com/	1970-01-20 14:35:27	Name: cip Value:
.id5-sync.com/	1970-01-20 14:35:27	Name: cnac Value:
.id5-sync.com/	1970-01-20 14:35:27	Name: car Value:
.id5-sync.com/	1970-01-20 14:35:27	Name: gdpr Value:
.id5-sync.com/	1970-01-20 14:35:27	Name: callback Value:
.teads.tv/	1970-01-20 23:19:36	Name: tt_viewer Value: ddfda137-1fa1-4f82-b388-0e014f745cdc
.smaato.net/	1970-01-20 15:05:41	Name: SCM Value: 5ec638d5b7
.smaato.net/	1970-01-20 15:05:41	Name: SCMt Value: 5ec638d5b7
.smaato.net/	1970-01-20 15:05:41	Name: SCM1001213 Value: 5ec638d5b7
.adsrvr.org/	1970-01-20 23:22:29	Name: TDCPM Value: CAESFAoFdGFwYWQSCwiK3Jvnxf-XPBAFGAEgASgCMgsIntKelNz_lzwQBTgBWgV0YXBhZGAC
.tapad.com/	1970-01-20 16:01:50	Name: TapAd_3WAY_SYNCS Value: 1!6022
.3lift.com/	1970-01-20 16:45:02	Name: tluid Value: 3998500526214156885725
.id5-sync.com/	1970-01-20 16:45:02	Name: id5 Value: d4a458b9-1d37-7a72-b80c-4e73e0c54e3b#1694126734911#2
.360yield.com/	1970-01-20 16:45:02	Name: um Value: !42,4a1BixqMC2otkwfkgqPMULjZcR9ZWdOK6tTdUlPXaXTW,1695336333!79,ZIo9GpWxUxHdvJ4qax.2N0qG7aZh8kC0LkzvHyWUrGxRYISSPyGEvCC8O8DqsGKRvM.ShjzUnh6zYS2n,1701902735
.360yield.com/	1970-01-20 16:45:02	Name: umeh Value: !42,0,1756334733,-1!79,0,1756334735,-1
.taboola.com/	1970-01-20 23:21:02	Name: t_gid Value: 10e8461e-8d7d-4dd9-86b4-bd8571f89ce5-tuctbf3d80f
.taboola.com/	1970-01-20 23:21:02	Name: t_pt_gid Value: 10e8461e-8d7d-4dd9-86b4-bd8571f89ce5-tuctbf3d80f
.e-volution.ai/	1970-01-20 14:55:36	Name: v_usr Value: 57c2bee0-ee9e-4b2e-ad0f-9a97f19f6c3f
.id5-sync.com/	1970-01-20 16:45:02	Name: 3pi Value: 2#1694126735467#719949446#3718072090947261817\|10#1694126735055#416996995#5787578933027778291\|124#1694126735255#1525742842
.rubiconproject.com/	1970-01-20 23:21:02	Name: audit Value: 1\|/8gFr5UzN4fLLijwOXf8Om+o9tFjVplXB10WU9EO0vp2znW90u4+Fcwf/69Dugl/jqcKRiQQkRQVbvvNSg8qXw7sohpZJOZzJ1gFPI+/Tv0xfjGj9Tn5MGeVUXqzpntsOh53Xe+wW0M82OBi87/ISg==

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'notifications'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'push'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'vibrate'.
network	error	URL: https://google-analytics.bi.owox.com/collect?v=1&_v=j101&a=1419430577&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gesa.com%2F&ul=en-us&de=UTF-8&dt=Washington%20Credit%20Union%20%7C%20Loans%20%7C%20Savings%20Accounts%20%7C%20Gesa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAEK~&jid=1277963382&gjid=714209932&cid=623163664.1694126729&tid=UA-32823301-1&_gid=1331610609.1694126729&_slc=1&gtm=45He3960n81MTFL685&cd1=623163664.1694126729_1694126729434&z=1686702717 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=5787578933027778291 Message: Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
alb.reddit.com
analytics.google.com
api.adrtx.net
api.alpharank.io
app.leadsrx.com
app.marketplan.io
app.truconversion.com
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
c1.adform.net
cdn.evgnet.com
cdn.linkedin.oribi.io
cm.g.doubleclick.net
connect.facebook.net
d10lpsik1i8c69.cloudfront.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
gesacu.us-1.evergage.com
global.ib-ibi.com
google-analytics.bi.owox.com
googleads.g.doubleclick.net
ib.adnxs.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
mwzeom.zeotap.com
partners.tremorhub.com
pdw-adf.userreport.com
pippio.com
pixel.alpharank.io
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.sojern.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
px.ads.linkedin.com
px4.ads.linkedin.com
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
script.hotjar.com
secure.adnxs.com
secure.node7seat.com
settings.luckyorange.net
simage2.pubmatic.com
snap.licdn.com
spl.zeotap.com
static.hotjar.com
stats.g.doubleclick.net
sync.1dmp.io
sync.crwdcntrl.net
sync.e-volution.ai
sync.taboola.com
sync.teads.tv
tags.bluekai.com
tags.srv.stackadapt.com
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
www.facebook.com
www.freedomforschool.com.gesacu.com
www.gesa.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
x.bidswitch.net
global.ib-ibi.com
sync.1dmp.io
uipglob.semasio.net
100.25.123.161
104.26.10.16
107.178.244.119
107.178.254.65
109.206.161.21
13.107.42.14
141.193.213.21
141.226.224.48
141.94.171.215
141.95.98.64
142.251.163.155
15.197.193.217
151.101.192.114
151.101.193.140
162.248.18.37
172.64.148.101
18.158.134.1
18.160.0.29
18.160.18.45
18.160.18.73
18.160.41.49
18.165.98.35
184.28.136.218
185.167.164.39
185.167.164.43
185.167.164.47
193.243.189.83
2001:4860:4802:38::181
23.105.12.150
23.206.123.93
23.212.144.235
23.47.65.161
2600:1402:b800:3::172f:cc34
2600:1f18:612b:4264:dff3:a5b7:8008:2892
2600:9000:20aa:ec00:2:53b2:240:93a1
2600:9000:2305:5c00:1b:5138:8a40:93a1
2606:4700:10::ac43:db6
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c09::61
2607:f8b0:4004:c17::66
2607:f8b0:4004:c1d::93
2607:f8b0:4004:c1d::9b
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
2a04:4e42:600::396
3.210.56.21
3.221.126.30
34.111.113.62
34.200.65.202
34.251.137.112
35.186.228.179
35.190.24.218
35.190.60.146
35.211.178.172
35.244.159.8
38.98.139.150
44.228.100.41
44.239.145.12
46.19.11.36
50.16.174.192
50.16.197.56
52.146.86.174
52.206.20.105
52.223.22.214
52.55.229.9
52.7.24.177
52.88.183.153
52.92.4.48
54.85.196.221
54.85.243.92
54.86.123.255
68.67.160.132
69.173.151.100
74.208.214.109
75.101.139.62
85.114.159.118
0020646d32da84bf3e786d16ad939d610e989ba3bc2304fb68072f3537c60ee0
00bca6a9271b5e1cbb3965a74f48c1ce0b72bcbf08790aa2cab95f8dc5362153
013c037f68d07cd5a0a595f89995290aec3addca27079bc47ecd128440b06b3a
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
02c711ba2568c0fe00e8a341addd5f14cc6b38581516721dd7528958ab930641
03875f5ffa03acb3b4e09691ae36cdb0f1a4d3af8da45b8f4d998ed175236f59
049998472f24fe69a2a5d946806e7d7772f733953c2e8947dfee3c925becf9ba
04a89601c8f437b9ab3f74714d3374609a58b1079315f8dc5d440cc80d1ed589
06610fe2a43b1065a10fef2028f0e284be932e564723402722764bc7e9b4bee6
08364858e416bd80eb1c1e08b68b3b0bdf8c565df9324401e800e0a781147aeb
09bb15f21c30116957d4917230f723fd982a18e323b9728dee8825ee409b5715
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0afe04cfbce95f98b08ab24d6d787e27054a02c3c02c6bb7da44c86c8515e132
0bc396bf8a3b9e6cd2c8275599ba07f84ae64a6833d38ae8739e44ca553daf0a
0bd83e73599f7353210a85df22ef8b07cecc1427bfdda6cd3b0138106dcee7d9
0c9ef83e9ca2f04a0a6ef605ecdc810c7ea0b36e7b9767bdcf6bdc38c6a8e831
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40
0e5f88d5f3f0a3e98dbadd075c243738506d5c0b668447b08a23911c4723cd3d
0ef003c90c31f90a2abb3b6003fa3c8c463d1eb66eb3c2379b2bd2d7cac626e2
10bd18f098e5cef6e2a15898fe091a6b7821fb97f3f524349552bb3a4f3576d9
119c68cafab2592ca4b6c4c435cc38885313eefbaf9b6373f9ad20c37d172d63
137ce284058103233f12c23f00cb0ce873387bf0d46ce523b5fb1dfb22d8cb05
14ab9d038257f517c4e1b485d7a9228fe500c0ebfa571350232f73f2c1c8e991
1c6dff56285c242a4845a3ff3e182ef9abeb37b941095d88dc418f84b2e0aec1
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d2f6022504259884302bb439c2b3782b0fa686af2a040f3766119cc5a83d464
1dbfeb7d4f8335eba017f0cbb0b779b34122d5e1f2b478e08afd0dd439bdf597
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
226898bfae2c40913fd46106a6634772385e08dddfd767474385770ebae28e0d
22cb7afd879af42251168f826b48ee24fc02073275e079dbf9760af9d7e074e9
23f089aaea27beaaf0eb1f331c6623e8dd59ee0ee3def6b6b45e902c30a9229e
241d5d37ce41bf5054b2a911827b9480f99e669dc2aa7982dca688028b35cb51
246faa0aca51a7be47ae13827bffdec1f0e69699d291c727646b56e83ee1fd0e
251f896d186d1d27c03670e3ea1894bff902ba52479c5ae148fa28cd218e9625
27093f4f08f75d88c67eced79c17e6fc150cc67a37c14e82f424235c996b766f
27c3bae726c78894582c23e5b507dda2dacd2c5c8aa9afe17ae179519e4ba3e0
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d849984aadfbd799da2ee8e12277ac18a70d5e5a2166f73418ba4b46d382432
2e91b83c412d975aec910160ca16c213129d6d2829d7e026581e709daf84b8ff
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3026106731138872e882acce33910e82c9280990fa45317c9e900e1535e5039b
3169045b619f079c09edc6c6dc04268c645697430b7f0ccdfe815b8735c199d5
326b21d33a052c868180ff94d32409cdc689aa9ba9b68ca6787a2853100a1ff3
327f9b2dcba094127adb8f8668fa6dce7bf30e14a9f9166cc7fa1f5f03aecbbf
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
334d5e7f9a35f81aeabf466f3ee3c0c9522077a4f14c336998c7cb9827e7b21d
348a538cfb216ee6c6f9a9b5306cf64df862e7c7dd587baa3d36583d19a440df
34b57f0562e1b835d9472015a0eb0d81b245448db3585cf7f7933755814d1268
34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4
3ae8d74f433ccc26f492867cb1964639892e27298c26e169bfc0777ccd1626b1
3e77dafe902b5371d42c7e236b778a91874bfb8bdb2dc82b3ee3d4803d20fd9d
3ea0ae12147c76e3b4e6ad26bfb580121295c8aa91480dee7b7e579dd00eb23d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
402c047e48c28bd9d49d6a18a3dc1a38d37fbb0cfb7a5fc9112cb284d84dd93b
4543785910eab419295691033691a60ec304e11afe3927e18e2442445bea2f84
45ed254cccf40c2bd7537604bfe5bb11773fc73611c40a1061b2acc04af162f8
4a25be1f0513a03c0595d7adc16dbd4402afaa9f00fdcb2564b53613eba2ad8b
4a518bd1723da2b6011895ad68059361ebb4cb80de3eec9145eacee89ddd9745
4a7fdd491f449c314d884b9b9b6d11cfe037179d84e567a62e1e19584881e3e9
4ad88e6a32db51a41cff1741970ca95b3e433fbfb8be269c72f881a42f2b88c6
4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0
4af9a2e261fb48aca31900045f77d2a6d7dbd55df0c5967c40743f94dd8de0c6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4c668b9785b8c2c0bb2479b6bd16f736385324a5a39870a92cf3d9e801080f01
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
519c7423bbe657f3b2b5e2750c5f56f7f883d9f8b3e9e0b62112a477e2e2f383
533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020
53d8923f74c6b3e4a21745f6edf891b2699aca8920c433dbbc4ff8a7c6e4df9f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55bf0bda5de576f5026effeddf372974746d1ed1309ad882b39e24fbc9eb6c0a
57281860acb6e40d2a7427273de8f14fe40100d41dc3da8da477633efbcaa72a
580f189b1fa0b5d382ac4cf3c93965259e59bec2ad687d36e0f4678782de96a6
58a752f5a1298d0757f7953670951352ab722958e4332e1f1f20a315f836e6e5
5961d71393baae1c306262924f46d57353e352e001f9e20f694f16c074502438
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5ceb0c2088d29cecbe3ee571dc3cf6fec764bbb7c73f0e22c73007149a2ce68d
5d80f13fd7524318f81eb1301170d4d0fbee242c12403c01f3a06c9f681192c7
62eae656d047defc6a444456fb8878aa962ccab6a6841a503fd275cbaeb0b59c
63046617ab9c0650fb173a815023797cbd872c48898e0f57b6ec8fca7bd1d390
641611b58754d802f2a7672c62a4d15ee0950f47c28f1bb9b2c1f38d9f7bca50
67311e03f7050739af9e1ca1af6a3748c24b281a8c0fab55487eac50e621202b
6816ba59d3757e525880fbf568b3faf808ffc743411d46ebfb33a543247ad628
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
69bba50b17d75423288fd69eb23a6bf3a4ad2b63e762f64bd01c973228204e28
6a71c1b9c1b84a8603ced9fcc3a73fc59521065a35fe045a03c3fcd6f6c01977
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b5116bd2cb4809c6634b99a9b1ea0a0aeda596a94817682a0e4811e35eccc58
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e72cd55c905f3b710316c822d2dcfc305b17460b58d73639294b9b5867ec7d5
6f28f5c6a226dcd2c3b80fca12f7ef0b43a0385bd27cb69c698c8443f050d66d
6f47116b10e3e156f70ab31279c1fa298e34f89ff75af6eea89c2dc092362fa2
70d5e6c1d9df9766872d0d029b0c9620358f2412a08a7f9d37a1f7f24f43a2f2
73b2fdcf25aa909c7b0f072cf791066350ab834ca1d0d01ef096bb5583318213
7866661e9747c63d27963b389bd0bbc19c29dc5255cf7393b727368927e9b06c
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
79c2f8e000136ab8664c9c2f22cbc8aafbee419a1eac3fec7ec32822c925cf7e
7a2adf4c1187ff44afb6596a750c078a97b07717364daade11a8c337771832e0
7a6bcd4b92a238ece494d91ba838734ac5768625dcdbda4e8f994b3a54af2471
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b354a0e73e811d7d49e6a34cff8a1ca999296498a411ace5efad1c5fc7f58bf
7e2153f09a9755105eb03cfa9aafc634350bf12c398f155229a75ba3c98d494f
7e6c39ab37a92035619ffbf66dd293f6d6980fc1bebdaeb9a0b922775abc32eb
7f469710a1d4430efecead2c7febcd6e8d3b8d070c60c0d9f638bdaefe137358
83059e4c1a5c210e5585d96779fe655170817193d43e247c78dffaae7b7ba3a9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8667a50fdab17dd946e43e37c6fd1623583b9440bdca887e44cc726e48feedaf
884ec4af3e42aa326e687947185fce05ecdbd42e4a4481de91495ab423a5259c
88bd92a6561a1c265ddd5add029ede12c5acbe96ff6c2d7f0b24c983758466b7
8995f47239c95ab3743c9585df9c4e7b8187eb6378c280805c021af2b850ea9f
8b3464b4637eafb04b7b4ed743f6462e7ba2c0c63c18fb9e7a89d121255545df
8c0364839511190adcbff9a36a5e132148ceb13b68cbf9e15754731d674343d1
8e87f2df7792f0f76c391e34fb95c32c45c1eebc228f7eadfe6e7191997d4d18
8f2a9312b046892c9e47d99889c535dc59d95f94b3b40653c5d8204fa20dfa8f
92af5c3016059719e31e89d97c6c9a63cbeaa5e938ce63e2c16dc7e8bc6d54fe
959cebca7f138c790398730f074d9f08786d0537389390ca18d67b7988d13ac3
971c32a32a129e8bc0d7eed9d55e997308e4fb48d3af5c89f38f9af6ff1907f5
9796bc60fc921b490963396feaf198b84c0791bfdf574b230f75e451fb6368ad
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
99ae31397cc4d7d17099739f75a952c286250fb6cef2b1481a04480d36c64271
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9cc56655684dd02ce927521ac8435d2b35c0482a7153a2fadac60b4a91cd8f7d
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
9f6593da5f5c0c28ddb6413992e1f3dcbbce263b0790eae02daf1ae8df812bac
9f708c31ba347c4b2bd756b4d2fd4d371f250182b241c0306268d3a0ec340b6f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a496ca0aa2b9981aef70474b2219472dcf25db655779c48e3ab018e268857558
a5f8dcddbce06b4db5870951026ef227ad3e09c20b74c61ddedc0f832eeedab4
a7a48fa6cb504cd6b3a100bc030c08d4d9fdebe02e34dac731ef26ac61e92714
aa40111e30b48fba40d8a719f9102bcf3bab3faedce696673fd4e13998e16e0a
aba30c4a7bbf09cdd029e920b0c2e78f1ab14cb99c78443c1a684c0270b15212
abbae81672e1194c03d550d37b6e2d89947a0a1c7fde7b5e39d2ce59164e9e23
ae225d09cc8eebd4d91d2d8cd703b217bc6d03f3e10fbe4d3cec45677bc063c9
b091fb04aeb43da4cec3392a4de451d0f6b97a91235e0dc68560bc271c2b83c8
b10604af435fcda6674878212b06d1b8d557aee0f5c877dc5befab22ebf71c9a
b12dcafa099963cebe0c7c8356a45e78886befccfa6a4c1645bbc0d3766ac9e3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b358915252ba0e190c01550a54e89bb37c29925c45f71d0244bfed51c188a49c
b48bb25e1fe530912d872438ef532de73c7fddad96fadc6affb18fdbd097c1d6
b75e911d7fd9214baff612c87755ecc4e7ed97f823dcf2a9a9f242f905fd6c79
b8166c5475df6a64ab2456e95f64564164ed697d258e8bfed8cebca40efd6fa5
b900014a85bda70cde617cdaae7a8a91727943c760cfc92b40760c29cef14312
b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcce3372b7f8e6f3f73291a90fe22268c87fb0ba4c149f89e1463e8b7675ce42
c0fb395a717c723d1b8f3e3b03be323ba0dfa434db3c5828e760058037e0dd95
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c26c8fee132cba88ff48de65daefb51c9972fab6d3d13136d54634033d0e9bac
c3f65f4d7577e2ad237ee54890e160ae586b30c282f659216d5ca4585ff825dc
c42b88e1c62f40544d064489d9ec2ff8a1b3053bd12cb579a41ba6bfdcc2fb5c
c69204d2580a695c4b1572f4127f93c8cbb2fbf75c19fac0d4ac58f2f545f12e
c9a4cb0cca43a12294c833b2d4953bc0ac830fef9d1c503bd8943846a7431bbe
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cbbf83c45cce424c26bb4d929e053d264b713b70b8dcee428343b64e06a22056
cc65806adf6c251323693c9b7adb6b97e19879aa2f5428f2f05c0f08fca18404
cca1717f080b29c4fdf49aaa58be8b1dea0182de5f7c2e1ac0b0dd296922fb83
cdaa4c91b5bc3dd4ce8e1345b453844dd414602022a182ce2853d87bd4b9a9d3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2d5b4ad97c4e3931210f9cb298663e8cdd2ba788b89d78292166b6341dcca51
d2d92ee9c3d13c54f11e88045a5f5ed45550cee1ce7c1b653a9da645d65400fb
d31b51d4ac3d588bbcc4a10aed1abafcf50fb626b656fa5309fedaed567645cb
d428752937c011563195cd8738502cfbefb1f52d1ace608bf297eabda0e64e5c
d5ea45f8ad8b8df8cdebe87f18cfce232468b3e6a028880773a8d09e13789ac8
d6fa6a7c8f92bfe1fe10d8700f08cfcca04d16558cc130fdf78643b66986a998
d93bc89f182c0e2b417835d5a60dc42fe31a0deac50aceb185fe5cb0243495b7
dba8bca52aa39a7625f4d95945248c572f6d15999b2f539effcafd17a3c61528
dbb704a8945a470dc81e7f862275a814d1c09558fac40f91af5a3fdecf2fb182
dc50c28f1db50dbce579d4738a0e55001a5f954df3307ca5d502f42202d1d05c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
dfbd42ebc962e0689ff68829d89849ec773ce8dd88ba545355753384cca4ca58
dffbec59d2319c3236a3edfe56f55f12ada2d9023eed6f204fc7f83b32c0cb40
e18b9694e50520d13ba30b0825d6d47dd3eff828d49e4f9485e484ca502f188d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e657f7cbb9079a832a9376c1c8d207f573e432cf5be12a3d25edbac232ec9115
e6d55c5c0c5bcddaa5166e1d40a964d14eba04df59a4f57d2a26382f235986b1
e779c3a7445c68e4334fbf89302ecb07ef48ba033e02ac0485ad8ca410be6d04
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
e92a53ce94858393660decb26aa46fd5884ac7d407bd03081b624602e04dd0c9
e93f08ba83c1527dbae68dd1033bdc1f1a8a8e6a0e4979a4a1c41be634106f64
ec335d354b53a8fd44ef06fddfb6663dea667f2da5631d8526df515db8d9d3e2
ece12969077149fd83c9186fa83d01eb49db5978a7d978b9de18db35a1171909
ee1c88cace5f9a6b7dc7de99a5bbce40d876163d3f06d9c0aa69f8d8e0f1b67b
ef101c7141faba6cb722927ca4ec51fde7482befad59c13b9ecee64eba139060
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f085b0387d391f11026a10c6ea821ebbe9e2b7f7e065a4368ef5ff6589a79737
f2ba197eefdf3e395c59767820118e11190c70b206b99ac654f0155008cc62af
f30381d45f347ae210ebd73a518a8747d5d5a0cb1e0d855b7bca3e2459853dca
f5716bdd72281749566ea5f0b5961c0c3b9c9d7ac0ba04cf45e064f0cd8bada0
f5d7e440936d0aa4088a8bacc16206224b58b6fa1882dc54c3f953450fc75563
f6eb858ead7f15dcd18541c5433714e0c0966d81b8d009a2d49e5a181e548fbb
f779a4170605053c3e4592a74b0b5a6d6db4b453c7ce848c50a33ab671d76349
f8aa916be8ee9babafc0055de42bd64e344202fe3223d463d0cc35e1637f1ea1
f97ab3d97b58d92065b53294cd5fc2afd4215498de07727f585321cf01a0d6bc
fa4e513c27f4151020197f0db5b34832616ea4bdf49fb11573678c0616d9c94f
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da
fac441fc28156645fa152344532bfd8005e06c134980dd4112fbd0eaf4d7662f
fb5bb791c0aa0ded45801e3762ee1507cee4076d3ac4f3b155e3d25d68c15422
fb82eb390a781039b7a17650eaf12f0d043c5df1a46e260977c0e5bb9c030b22
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
fe9c1f23cc3e0d87a3ed0094d41727945ab61b28651e45441f0f98f9ac309153
ff0a79ec21356d69477f2e854838c684d1a18f82c8c384dc8530efd60392f18b
ff4961dda4383b1a3727e5aa981024c40cb07005f89e3264a3ab423eb356380f
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ffe894f0b96b4663c3e50d90cc93d2a99e2d2fb8e1aa87be6a9fd8a6be9dfad4
fffd742919bedf3c6281c0f6b22c79d1d9c618255adedcda280cc1fdaf6b45c0

www.gesa.com Open in urlscan Pro 141.193.213.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

340 Requests

91 %HTTPS

21 %IPv6

75 Domains

89 Subdomains

60 IPs

7 Countries

10683 kBTransfer

15108 kBSize

128 Cookies

8 Outgoing links

Page URL History

Redirected requests

340 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gesa.com Open in urlscan Pro
141.193.213.21 Public Scan

Screenshot
Live screenshot

Full Image

340
Requests

91 %
HTTPS

21 %
IPv6

75
Domains

89
Subdomains

60
IPs

7
Countries

10683 kB
Transfer

15108 kB
Size

128
Cookies

340 HTTP transactions
17 data transactions