we-ha.com Open in urlscan Pro
2606:4700:3035::ac43:9f49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.we-ha.com/
Effective URL:
https://we-ha.com/
Submission: On March 21 via api (March 21st 2021, 3:36:52 am UTC) from US

Summary HTTP 427 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 73 IPs in 9 countries across 44 domains to perform 427 HTTP transactions. The main IP is 2606:4700:3035::ac43:9f49, located in United States and belongs to CLOUDFLARENET, US. The main domain is we-ha.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 28th 2020. Valid for: a year.

This is the only time we-ha.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 118	2606:4700:303... 2606:4700:3035::ac43:9f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.226.158.204 13.226.158.204	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e4:... 2606:4700:e4::ac40:a708	13335 (CLOUDFLAR...) (CLOUDFLARENET)
52	2606:4700:20:... 2606:4700:20::681a:9c6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 2	18.157.138.23 18.157.138.23	16509 (AMAZON-02) (AMAZON-02)
1	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:218... 2600:9000:2182:5400:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
11	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
4	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
6	18.156.95.187 18.156.95.187	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	143.204.209.103 143.204.209.103	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
11	23.21.72.59 23.21.72.59	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	198.148.27.133 198.148.27.133	19189 (PULSEPOINT) (PULSEPOINT)
1	213.19.162.41 213.19.162.41	3356 (LEVEL3) (LEVEL3)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2600:9000:218... 2600:9000:2182:c200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2600:9000:215... 2600:9000:2156:e00:1b:11ff:f600:21	16509 (AMAZON-02) (AMAZON-02)
1 2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
12	37.157.6.251 37.157.6.251	198622 (ADFORM) (ADFORM)
1 6	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
9	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
1	85.91.45.191 85.91.45.191	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4	2606:2800:233... 2606:2800:233:8173:898f:63b3:95c3:79d2	15133 (EDGECAST) (EDGECAST)
26	2600:1480:300... 2600:1480:3000:e5::	33905 (AKAMAI-AMS) (AKAMAI-AMS)
2	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:400... 2a04:4e42:400::442	54113 (FASTLY) (FASTLY)
6	104.108.50.124 104.108.50.124	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.12.217 151.101.12.217	54113 (FASTLY) (FASTLY)
23	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 7	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1 1	185.29.135.190 185.29.135.190	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
2 2	52.48.167.250 52.48.167.250	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.11.163 172.217.11.163	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:6c::a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:295::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:801::2016	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.89.20.87 51.89.20.87	16276 (OVH) (OVH)
1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
427	73

118 2606:4700:3035::ac43:9f49 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.we-ha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
we-ha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-0.we-ha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.158.204 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-158-204.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e4::ac40:a708 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2606:4700:20::681a:9c6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.broadstreetads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.138.23 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-138-23.eu-central-1.compute.amazonaws.com

tags.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:5400:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.156.95.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com

g.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.209.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-103.fra53.r.cloudfront.net

dashboard.presspatron.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.21.72.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-72-59.compute-1.amazonaws.com

ad.broadstreetads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.133 (New York, United States)

ASN19189 (PULSEPOINT, US)

bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.41 (United Kingdom)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:c200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:e00:1b:11ff:f600:21 (United States)

ASN16509 (AMAZON-02, US)

d867x8xq12ag.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.157.6.251 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.91.45.191 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a3377.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2600:1480:3000:e5:: (United States)

ASN33905 (AKAMAI-AMS, NL)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::442 (United States)

ASN54113 (FASTLY, US)

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.108.50.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-50-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.190 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.167.250 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.11.163 (United States)

ASN15169 (GOOGLE, US)
PTR: lax28s15-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:6c::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5ednsz.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:295::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.20.87 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p19.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
118	we-ha.com 1 redirects www.we-ha.com we-ha.com cdn-0.we-ha.com	2 MB
63	broadstreetads.com cdn.broadstreetads.com ad.broadstreetads.com	5 MB
33	twimg.com cdn.syndication.twimg.com abs.twimg.com pbs.twimg.com ton.twimg.com	573 KB
27	youtube.com www.youtube.com	4 MB
27	googlesyndication.com 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	198 KB
21	adform.net track.adform.net s1.adform.net	320 KB
21	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net static.doubleclick.net	184 KB
14	rubiconproject.com 3 redirects fastlane.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	38 KB
13	google.com 1 redirects adservice.google.com maps.google.com translate.google.com www.google.com	151 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	89 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	214 KB
8	googlevideo.com r5---sn-4g5ednsz.googlevideo.com	3 MB
8	ezoic.net go.ezoic.net g.ezoic.net	3 KB
7	googleapis.com translate.googleapis.com fonts.googleapis.com maps.googleapis.com	97 KB
6	criteo.com 1 redirects gum.criteo.com mug.criteo.com bidder.criteo.com	2 KB
5	googletagservices.com www.googletagservices.com	170 KB
4	typekit.net use.typekit.net p.typekit.net	49 KB
4	quantserve.com secure.quantserve.com pixel.quantserve.com	18 KB
3	cloudfront.net d867x8xq12ag.cloudfront.net	83 KB
3	google-analytics.com www.google-analytics.com	38 KB
3	amazon-adsystem.com c.amazon-adsystem.com	35 KB
2	criteo.net static.criteo.net	51 KB
2	ytimg.com i.ytimg.com	4 KB
2	ggpht.com yt3.ggpht.com	7 KB
2	adsrvr.org 2 redirects match.adsrvr.org	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	900 B
2	plyr.io cdn.plyr.io	15 KB
2	quantcount.com rules.quantcount.com	703 B
2	contextweb.com bid.contextweb.com bh.contextweb.com	999 B
2	lijit.com ap.lijit.com	757 B
2	presspatron.com dashboard.presspatron.com	15 KB
2	facebook.net connect.facebook.net	63 KB
2	w55c.net 1 redirects tags.w55c.net	1 KB
1	id5-sync.com id5-sync.com	921 B
1	mathtag.com 1 redirects sync.mathtag.com	791 B
1	yahoo.com ads.yahoo.com	446 B
1	rlcdn.com id.rlcdn.com	66 B
1	vimeo.com player.vimeo.com	7 KB
1	cloudflare.com cdnjs.cloudflare.com	22 KB
1	casalemedia.com a3377.casalemedia.com	286 B
1	google.pl adservice.google.pl	799 B
1	googletagmanager.com www.googletagmanager.com	38 KB
1	simpli.fi tag.simpli.fi	789 B
1	ezodn.com go.ezodn.com	66 KB
427	44

	Domain	Requested by
71	cdn-0.we-ha.com	we-ha.com cdn-0.we-ha.com
52	cdn.broadstreetads.com	we-ha.com
46	we-ha.com	we-ha.com
27	www.youtube.com	cdn.plyr.io we-ha.com www.youtube.com
26	pbs.twimg.com	we-ha.com
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net we-ha.com 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com tpc.googlesyndication.com
12	track.adform.net	3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com s1.adform.net
11	ad.broadstreetads.com	cdn.broadstreetads.com
11	securepubads.g.doubleclick.net	we-ha.com securepubads.g.doubleclick.net 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
9	s1.adform.net	track.adform.net s1.adform.net 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
8	r5---sn-4g5ednsz.googlevideo.com	www.youtube.com
7	www.google.com	1 redirects 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com www.youtube.com
7	platform.twitter.com	we-ha.com platform.twitter.com
6	eus.rubiconproject.com	3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com eus.rubiconproject.com go.ezodn.com
6	g.ezoic.net	we-ha.com
5	www.googletagservices.com	securepubads.g.doubleclick.net 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
5	3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	pixel.rubiconproject.com	we-ha.com
4	abs.twimg.com	we-ha.com platform.twitter.com
4	googleads.g.doubleclick.net	3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com www.youtube.com
4	www.gstatic.com	we-ha.com translate.googleapis.com www.youtube.com
4	translate.googleapis.com	translate.google.com translate.googleapis.com srcdoc
4	fonts.gstatic.com	cdn-0.we-ha.com www.youtube.com
3	cm.g.doubleclick.net	1 redirects we-ha.com
3	token.rubiconproject.com	3 redirects
3	use.typekit.net	we-ha.com use.typekit.net
3	d867x8xq12ag.cloudfront.net	dashboard.presspatron.com
3	gum.criteo.com	1 redirects static.criteo.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com d867x8xq12ag.cloudfront.net
3	maps.google.com	we-ha.com maps.google.com
3	c.amazon-adsystem.com	we-ha.com c.amazon-adsystem.com
2	static.criteo.net	go.ezodn.com static.criteo.net
2	i.ytimg.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	match.adsrvr.org	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	cdn.plyr.io	we-ha.com cdn.plyr.io
2	ton.twimg.com	platform.twitter.com
2	fonts.googleapis.com	d867x8xq12ag.cloudfront.net
2	syndication.twitter.com	1 redirects platform.twitter.com
2	pixel.quantserve.com	we-ha.com
2	rules.quantcount.com	secure.quantserve.com
2	ap.lijit.com	go.ezodn.com
2	mug.criteo.com	we-ha.com
2	dashboard.presspatron.com	we-ha.com dashboard.presspatron.com
2	connect.facebook.net	we-ha.com connect.facebook.net
2	secure.quantserve.com	we-ha.com go.ezoic.net
2	go.ezoic.net	we-ha.com
2	tags.w55c.net	1 redirects we-ha.com
2	adservice.google.com	we-ha.com securepubads.g.doubleclick.net
1	maps.googleapis.com	maps.google.com
1	bh.contextweb.com	go.ezodn.com
1	id5-sync.com	go.ezodn.com
1	p.typekit.net	use.typekit.net
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	ads.yahoo.com	we-ha.com
1	id.rlcdn.com	we-ha.com
1	player.vimeo.com	we-ha.com
1	cdnjs.cloudflare.com	we-ha.com
1	a3377.casalemedia.com	3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	adservice.google.pl	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	bidder.criteo.com	go.ezodn.com
1	fastlane.rubiconproject.com	go.ezodn.com
1	bid.contextweb.com	go.ezodn.com
1	translate.google.com	we-ha.com
1	www.googletagmanager.com	we-ha.com
1	tag.simpli.fi	we-ha.com
1	go.ezodn.com	we-ha.com
1	www.we-ha.com	1 redirects
427	74

This site contains links to these domains. Also see Links.

Domain
silktide.com
www.facebook.com
twitter.com
www.instagram.com
hjff2021.eventive.org
ad.broadstreetads.com
kaoud.com
www.connecticutchildrens.org
campko.com
wehacal.com
we-ha.us8.list-manage.com
calvaryhartford.com
www.geico.com
asafersurface.com
ctpts.com
duncaster.org
www.mandelljcc.org
lmpaving.com
www.lbgreen.com
www.ezoic.com
www.raveis.com
www.dancebtc.org
www.thefrenchcleaner.com
www.ogsmiles.com
www.keatingagency.com
effiesplace.net
www.roywebdesign.net
translate.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-28` - `2021-07-28`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
broadstreetads.com Cloudflare Inc ECC CA-3	`2020-07-02` - `2021-07-02`	a year	crt.sh
*.w55c.net Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.ezoic.net Amazon	`2021-02-15` - `2022-03-16`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
ezoic.net R3	`2021-01-23` - `2021-04-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
dashboard.presspatron.com Amazon	`2021-03-18` - `2022-04-16`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.broadstreetads.com Amazon	`2020-11-26` - `2021-12-25`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.pl GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2021-01-13` - `2022-02-14`	a year	crt.sh
pbs.twimg.com DigiCert SHA2 High Assurance Server CA	`2020-08-05` - `2021-08-10`	a year	crt.sh
v.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-08` - `2021-04-25`	2 months	crt.sh
vimeo.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-08-07` - `2021-04-24`	9 months	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-02-28` - `2021-04-13`	a month	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-03-11` - `2021-05-20`	2 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.id5-sync.com R3	`2020-12-26` - `2021-03-26`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://we-ha.com/
Frame ID: C345EF5C31B2F011C9783BCE613F69AF
Requests: 253 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fwe-ha.com
Frame ID: C6A90BCF7275378F9E05439652053C24
Requests: 2 HTTP requests in this frame

Frame: https://dashboard.presspatron.com/websites/154?origin=https%3A%2F%2Fwe-ha.com
Frame ID: 7EB058626B0A338DBEF1637C5DD79C42
Requests: 7 HTTP requests in this frame

Frame: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8F5C30DEF260A1E7F28A6AFE23503C06
Requests: 9 HTTP requests in this frame

Frame: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 00BC97018BD6B28CA33B5B7E76C4FAEC
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16913016488758466345/970x250/970x250.html
Frame ID: DAC95D75B2CDD34E5FC20749A36FA2C9
Requests: 6 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 63E5DB80B28C6BB5575DF11CC210CAF3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: AEA4643593AF74CFEF5D5C5F7827F533
Requests: 2 HTTP requests in this frame

Frame: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FEC3905EFBD4A53230D59A4A5F213DC2
Requests: 15 HTTP requests in this frame

Frame: https://a3377.casalemedia.com/ifnotify?consent=1&c=15DB6CD&r=4CA7C7BB&t=6056BF39&u=X1laZG9OWG5CWmY5b0JpR0JIS1VkSWg1&m=3138bd82af29bf88461e5ec82c0a200e&wp=3&aid=e69bb58200581cad9b958c82ba44907d&tid=145B6&s=486DA&cp=0.03&n=we-ha.com&pr=xx&epr=YFa_OQAEIZwKixEiCAFY9g
Frame ID: C9A81A56535384249F2EEBBAC8044B4D
Requests: 1 HTTP requests in this frame

Frame: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 86C4E1755FDBA6AE29FA3AABD2F5B26A
Requests: 17 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/2b07.png
Frame ID: B7C5D60E79B24EDB1949A4D644559ABD
Requests: 38 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&geo=eu&co=pl
Frame ID: B6B2400E60E83CEF78B64FCFED01563B
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&geo=eu&co=pl
Frame ID: 2A6C81B49DAF961945BAE3BE3F644C25
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: FA2F3AA4CBF8F3377C025D64EDC13742
Requests: 1 HTTP requests in this frame

Frame: https://use.typekit.net/bbl0ljo.css
Frame ID: 12848B4A6616D70CABC6F2ACD52DD476
Requests: 10 HTTP requests in this frame

Frame: https://www.youtube.com/embed/YFUizrdQIaA?autoplay=1&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fwe-ha.com&enablejsapi=1&widgetid=1
Frame ID: A80AB4857927134FF194A1EAE469BB11
Requests: 28 HTTP requests in this frame

Frame: https://www.youtube.com/embed/DIks3QUjdpU?rel=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fwe-ha.com&widgetid=1
Frame ID: 0F2DA21DB43880AB7A522D3D58D191FE
Requests: 17 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=we-ha.com
Frame ID: 322D225A8FBA5945B0099FD4E0015DB4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 85D970A5F67D39C53CFA9C6D00AF4987
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2CB8F3B1E3D011BA63249CE792F745D8
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=8711458
Frame ID: 682D58554DD7F0599AF6C01262ABAE65
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: CC9B2418BC28CB8BC788A905DC897A8B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.we-ha.com/ HTTP 301
https://we-ha.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

427
Requests

100 %
HTTPS

64 %
IPv6

44
Domains

74
Subdomains

73
IPs

9
Countries

16354 kB
Transfer

22199 kB
Size

36
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: https://www.facebook.com/wehartford
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/WeHartford
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/westhartfordite/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://hjff2021.eventive.org/welcome
Title: document.querySelector('a#bhkaq42pg4g000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/335938/c266783/z63769?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: https://ad.broadstreetads.com/avada-kedavra
Title: This is placeholder text

Search URL Search Domain Scan URL

URL: https://kaoud.com/pages/rug-cleaning-we-ha
Title: document.querySelector('a#bjcax4ttqc0000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/280749/c259692/z63769?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: https://www.connecticutchildrens.org/urgent-care/pediatric-urgent-care/?utm_source=West%20Hartford%20Press&utm_medium=Display&utm_content=Belly%20Ache%20SMS%20NL&utm_term=Leaderboard%20ROS&utm_campaign=FY21%20-%20Svc%20Line%20-%20URGENTCARE%20-%20Farmington
Title: document.querySelector('a#bmjv1j4xj5s000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/336815/c267426/z63769?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: http://campko.com/?utm_source=we-ha.com&utm_medium=local-display&utm_campaign=2021-camp-signup&utm_term=display&utm_content=20210317
Title: document.querySelector('a#bpxze6sedlc000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/332563/c264225/z63769?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: https://www.connecticutchildrens.org/urgent-care/pediatric-urgent-care/?utm_source=West%20Hartford%20Press&utm_medium=Display&utm_content=Swimmer%20SMS%20NL&utm_term=Leaderboard%20ROS&utm_campaign=FY21%20-%20Svc%20Line%20-%20URGENTCARE%20-%20Farmington
Title: document.querySelector('a#b5smpkeroww000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/336822/c267430/z63769?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: https://wehacal.com/
Title: Calendar

Search URL Search Domain Scan URL

URL: https://we-ha.us8.list-manage.com/subscribe?u=d7224188c7212f8d727ff0656&id=b71fd3b553
Title: Subscribe to E-Newsletter

Search URL Search Domain Scan URL

URL: https://calvaryhartford.com/
Title: document.querySelector('a#bel95l43smo000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/340484/c270300/z63768?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: https://www.geico.com/insurance-agents/connecticut/hartford/david-johnson/
Title: document.querySelector('a#bgx2splswxc000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/303234/c240525/z64513?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: https://ad.broadstreetads.com/click/293936/c233425/z64513
Title: PlayPlayPauseSeek0% buffered00:00Current time00:00Toggle MuteVolumeToggle CaptionsToggle Fullscreen MDC Learn More about the MDC

Search URL Search Domain Scan URL

URL: https://asafersurface.com/
Title: document.querySelector('a#bkozb3ti8wg000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/335207/c266258/z64513?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: https://ctpts.com/
Title: document.querySelector('a#bcjgcaygbqo000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/341216/c270767/z64513?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: https://duncaster.org/
Title: document.querySelector('a#brz1v48rqww000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/338004/c268326/z64513?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: https://www.mandelljcc.org/index.php?src=gendocs&ref=Virtual%20Book%20Festival%20Home&category=Book%20Festival
Title: document.querySelector('a#bqy49o0w8ow000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/339921/c269847/z65379?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: https://www.mandelljcc.org/index.php?submenu=Summer2021&src=gendocs&ref=SummerLandingPage&category=SummerPrograms
Title: document.querySelector('a#b9htaof1lb4000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/335933/c266778/z65379?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: https://www.mandelljcc.org/index.php?src=gendocs&ref=FALL%20Guide%202020%20Landing%20Page&category=Temporary
Title: document.querySelector('a#bh8u73wo5f4000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/335932/c266777/z65379?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: https://www.mandelljcc.org/index.php?src=events&srctype=detail&refno=2746&category=Virtual
Title: document.querySelector('a#btvkmlq83ls000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/339920/c269844/z65379?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: http://lmpaving.com/
Title: document.querySelector('a#bzsns1yfg80000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/280427/c268820/z65379?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: https://www.lbgreen.com/
Title: document.querySelector('a#bt3hdvl0kyo000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/341212/c270766/z64514?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

URL: http://www.raveis.com/robingebrian
Title: document.querySelector('a#b6tejmtvucw000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/152370/c259050/z64515?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: https://www.dancebtc.org/up-close
Title: document.querySelector('a#bx779vso60g000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/343967/c272446/z64515?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: https://www.thefrenchcleaner.com/
Title: document.querySelector('a#bd22lyft9eo000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/263894/c210546/z64515?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: https://www.ogsmiles.com/
Title: document.querySelector('a#b3mdz0l3t68000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/219099/c174746/z64515?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: https://www.keatingagency.com/blog/money-saving-tips-for-car-insurance/
Title: document.querySelector('a#b9no1pwo8fk000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/306563/c259049/z64515?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: https://effiesplace.net/
Title: document.querySelector('a#bq33dhuloj4000000').addEventListener('click', function () { var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP'); xmlhttp.open('GET', '//ad.broadstreetads.com/click/341221/c270771/z64515?', true); xmlhttp.send(); })

Search URL Search Domain Scan URL

URL: http://www.roywebdesign.net/
Title: Roy Web Design

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Translate

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.we-ha.com/ HTTP 301
https://we-ha.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://tags.w55c.net/rs?id=95ec4f120d3e4009b0f74b03d05f0519&t=marketing HTTP 302
https://tags.w55c.net/rs?scc=1&id=95ec4f120d3e4009b0f74b03d05f0519&t=marketing

Request Chain 55

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwe-ha.com%2F&domain=we-ha.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=b2w5EnxJLzh4ckp5WFFnRFFsZzd5QW1GaklMaDNDdkNPSWM3VlFiY2ZJV3NXU0JNWEpTTlN0aFVzeEI5eUVMbnpxSWcvVTBXL0FZaWZVQ1BwdU9wc20zbExTK2Y0bFRHY3JOcTh0T0Rqb2JpVXZQeVptM0V5TkhNRWxBNDMyWjg4V3Z1Z3RTMXVFSDEyZXlXM240Und1QVQ5bFB4NlpUbUsyWlR3Vk84RS8rVFRxRU9keUhlSjc1RUMzQWFvUkNwTGJBMTZZZFdCcXpKTnV2NG1RWUNJVHU1eGlnPT18&cppv=2

Request Chain 209

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 294

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 308

https://token.rubiconproject.com/token?pid=25470&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01JTFlXQ04tMUktNUdBMw==&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA

Request Chain 310

https://token.rubiconproject.com/token?pid=26594&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&gdpr=1 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMILYWCN-1I-5GA3&sigv=1&esig=2~9e10006f8e867e877d7a0f6cb99bb63caa30e15c&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA

Request Chain 311

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTQ0NWI3MzQ5OTkzMTQ3MmNmMDg4MmFhMGQ3NWY2NDQzY2RmMGYyYg&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA

Request Chain 312

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&gdpr=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d4e66056-bf3a-4000-adc5-9957e759e8eb&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA

Request Chain 313

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&gdpr=1&_test=YFa-OgAAAH46XSzr HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFa-OgAAAH46XSzr&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&gdpr=1&_test=YFa-OgAAAH46XSzr

Request Chain 314

https://match.adsrvr.org/track/cmf/rubicon?gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmb/rubicon?gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&gdpr=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3ce2255f-b8b5-4cf8-bf0b-9af66e8b05a5&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&expires=30

Request Chain 315

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&gdpr=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&gdpr=1&put=CAESEBLm3_OXAQHEvzMAp09aTNY&google_cver=1

427 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
we-ha.com/
Redirect Chain

https://www.we-ha.com/
https://we-ha.com/

192 KB
31 KB

2364ms
2356ms

Document
text/html

2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c4375d0f2bd647317df984d3a7695761091bdad36e0c810d5256c3b6bdbeb26

Request headers

:method: GET
:authority: we-ha.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dc0f3555843f42e0b96d2c5aa585c01291616297780; ezopvc_64734=1; ezepvv=0; ezovid_64734=761730053; lp_64734=https://www.we-ha.com/; ezovuuidtime_64734=1616297781; ezovuuid_64734=55b67536-418c-4bbf-611d-a5f2b375af81; ezCMPCCS=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:23 GMT
content-type: text/html; charset=UTF-8
age: Sun, 21 Mar 2021 03:36:21 GMT
cache-control: max-age=0, must-revalidate, no-cache, no-store
display: pub_site_sol
expires: Sat, 20 Mar 2021 03:36:23 GMT
link: <https://we-ha.com/wp-json/>; rel="https://api.w.org/", <https://we-ha.com/wp-json/wp/v2/pages/44582>; rel="alternate"; type="application/json", <https://we-ha.com/>; rel=shortlink
pagespeed: off
response: 200
set-cookie: ezoadgid_64734=-1; Path=/; Domain=we-ha.com; Expires=Sun, 21 Mar 2021 04:06:21 UTC ezoref_64734=; Path=/; Domain=we-ha.com; Expires=Sun, 21 Mar 2021 05:36:21 UTC ezoab_64734=mod91-c; Path=/; Domain=we-ha.com; Expires=Sun, 21 Mar 2021 05:36:21 UTC active_template::64734=pub_site.1616297781; Path=/; Domain=we-ha.com; Expires=Tue, 23 Mar 2021 03:36:21 UTC ezopvc_64734=2; Path=/; Domain=we-ha.com; Expires=Sun, 21 Mar 2021 04:06:23 UTC ezepvv=1; Path=/; Domain=we-ha.com; Expires=Mon, 22 Mar 2021 03:36:23 UTC ezovid_64734=761730053; Path=/; Domain=we-ha.com; Expires=Sun, 21 Mar 2021 04:06:23 UTC lp_64734=https://www.we-ha.com/; Path=/; Domain=we-ha.com; Expires=Sun, 21 Mar 2021 04:06:23 UTC ezovuuidtime_64734=1616297783; Path=/; Domain=we-ha.com; Expires=Tue, 23 Mar 2021 03:36:23 UTC ezovuuid_64734=55b67536-418c-4bbf-611d-a5f2b375af81; Path=/; Domain=we-ha.com; Expires=Sun, 21 Mar 2021 04:06:23 UTC ezCMPCCS=true; Path=/; Domain=we-ha.com; Expires=Mon, 21 Mar 2022 03:36:23 GMT
vary: Accept-Encoding Accept-Encoding,User-Agent
x-hosted-by: DreamPress
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-pingback: https://we-ha.com/xmlrpc.php
x-sol: pub_site
x-varnish: MISS
cf-cache-status: DYNAMIC
cf-request-id: 08f473ffaf00004dd09c2e2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R6d4LvtkxWpKpgU7jveQVodzOHhjolAJfIY0Vum%2B1mkhQ7dNC8eswucUFLjQNnOxdqWLhrJk2Go4HpmDE6BnWd1mMOFflH3jMdHkXpsuqmL98pNfRos%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 633422ac4c0b4dd0-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sun, 21 Mar 2021 03:36:21 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dc0f3555843f42e0b96d2c5aa585c01291616297780; expires=Tue, 20-Apr-21 03:36:20 GMT; path=/; domain=.we-ha.com; HttpOnly; SameSite=Lax ezopvc_64734=1; Path=/; Domain=we-ha.com; Expires=Sun, 21 Mar 2021 04:06:21 UTC ezepvv=0; Path=/; Domain=we-ha.com; Expires=Mon, 22 Mar 2021 03:36:21 UTC ezovid_64734=761730053; Path=/; Domain=we-ha.com; Expires=Sun, 21 Mar 2021 04:06:21 UTC lp_64734=https://www.we-ha.com/; Path=/; Domain=we-ha.com; Expires=Sun, 21 Mar 2021 04:06:21 UTC ezovuuidtime_64734=1616297781; Path=/; Domain=we-ha.com; Expires=Tue, 23 Mar 2021 03:36:21 UTC ezovuuid_64734=55b67536-418c-4bbf-611d-a5f2b375af81; Path=/; Domain=we-ha.com; Expires=Sun, 21 Mar 2021 04:06:21 UTC ezCMPCCS=true; Path=/; Domain=we-ha.com; Expires=Mon, 21 Mar 2022 03:36:21 GMT
age: Sun, 21 Mar 2021 03:36:20 GMT
cache-control: max-age=0, must-revalidate, no-cache, no-store
display: staticcontent_sol
expires: Sat, 20 Mar 2021 03:36:21 GMT
location: https://we-ha.com/
pagespeed: off
response: 301
vary: Accept-Encoding User-Agent,Origin,Accept-Encoding
x-hosted-by: DreamPress
x-middleton-display: staticcontent_sol
x-middleton-response: 301
x-pingback: https://we-ha.com/xmlrpc.php
x-redirect-by: WordPress
x-sol: pub_site
x-varnish: MISS
cf-cache-status: DYNAMIC
cf-request-id: 08f473fd3e00004dd098b5e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6siuPPj4BsPzRLrJBbaxTJy73C%2B%2BoPhorJx0hMLhKnZkelhbx4cCf3hQQR6Kbc9oDH8DBPBDn%2FiQt7zRL%2FpVawSkNF5M2pHC5lckHORhqeqg8wab7Bh%2B1W%2FI"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 633422a868474dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1614106261-76ae13f736075a22528df3771ea215500615d319.min.css
we-ha.com/wp-content/cache/fvm/min/we-ha.com/ 566 KB
92 KB 696ms
696ms Stylesheet
text/css 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/wp-content/cache/fvm/min/we-ha.com/1614106261-76ae13f736075a22528df3771ea215500615d319.min.css
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75d70fa8b40a5f817ab1561af2426298650667f3716ed71c9447f5726a41a6fe

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-sol: orig
age: Sun, 21 Mar 2021 03:00:18 GMT
cf-ray: 633422bb1a504dd0-FRA
x-middleton-display: staticcontent_sol, orig_site_sol
nel: {"max_age":604800,"report_to":"cf-nel"}
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f47408ec00004dd0a49a7000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"8d712-5bc05668dc308-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J%2FOybWQkmiZClu11dcgokiNdy%2B5HFGBP0MPccq6zh%2FL4pWlUNYH8ODvyvpjGwDsYpfjW13HUJTviHFGLIKAldsfn7XbcGwsuyDapdP4vsceLlb90SI4%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: text/css
display: staticcontent_sol, orig_site_sol
expires: Tue, 20 Apr 2021 03:36:23 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 119 KB
31 KB 248ms
118ms Script
application/javascript 13.226.158.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:26:25 GMT
content-encoding: gzip
server: Server
age: 597
etag: d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: qpGbqo5n5ftYm2ZsSSwwmAxZeGfbwfiX
x-amz-cf-id: E0v0ki51NxkN8VvEiUKbSIP1kJUhKG61Mzlio2y0SiBHIm2Uc-mSYA==

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=we-ha.com

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 03:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 225 KB
66 KB 54ms
24ms Script
application/javascript 2606:4700:e4::ac40:a708
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=criteo,pulsepoint,rubicon,sovrn&cb=194-4-11
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a708 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c4a2716ed876d8650586d61a701c6466cc01388e0f85519378c39deaf4af6f9

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 94399
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EtcfS1Ps0cXHknIxPCbtU746Y6o9XjOCGCEy93AlqJlc8vGL%2BK1TqEm6UvhiUVnNfn0k2HbgVknmNI%2FLZQURjhYxXKJlLxakuCmd0TwJmXlxVQlp6Sjsp8s%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 633422bfdfeb4db8-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740be500004db8a43c6000000001

GET
H2 200 1614106261-76ae13f736075a22528df3771ea215500615d319.min.css
cdn-0.we-ha.com/wp-content/cache/fvm/min/we-ha.com/ 566 KB
93 KB 677ms
667ms Stylesheet
text/css 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.we-ha.com/wp-content/cache/fvm/min/we-ha.com/1614106261-76ae13f736075a22528df3771ea215500615d319.min.css
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75d70fa8b40a5f817ab1561af2426298650667f3716ed71c9447f5726a41a6fe

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-sol: orig
age: Sun, 21 Mar 2021 03:00:18 GMT
cf-ray: 633422bb2a5e4dd0-FRA
x-middleton-display: staticcontent_sol, orig_site_sol
nel: {"max_age":604800,"report_to":"cf-nel"}
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f47408f700004dd0570e4000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"8d712-5bc05668dc308-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VZTmLz3Xch%2BvCMAHKSuTNx2D7McvRenUFHn0Zce7CwLt7st02%2BbtSATFDnNjIdI13fn4Kam8oKxWfksKiSrnbGanBw8%2BBWTvHmA5vl3zDyMnsEcPKHVhZxH2XAE%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: text/css
display: staticcontent_sol, orig_site_sol
expires: Tue, 20 Apr 2021 03:36:23 GMT

GET
H2 200 jquery.js Show response
cdn-0.we-ha.com/wp-includes/js/jquery/ 95 KB
33 KB 551ms
542ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.we-ha.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:18 GMT
cf-ray: 633422bb2a604dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f47408f700004dd09c33f000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"17a69-599642ee527b3-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nCXAV9rG3wSAXnzKnIe3bmCeybSAHzWvGMdD5d2HFO3M0htjxNVPAjSYeHKks9QbwczJHKw8BgZoW0x5eg6pIXi4IHfZXVDpwTZfhLen0dU6sBqKiCGeX2Ou9Go%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: application/javascript
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:23 GMT

GET
H2 200 init-2.min.js Show response
cdn.broadstreetads.com/ 11 KB
5 KB 36ms
12ms Script
application/javascript 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.broadstreetads.com/init-2.min.js?ver=5.5.3
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 495a8fb19c28d964ed92006926a359acc1a3d20fc7ff4da8e421ed6777270df2

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:23 GMT
via: 1.1 ea6b6651a564f3c1a19b54389d1f51e9.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1204309
x-cache: Hit from cloudfront
access-control-allow-methods: GET, HEAD
content-encoding: br
cf-request-id: 08f474090600004e8bd9061000000001
last-modified: Sun, 07 Mar 2021 04:38:06 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1615091885/ctime:1615091885/gid:20/gname:staff/md5:881b3416eead84a97d087bb60c090ec1/mode:33188/mtime:1615091885/uid:501/uname:katzgrau
etag: W/"881b3416eead84a97d087bb60c090ec1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0vPn5vVyGe97oQA7qq6eVpjAoVm52muDcLnklLWtpyiyKB1tWhMY3iyTClqhQzXS1OI7aCwSRoBzFRA2sZMo5CMxi84IZhnwuva27VJauLZkXsjGYKXdrf8oPt1A0Z8JFXrB"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=31536000
x-amz-cf-pop: MXP64-C2
cf-ray: 633422bb392c4e8b-FRA
x-amz-cf-id: NlaxK6szg2bHGJYc2UUJN1TasZFflkLIWoltvcad-wy9n2ftfbKMwA==

GET
H2 200 js Show response
maps.google.com/maps/api/ 123 KB
40 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps/api/js?key=AIzaSyALXYiMS-gjJn_UXL_i9E-x0pDq1x6365Q&ver=5.5.3

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

3b9e929c088640a2d7cbe915d5a6a88f2120b52a86e8f007c0a27fcf500994ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:23 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=15
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40905
x-xss-protection: 0
expires: Sun, 21 Mar 2021 04:06:23 GMT

GET
H2 200 YSFormJS.js Show response
cdn-0.we-ha.com/wp-content/plugins/community-yard-sale/js/ 3 KB
1 KB 394ms
386ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.we-ha.com/wp-content/plugins/community-yard-sale/js/YSFormJS.js?ver=5.5.3
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df62ae9a136c50d3e2a68b320004d7e5f5ede893b9d1dc2e43ea577118a25ca7

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:18 GMT
cf-ray: 633422bb2a5f4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f47408f700004dd099b09000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"c3d-59963df8022e2-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cnshaooc9n7mQslg%2F%2Flo3gifi2vt%2FfBASNhs3ylDTRZ9oXeIwEpW7khTn%2BV2yiDU3wlribrsKWUJMsMoBOAJ%2BaSpDZ8q8vDfCvdgCQMmo67y4ew0tyc44AkOMVQ%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: application/javascript
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:23 GMT

GET
H2 200 jquery.uitablefilter.js Show response
cdn-0.we-ha.com/wp-content/plugins/community-yard-sale/js/ 3 KB
2 KB 389ms
381ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.we-ha.com/wp-content/plugins/community-yard-sale/js/jquery.uitablefilter.js?ver=5.5.3
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ec77885d594de375a475f6550e3a82c075cbe2dfd7785a5e3bc2c0a09b56c2b

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:18 GMT
cf-ray: 633422bb2a634dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f47408f700004dd0731a6000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"b5d-59963df7da242-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mGvJhPE0FkQYm2j%2B3lP264diLnElSqtkdzIk9kUab%2F4qZ5H9CCcUWAXK0KW%2F%2BjsQvPk2OwpQFW6XNv07G2Qr4v5403kzIaVUUxir0rUlMnj1i8iTOiC0jc5tqyU%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: application/javascript
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:23 GMT

GET
H2 200 YSListing.js Show response
cdn-0.we-ha.com/wp-content/plugins/community-yard-sale/js/ 11 KB
3 KB 395ms
387ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.we-ha.com/wp-content/plugins/community-yard-sale/js/YSListing.js?v=1.2&ver=5.5.3
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6a1794f768d6ce4c496deaf2a074dc13bb7b517811211dff8bea74699bbb0a2

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:18 GMT
cf-ray: 633422bb2a614dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f47408f700004dd0449af000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"2a03-59963df7da242-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YQKTBCxIZBJEq9RR2caKxX9C3S8S30jdJLzEjOxWcy51Fs9p1t26K%2FhqgecSq32WjKzfYugqHdNPiwHCxQ3j%2B7tmaIOzuz%2B8zraLeWR2bVjTjqHZC7OsyF7F4NM%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: application/javascript
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:23 GMT

GET
H2 200 cookieconsent.min.js Show response
we-ha.com/ezoic/ 4 KB
2 KB 25ms
24ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/ezoic/cookieconsent.min.js
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 633422bb1a544dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f47408f000004dd0960af000000001
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
etag: W/"11a4-5bd5a9e4b6200-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3x3q9ytz%2FXivgqLDQg57zni8vrm5IHL4Q%2FTK0InL3si1kvX44%2BoQ82uWiVM45fHLDW5cXYQMX7BsCLsTyRadvmUUZS0HRR%2BboRwIVNcOmIDxuz0iuHA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=31536000, public
x-robots-tag: noindex
expires: Mon, 21 Mar 2022 03:36:23 GMT

GET
H/1.1

200

rs
tags.w55c.net/
Redirect Chain

https://tags.w55c.net/rs?id=95ec4f120d3e4009b0f74b03d05f0519&t=marketing
https://tags.w55c.net/rs?scc=1&id=95ec4f120d3e4009b0f74b03d05f0519&t=marketing

42 B
637 B

59ms
59ms

Image
image/gif

18.157.138.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.w55c.net/rs?scc=1&id=95ec4f120d3e4009b0f74b03d05f0519&t=marketing
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.138.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-138-23.eu-central-1.compute.amazonaws.com
Software: Retargeting/v2.0.30-632-ga311aad#rel-ec2-master i-0dbb3bb3e77219ff5@eu-central-1b@dxedge-app-eu-central-1-prod-asg /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Mar 2021 03:36:23 GMT
Server: Retargeting/v2.0.30-632-ga311aad#rel-ec2-master i-0dbb3bb3e77219ff5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 Mar 2021 03:36:24 GMT
Server: Retargeting/v2.0.30-632-ga311aad#rel-ec2-master i-0bdbeb4516d61c7d8@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://tags.w55c.net/rs?scc=1&id=95ec4f120d3e4009b0f74b03d05f0519&t=marketing
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 33c70aa0-67d9-0138-f7cb-06a9ed4ca31b Show response
tag.simpli.fi/sifitag/ 0
789 B 189ms
62ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/33c70aa0-67d9-0138-f7cb-06a9ed4ca31b

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Sun, 21 Mar 2021 03:36:24 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
x-request-id: Fm4-RXuVEm2M6UFsNNNh
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-52800146-1

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21f0630c3f9058cdb707980ff363cf87e1099fded9aefbd10176cfaf24a3993c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39181
x-xss-protection: 0
last-modified: Sun, 21 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Mar 2021 03:36:24 GMT

GET
H2 200 We-haidea3-300p.png
cdn-0.we-ha.com/wp-content/uploads/2017/02/ 10 KB
11 KB 391ms
391ms Image
image/png 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2017/02/We-haidea3-300p.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e98bb5ba6b8a29138185a9499ca921530b412ffef24ae655e5cd2a7bbd4c8cc5

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:18 GMT
cf-ray: 633422bfde2a4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740be900004dd04f14d000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"28da-5998dc8931ce7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RY8Urye4lbKDd7Sj6MMZOMB1i12UxoiWU%2BoBGiecoO6ftloEcW7ZTroyb00IUSFmr%2FALDTBYmODPQspAgrMnai17eXPMEd0ozOELlB96vgrVjlKjzllxAKBz7I4%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: image/png
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:24 GMT

GET
H2 200 boise.js Show response
we-ha.com/detroitchicago/ 983 B
740 B 17ms
17ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/detroitchicago/boise.js?gcb=194-4&cb=1
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SIWb8s2cu9lvKBRGlZjGr6RWnXked0QJb%2FFkpvXcnXq3b4IrnrUuFuAHDqXiAiUj11kTFcmuo6rvz2wB6NbzyJihgOKQiHgYAgE8wJaIBznDaTCZkNM%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
cf-ray: 633422bfee3e4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740bf000004dd041ac6000000001
x-robots-tag: noindex

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 38ms
8ms Image
image/png 2600:9000:2182:5400:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5400:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 02:36:22 GMT
via: 1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
x-sol: middleton
age: 3602
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
x-amz-cf-id: TKZlUEfRN4u1SoxwSd6aPYh2IRXE-xG-ucVjpUXVDM_U2N1J5Rf3aA==
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: nginx/1.16.0
etag: "49d-5bd497273b080-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: DUS51-C1
display: staticcontent_sol
expires: Sun, 28 Mar 2021 02:36:22 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 51ms
12ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B85) /
Resource Hash: 0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:22:22 GMT
Server: ECS (amb/6B85)
Age: 1040
Etag: "965fcfc23c3459afe3ebf42b92f31e6d+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29026

GET
H2 200 pdfobject.min.js Show response
cdn-0.we-ha.com/wp-content/plugins/embed-any-document/js/ 4 KB
2 KB 399ms
398ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.we-ha.com/wp-content/plugins/embed-any-document/js/pdfobject.min.js?ver=2.6.1
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8620810d6a6dae5c803bcc4c9d89a97697ef0dd8607c34c83fb88c256bd974fb

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:18 GMT
cf-ray: 633422bf7db94dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740bab00004dd093189000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"f39-5a9001fc3c30d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q92WPfzfb35Vyoe%2Fa9Nndn9AmVdm%2BHqOn%2FnnGwvRfyvmgel6sK25IXtMXjjdG79s%2F%2Fh0SH1TEvfYsO61PkZWzlc5dmMzRmcBlt7SvTWwOEasBTdrtknjxUmOtY0%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: application/javascript
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:24 GMT

GET
H2 200 embed-public.min.js Show response
cdn-0.we-ha.com/wp-content/plugins/embed-any-document/js/ 1 KB
758 B 381ms
377ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.we-ha.com/wp-content/plugins/embed-any-document/js/embed-public.min.js?ver=2.6.1
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32325245023daef823fa545ba29fa3eb352aebf5292940e86d676b1b7308ac7e

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:18 GMT
cf-ray: 633422bfadeb4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740bca00004dd063397000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"427-5a9001fc3c30d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C6piFi%2BuhPTeq0n9veVn%2F7jNvYOl7rRLl07T76GIFfZUJiKEFEC%2BZh71G%2FTZz8%2BkJrjad5dJ4GanWQ53sgZJnCmUeximJ%2FXJcwrm2on9o0HuFl%2FgGJXNUeH%2BrJ8%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: application/javascript
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:24 GMT

GET
H2 200 scripts.js Show response
cdn-0.we-ha.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 403ms
399ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.we-ha.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:18 GMT
cf-ray: 633422bfadec4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740bca00004dd05d32e000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"37c8-5b70d52ac8a4d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FY4VOgH4u0%2F64V33R3hzciXsQwKXRTe%2Bqts6Te%2FIdyTzcaUN0GLmobsF2g5YlVK6aFtD8adJlnl5krMG9j9ZgGDSypOCetUL%2BhgSOj0kBLAr5BDmttGjKZcVZdo%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: application/javascript
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:24 GMT

GET
H2 200 scripts.js Show response
cdn-0.we-ha.com/wp-content/plugins/google-language-translator/js/ 13 KB
3 KB 400ms
396ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.we-ha.com/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.8
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37b945e5fe609563e83b37edcbfe3d18aac072a55fc8962978afdf597a3c4aa8

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:18 GMT
cf-ray: 633422bfaded4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740bca00004dd0a7118000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"35e5-5bc054aff9e7c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=63Z9wcEEQZsGzbWIvLNPesGx0Bf%2BKHtMkILu52bqViYCTmjE0kRteQBTzIVTd2rare29PibyUGJ6IFi0ZOHbKD3j%2B7h5R1FcPzVnLtudbSEmWRWv1FyEIvcN6K4%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: application/javascript
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:24 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 4 KB
2 KB 40ms
15ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

905ca07a8b18fc179377a9614afe37b7a55b29936333708c6d03d8b33def4919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1884
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.js Show response
cdn-0.we-ha.com/wp-content/plugins/meks-flexible-shortcodes/js/ 7 KB
2 KB 381ms
378ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.we-ha.com/wp-content/plugins/meks-flexible-shortcodes/js/main.js?ver=1
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02007cb9ea5401983a0a4a34d08c1a57c75484d0852194291e124c94b848d474

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:18 GMT
cf-ray: 633422bfadef4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740bca00004dd0ab1fb000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"1d0b-5bc054d08c6d9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=diTfOKqIlSls%2BYLIbTur%2FiYJetRMl0XQl47ZSskHuywlXluIKUdfUNGqdqcTZgLppCubq9h3vGTfpZNJpA34tvFdSeg1JJEepP8osGzJDah6mY3fGCNdxcaM8i0%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: application/javascript
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:24 GMT

GET
H2 200 qppr_frontend_script.min.js Show response
cdn-0.we-ha.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/ 2 KB
797 B 379ms
376ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.we-ha.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js?ver=5.2.2
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fc2845d22c09928ba9dae73f657a21ede05bed89a42efafe1028bcbe4ee499b

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:18 GMT
cf-ray: 633422bfadf04dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740bca00004dd0960c7000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"636-5bc054e377d1d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0KPphrxPeAT4cdKIZ9MavIkEjjAzz%2BdAN7z%2FutPdL%2FR3f9uhA%2B6xSZbcUR2k%2FHSSKJ3l2wyIpqsyc9fsjtdUhPDn3jkgWKxnbqOVDJFpMNeEcXTrHtVzmuCnaOg%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: application/javascript
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:24 GMT

GET
H2 200 min.js Show response
cdn-0.we-ha.com/wp-content/themes/weha/js/ 97 KB
27 KB 570ms
569ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07f4db1c6416666918ceea7a517a19afbc8029eca68f873af01b9e47d91a9b0c

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:18 GMT
cf-ray: 633422bfee3a4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740bef00004dd065a84000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"18397-59963e3db4e55-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2vIGURbyZ%2FmXXB6R1VEdnq4HHq%2Fw0CcnEnOiyxtZrcJo8glYwRNc%2BfNk%2BvU3bfeEFlZyXJQHPFCrJwjrMfhzk9J0srAATCTCkAt7BPGnUDt7C%2Fe%2FiTP15PzJ2qg%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: application/javascript
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:24 GMT

GET
H2 200 comment-reply.min.js Show response
cdn-0.we-ha.com/wp-includes/js/ 3 KB
1 KB 399ms
398ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.we-ha.com/wp-includes/js/comment-reply.min.js?ver=5.5.3
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:18 GMT
cf-ray: 633422bfee3b4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740bf000004dd053b7d000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"bdb-5b2da9f8c724f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ozxdslFT%2Bw8mK26pXIKtvVnIYydb0E6SYAzCOQSNm6lOwO3b0riifMZwlsFpVeTAJdiZ3UzKLepjxqONIwqRsOd34VKVO0GCXr%2BvWfbW87See5ciNszY7Vuj9zE%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: application/javascript
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:24 GMT

GET
H2 200 sassy-social-share-public.js Show response
cdn-0.we-ha.com/wp-content/plugins/sassy-social-share/public/js/ 43 KB
11 KB 475ms
474ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.we-ha.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.20
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e107d701fdd6867cb72ba7ceaf313bd068ae7959ec429cab8449d96c30beff

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:18 GMT
cf-ray: 633422bfee3c4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740bf000004dd098bf5000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"ac76-5bc05665c8525-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O6WqArv3BhHgUGbLzguSrlIJLbmwIyW6vZvIFXKBs9MUXfu6AUIbxZ8PivMqARPq%2BTM0dsl5CO5QILxzjrcSJ%2FcC7M8K00rPd2xe2N%2FSCPlr5rBzaLgNRFlHJLw%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: application/javascript
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:24 GMT

GET
H2 200 wp-embed.min.js Show response
cdn-0.we-ha.com/wp-includes/js/ 1 KB
980 B 400ms
399ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.we-ha.com/wp-includes/js/wp-embed.min.js?ver=5.5.3
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:18 GMT
cf-ray: 633422bfee3d4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740bf000004dd04c035000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"59a-5a5f031d8c162-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Axk%2F2u5O%2FK5kKclMGc6vQbo1TYp74Ws%2BzAgMiR%2BZq5Tl2XIw57lyMO%2BeBbcXmVQ4tmzn7Ux5lbRENYNmre%2BuphW3zigJwhVhI164DGr4qQh6OTvklrayfppAkV8%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: application/javascript
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:24 GMT

GET
H2 200 augusta.js Show response
we-ha.com/detroitchicago/ 1 KB
1 KB 16ms
16ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/detroitchicago/augusta.js?cb=9
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e965b21d6a23293b47f5deb510a49b0675f74ee2eeb6dc86c101c33ff921461c

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=enJrHDQrwA7%2B5DxEXMmFut6Lua%2FxWj44pHFG2NqF0T41x6IwP9Fih4Cc3ZEinYK5bWcsWERnu4SLgr%2BDb4I00HkJTh7KxPvS1bpo7SfoDuIjeT22cgI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
cf-ray: 633422c00e594dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740c0400004dd09c359000000001
x-robots-tag: noindex

GET
H2 200 houston.js Show response
we-ha.com/detroitchicago/ 3 KB
1 KB 17ms
16ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/detroitchicago/houston.js?gcb=4&cb=36
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08375cebca0d36f2fa3ec9e027a974146af7161553e4319a418d4cee6b38bed7

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=raJyiqo9spmCBJNGgUvBwd1A23aOMr2N4d2VHay1%2FQVWogQbZfR3k6Xd96CG3HdZJqZMV3j7fW7d5c4cOfUalgMPY2M%2FoQatIw%2BTCNA1U33YfZbKrHA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
cf-ray: 633422c02e7e4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740c1500004dd0ac24d000000001
x-robots-tag: noindex

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 58 KB
20 KB 155ms
53ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

dee36a0979c3a1c0e665aa3404648872e34616dd1a9d0b6d9dbab7e5ad92ff46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "818 / 233 of 1000 / last-modified: 1616192151"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19837
x-xss-protection: 0
expires: Sun, 21 Mar 2021 03:36:24 GMT

GET
H2 200 banger.js Show response
we-ha.com/porpoiseant/ 50 KB
11 KB 24ms
24ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/banger.js?cb=194-4&bv=13&v=46&PageSpeed=off
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca58113c3d71e879e5b3fbf77479b2ad66ba24a890e4b6adfc23529bd829fe69

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ElGFJci05mUUZ0WZ5lEQeoJ26h5bNpLCZtWWnvX9cRfVqbd0yipckVrn4Tg%2FRfnM42fwPb2la9uqZ7HIBMVVgSH0OkiAzqJ3eGqNHEN3FvEvGcsvf88%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 633422c03e8e4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740c2500004dd099b26000000001
x-robots-tag: noindex

GET
H2 200 memphis.js Show response
we-ha.com/detroitchicago/ 5 KB
2 KB 23ms
22ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b68431bd479f66f60cca8fef9520547c0f28390680174d8b36c5591085e8393

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Tpr3mvM2XS5j7gJhcXP6qO%2BEfd4EPHK7peRLdKDtBE9BSJD8nAzIAeoE6twgaiu7oKbQj3LubpvVCVAy0vPfiwCTvAePbeXW1P4J9A%2FXhE%2BrWetWM34%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
cf-ray: 633422c03e914dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740c2700004dd0882e7000000001
x-robots-tag: noindex

GET
H2 200 minneapolis.js Show response
we-ha.com/detroitchicago/ 864 B
683 B 16ms
15ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/detroitchicago/minneapolis.js?gcb=194-4&cb=3
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5578a62b81f315375d072cfe506fc13813e844f94c910bdb15ce20e1fc3ef50a

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I7qBNbxp0eFuqfQV5uAO%2BicEJPrpu9LvVlWn%2BTMxIwUJYnFwhrTnXbZZSNYg%2BMJ3ZK2KfcT2BftZpYNVlcCdn2i0SnSME%2BMETmhYdzUrpPOwzgRuvFk%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
cf-ray: 633422c06ec84dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740c3f00004dd07ca0d000000001
x-robots-tag: noindex

GET
H2 200 raleigh.js Show response
we-ha.com/detroitchicago/ 2 KB
1 KB 21ms
20ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/detroitchicago/raleigh.js?gcb=194-4&cb=5
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f69dfe383fe0ef66df2c8de098fda546a826801c150ec22e7e09b8020b221dae

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pSIukeOVXd%2BRTYi8ghXofiMPneKfHWWMHjF%2FV9FaXDtodPkWv5oKjZ1vZiiNzODfWsceAf6DDfmyY9boS58YZUM%2Bh1j1HuQAEVMTPeDgewA4UOTRWMc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
cf-ray: 633422c06ec94dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740c3f00004dd06da9b000000001
x-robots-tag: noindex

GET
H2 200 tampa.js Show response
we-ha.com/detroitchicago/ 773 B
666 B 25ms
24ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/detroitchicago/tampa.js?gcb=194-4&cb=3
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c80203c7eae413cecc09a4ed0974e31a8538060cddd5bc1f1a5bfa53db672c9e

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s85GexllGFVXPsR3ogJ6a6fmk5hjqLDGMZrQORd6xQG7%2B1ImoDTjdCV4thkLlTMEzooIja6RMuhVMF9jhCSaoGDtzJJrsy4uhYcLGKxD4QU2LM%2BRbXA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
cf-ray: 633422c06ecc4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740c4100004dd093190000000001
x-robots-tag: noindex

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
366 B 167ms
167ms XHR
text/javascript 13.226.158.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwe-ha.com%2F&pid=wm4H6Dd6oLq5H&cb=0&ws=1600x1200&v=7.60.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2Fwe_ha_com-box-2%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22250x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fwe_ha_com-banner-2%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fwe_ha_com-large-leaderboard-1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fwe_ha_com-large-billboard-2%22%7D%5D&cfgv=0&schain=1.0%2C1!ezoic.ai%2C55ed8a630dca49d6455466978601c042%2C1%2C%2C%2C&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:23 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://we-ha.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 0LPMuTvT7I-rIs_YEBHaC2c8e7TLxoBWa-d16HNmbhNs0gGdUwf6PA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 184ms
64ms XHR
application/javascript 13.226.158.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-204.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 59593
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 06 Mar 2021 01:32:40 GMT
server: AmazonS3
date: Sat, 20 Mar 2021 11:03:11 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: CKV3M4eRejcoQdt9RrHmaPAyUTjiaZia3MQxVlg-mHY5JQOgobQ5ng==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 23ms
7ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: gzip
etag: "YoFsxqR3BwPygbSjh02Dug=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 28 Mar 2021 03:36:24 GMT

GET
H2 200 ezosuigeneris.js Show response
g.ezoic.net/ 555 B
563 B 204ms
65ms Script
text/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigeneris.js?cmb=0
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: b81b79444598329e52cc164dbeba38cdeba9f30bed195bf487b0f34bf86e4420

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: nginx/1.16.0
etag: 5b6c4578406097ed80ba820f5d688cb8
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cache-control: max-age=999999, private
content-length: 276
expires: Mon, 29 Apr 2020 21:44:55 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d86330e2fda13c48e4ab06301807f807c6d8a0320d923dd1bbabed365abd212f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: sPornDvOo2Q1yv9nGlyMBg==
cross-origin-resource-policy: cross-origin
expires: Sun, 21 Mar 2021 03:50:59 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: 7QfYkbEtjdwXO5PQCT0tUlQtHcieiBtuVe1HapB7nSq7m9F5Ji0d1Hjox8nM6W6uTZVZmhfJTXaucWwP9udhhA==
x-fb-trip-id: 917726464
x-fb-content-md5: dfaff4a037edac538cb45a1bfa54fc56
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 21 Mar 2021 03:36:24 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "2008d92ed9ae31c9d51cce4251a73953"
timing-allow-origin: *
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 banner Show response
dashboard.presspatron.com/dev/ 11 KB
12 KB 219ms
74ms Script
text/javascript 143.204.209.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.presspatron.com/dev/banner?b=81BThPX7xbbDUuwPpGpmvW7f

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.209.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-209-103.fra53.r.cloudfront.net

Software

Resource Hash

a5f9cc64f0ce871f7867efdb8a08ddf70a9da30bccb0f2aea6993683a790a0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 18:52:29 GMT
via: 1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 31435
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 7f8ab117-21cc-49ba-b4d6-ad6ecc7a2260
x-runtime: 0.005928
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 03 Apr 2020 13:01:19 GMT
x-frame-options: SAMEORIGIN
etag: W/"b2344079a5936cd4a932003f757a8a95"
x-download-options: noopen
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
cache-control: max-age=86400, public
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: EgXAeVI498jodKJMz6RBQE1gSII04ZNWUF8OF5dM6H5Opck0BTsl_g==

GET
H2 200 mem8YaGs126MiZpBA-UFW50d.woff
fonts.gstatic.com/s/opensans/v18/ 24 KB
24 KB 7ms
6ms Font
font/woff 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFW50d.woff

Requested by

Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/cache/fvm/min/we-ha.com/1614106261-76ae13f736075a22528df3771ea215500615d319.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

191dbba54729aa43f2c5c2f118971963758d7f0df2cc2f28f91b86a03dee83ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://we-ha.com
Referer: https://cdn-0.we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 07:56:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:33 GMT
server: sffe
age: 157169
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24364
x-xss-protection: 0
expires: Sat, 19 Mar 2022 07:56:55 GMT

GET
H2 200 fontawesome-webfont.woff2
cdn-0.we-ha.com/wp-content/themes/weha/css/fonts/ 70 KB
71 KB 795ms
772ms Font
font/woff2 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.we-ha.com/wp-content/themes/weha/css/fonts/fontawesome-webfont.woff2
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/cache/fvm/min/we-ha.com/1614106261-76ae13f736075a22528df3771ea215500615d319.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Origin: https://we-ha.com
Referer: https://cdn-0.we-ha.com/wp-content/cache/fvm/min/we-ha.com/1614106261-76ae13f736075a22528df3771ea215500615d319.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
vary: Accept-Encoding, User-Agent,Accept-Encoding,Origin
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:18 GMT
cf-ray: 633422bfe9b41f25-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740bed00001f2534394000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=172800
etag: W/"118d8-59963f4953000-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
x-varnish: HIT
access-control-allow-origin: https://we-ha.com
x-hosted-by: DreamPress
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hAq%2BUqNWjNy570M1IHm1jl7%2B%2FmC3GAC9MaZLM10cEEhq04JsYGPidx39q1eWOM5y5rxM2mruGti1k7Pih%2B7zW7uikl8ENZ%2B5PqYozJOiH5yKU9pLEmBIXEuDL5c%3D"}],"max_age":604800}
content-type: font/woff2
display: staticcontent_sol, staticcontent_sol
expires: Tue, 23 Mar 2021 03:00:18 GMT

GET
H2 200 BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmYWRl.woff
fonts.gstatic.com/s/robotoslab/v13/ 28 KB
28 KB 8ms
7ms Font
font/woff 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmYWRl.woff

Requested by

Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/cache/fvm/min/we-ha.com/1614106261-76ae13f736075a22528df3771ea215500615d319.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf8beecc107ef5f405a8204ec79b611f4596be4b25912a376233797e7f3649c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://we-ha.com
Referer: https://cdn-0.we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:31:31 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 23:10:18 GMT
server: sffe
age: 464693
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28832
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:31:31 GMT

GET
H2 200 Conard-Senior-Captain-Owen-McGoldrick-Moves-Past-SGWLs-Keegan-Newcomb.-McGoldrick-Scored-Twice-In-The-Conard-Win-810x540.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 53 KB
53 KB 574ms
572ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/Conard-Senior-Captain-Owen-McGoldrick-Moves-Past-SGWLs-Keegan-Newcomb.-McGoldrick-Scored-Twice-In-The-Conard-Win-810x540.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cac3d153ecba17e05629098e2a7c73a932a503b0aede5212d94fccb76109963c

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:24 GMT
cf-ray: 633422c02e824dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740c1b00004dd0b5912000000001
response: 200
last-modified: Sat, 20 Mar 2021 22:53:43 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"d214-5bdffb45d662b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bb39dvKV45kKbJcLORY%2FFrPyNhXUnMr5%2F5mvknGqMhG3NSb86uxKkmopzTCrx47cXnFO9bDCRfhULQN%2BvupyOCPhW80hDuJFsnfH2vj3W63%2B%2FnfTl%2BlayVRXp2E%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:24 GMT

GET
H2 200 DSC04142-810x565.jpeg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 81 KB
81 KB 825ms
823ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/DSC04142-810x565.jpeg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33adf7f6fe4829acc8800b6097d1c14c88c01cd0076afbf33c5274ab45612a95

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:24 GMT
cf-ray: 633422c02e834dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740c1b00004dd06838f000000001
response: 200
last-modified: Sat, 20 Mar 2021 02:17:48 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"1434b-5bdee705bd945-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tY7gNUnlMgzyzpMu7JmhnAceZVrGW00m0J3vZPlqNnGvBzucF3ygm4fF6BRQ0XGcn6mMXFs%2FuPxTKfHETgE49Hj3IkqNMMCS79tYwVs7bWcrMMHUnp4iq4JEptQ%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:24 GMT

GET
H2 200 deidre_gifford_1200_vaccine_20210319-810x540.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 43 KB
44 KB 565ms
563ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/deidre_gifford_1200_vaccine_20210319-810x540.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c61682d13795a3453e636c6a07a30bf746e90bef6fdf8a41bfb339c7a710e6a9

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:24 GMT
cf-ray: 633422c02e844dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740c1b00004dd08e944000000001
response: 200
last-modified: Fri, 19 Mar 2021 21:16:44 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"ace4-5bdea3bab219e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y7X7dPzRea1rTiwbUpOCsjuGkFslaizgSfzY4JrtNJFqrzNEO1HNzKryw%2BPnkNkg3cO7RcA%2BAz1zlgNCtF7NWivIw%2FpJ4cym7zUWs8sPwxQmF4K6wVUQKFPkHWQ%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:24 GMT

GET
H2 200 michael-byrne-810x1215.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 104 KB
104 KB 917ms
915ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/michael-byrne-810x1215.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e81677e261fe8f2067d1347323fb63fe7ffbf438b260c6d30526bbea639813a

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:24 GMT
cf-ray: 633422c02e854dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740c1b00004dd075231000000001
response: 200
last-modified: Fri, 19 Mar 2021 19:45:29 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"19f84-5bde8f5545a46-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H7QMOKDquYah9SXSYgTy%2BTkXKctHcADDqo9WIWzLByo4o88kbKUkhcts3AoD1JfZu%2B4CQS6VjjMGOFhOL%2FQNSmMkI3TvREUiTx8td8%2Bn9xWWnb8BLHVQX56hHpg%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:24 GMT

GET
H2 200 IMG_4372-810x608.jpeg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 60 KB
60 KB 594ms
593ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/IMG_4372-810x608.jpeg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92fa08189e988c84b008debdb4e2003f76e8fd3e12cc82791d3961c84c64ab5b

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:24 GMT
cf-ray: 633422c02e864dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740c1c00004dd0a3918000000001
response: 200
last-modified: Sat, 20 Mar 2021 20:45:44 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"eee0-5bdfdea9fdf47-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d7cN7FPUWoy9O3NnxazrIrftqAx8nrPF2JfSDbkoXliwRZo8MP9CsK%2BiTDephlvPm7Al5ZZnpwRO77LinxHuu0Ec3z7ojti3vXsWXbV%2BS4fI9T1iunhNKKiremM%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:24 GMT

GET
H/1.1 200
OK 5296.js Show response
ad.broadstreetads.com/ndisplay/ 881 B
1 KB 576ms
137ms Script
application/javascript 23.21.72.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.broadstreetads.com/ndisplay/5296.js
Requested by: Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.72.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-72-59.compute-1.amazonaws.com
Software: /
Resource Hash: e188f1c10b878ff607bd02020b9beb2ceab428ad80314b8d9f924d597354c3ec

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:24 GMT
Connection: keep-alive
Content-Length: 881
x-hostname: ip-10-156-71-77
content-type: application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52800146-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 479
date: Sun, 21 Mar 2021 03:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 21 Mar 2021 05:28:25 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 41ms
14ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwe-ha.com%2F&domain=we-ha.com&cw=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://we-ha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://we-ha.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1540
date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwe-ha.com%2F&domain=we-ha.com&cw=1
https://mug.criteo.com/sid?cpp=b2w5EnxJLzh4ckp5WFFnRFFsZzd5QW1GaklMaDNDdkNPSWM3VlFiY2ZJV3NXU0JNWEpTTlN0aFVzeEI5eUVMbnpxSWcvVTBXL0FZaWZVQ1BwdU9wc20zbExTK2Y0bFRHY3JOcTh0T0Rqb2JpVXZQeVptM0V5TkhNRWxBND...

358 B
633 B

192ms
66ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=b2w5EnxJLzh4ckp5WFFnRFFsZzd5QW1GaklMaDNDdkNPSWM3VlFiY2ZJV3NXU0JNWEpTTlN0aFVzeEI5eUVMbnpxSWcvVTBXL0FZaWZVQ1BwdU9wc20zbExTK2Y0bFRHY3JOcTh0T0Rqb2JpVXZQeVptM0V5TkhNRWxBNDMyWjg4V3Z1Z3RTMXVFSDEyZXlXM240Und1QVQ5bFB4NlpUbUsyWlR3Vk84RS8rVFRxRU9keUhlSjc1RUMzQWFvUkNwTGJBMTZZZFdCcXpKTnV2NG1RWUNJVHU1eGlnPT18&cppv=2

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5a1d422cb705b52765181c424a647ddc8ee4822324e5390a38ee2bd81874468e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 21 Mar 2021 03:36:23 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5044
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 21 Mar 2021 03:36:23 GMT
location: https://mug.criteo.com/sid?cpp=b2w5EnxJLzh4ckp5WFFnRFFsZzd5QW1GaklMaDNDdkNPSWM3VlFiY2ZJV3NXU0JNWEpTTlN0aFVzeEI5eUVMbnpxSWcvVTBXL0FZaWZVQ1BwdU9wc20zbExTK2Y0bFRHY3JOcTh0T0Rqb2JpVXZQeVptM0V5TkhNRWxBNDMyWjg4V3Z1Z3RTMXVFSDEyZXlXM240Und1QVQ5bFB4NlpUbUsyWlR3Vk84RS8rVFRxRU9keUhlSjc1RUMzQWFvUkNwTGJBMTZZZFdCcXpKTnV2NG1RWUNJVHU1eGlnPT18&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://we-ha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1515
content-length: 455
expires: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
757 B 222ms
96ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.27.0
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=criteo,pulsepoint,rubicon,sovrn&cb=194-4-11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 5551daca5bc026c36d12df28fc40ba1cd26b5d583bb4bb52ce0235cd6e445ebf

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 21 Mar 2021 03:36:24 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://we-ha.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

POST
H2 204 ortb Show response
bid.contextweb.com/header/ 0
503 B 418ms
133ms XHR
text/plain 198.148.27.133
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=criteo,pulsepoint,rubicon,sovrn&cb=194-4-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.148.27.133 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
server: envoy
cwdl: 22/4211,22/4211
access-control-allow-origin: https://we-ha.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
cw-server: bid-deployment-87596cc6f-fktvs

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 246ms
69ms XHR
application/json 213.19.162.41
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=14&rp_schain=1.0,1!ezoic.ai,55ed8a630dca49d6455466978601c042,1,,,&rf=https%3A%2F%2Fwe-ha.com%2F&tk_flint=pbjs_lite_v4.27.0&x_source.tid=6e9421fc-f05e-48d6-9f89-ea54288ba8c5&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.5968342869743997
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=criteo,pulsepoint,rubicon,sovrn&cb=194-4-11
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.41 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 795544080a956df03f34169837d29748925798e1a19d45d69d1a7b7fa3a3169a

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 21 Mar 2021 03:36:24 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://we-ha.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
139 B 177ms
58ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.27.0&cb=98467280676
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=criteo,pulsepoint,rubicon,sovrn&cb=194-4-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://we-ha.com
date: Sun, 21 Mar 2021 03:36:24 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 ezosuigenerisc.js Show response
g.ezoic.net/ 0
54 B 149ms
67ms Script
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigenerisc.js?nogen=1&cmb=0
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
cache-control: max-age=300, private
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 nmash.js
we-ha.com/porpoiseant/ 33 KB
9 KB 19ms
18ms Other
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/nmash.js?v=13
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9a8a3f27fa969797b4fbec0716dcacd5aaa38202277691d7baf41a540963fd

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 633422c0df2a4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740c8700004dd06339f000000001
last-modified: Sun, 21 Mar 2021 01:35:57 GMT
server: cloudflare
etag: W/"854d-5be01f880fcbb;5bd5a9e4b6200-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vxpsqHug0%2B4JqFDKiPZKooGV74PUeWIOy3kQma1h6%2BMRdjswwC%2F7Dv2eWm8qTzknvxmJRMfmqAVop%2FaoxasyxhHBJ%2BjcFeXiT29RHV1jcjKVgOqUDkc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 rules-p-6sFC0grc4fcpV.js Show response
rules.quantcount.com/ 3 B
355 B 406ms
383ms Script
application/x-javascript 2600:9000:2182:c200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6sFC0grc4fcpV.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:c200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:32:56 GMT
via: 1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 213
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
cache-control: max-age=300
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: dYViLSB1on1f58Ct3bqFhNilNJ9Kqc3KLdu7OgJ7QpXNf_r-9otxvg==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 197 KB
60 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=3d0e6a0f0699d7a5159584e7c7a496b7&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46aa30c49c9a3412ee62acd05d634c3af6afd75b7eddba757622ff7ae48d1c20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://we-ha.com
Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: oGUi0zWZ2CSNTia9jM4TEQ==
cross-origin-resource-policy: cross-origin
expires: Mon, 21 Mar 2022 02:53:59 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60836
x-fb-rlafr: 0
x-fb-debug: KG27MlViazb61L7genKKqCDLIau1K5zPlzvgyaahFtHTvHkhhw3tlmbL3D7lSNOjl40Am+EdQZV3KPNoo5SwQA==
x-fb-trip-id: 917726464
x-fb-content-md5: a3ebcff530d4e2993b6cba640148c518
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 21 Mar 2021 03:36:24 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "1de72ebc6bcdd6964c6fd62cb31804c6"
timing-allow-origin: *
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
384 B 45ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=112025560&t=pageview&_s=1&dl=https%3A%2F%2Fwe-ha.com%2F&ul=en-us&de=UTF-8&dt=We-Ha%20%7C%20West%20Hartford%20News%20%7C%20West%20Hartford%2C%20CT&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1090805854&gjid=780883154&cid=240545047.1616297784&tid=UA-52800146-1&_gid=1691686440.1616297784&_r=1&gtm=2ou3a0&z=608847999

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://we-ha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 183ms
60ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1281
date: Sun, 21 Mar 2021 03:36:23 GMT
content-encoding: gzip
vary: Accept-Encoding

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 42ms
15ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-52800146-1&cid=240545047.1616297784&jid=1090805854&gjid=780883154&_gid=1691686440.1616297784&_u=IEBAAUAAAAAAAC~&z=126751952

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 21 Mar 2021 03:36:24 GMT
content-type: text/plain
access-control-allow-origin: https://we-ha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2021031701.js Show response
securepubads.g.doubleclick.net/gpt/ 285 KB
100 KB 128ms
71ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

cbbda5fac6618da4be9f03098dc394e81f435c51622e306605849c2ac2942fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 08:39:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102424
x-xss-protection: 0
expires: Sun, 21 Mar 2021 03:36:24 GMT

GET
H2 200 rochester.js Show response
we-ha.com/detroitchicago/ 3 KB
1 KB 18ms
17ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/detroitchicago/rochester.js?gcb=194-4&cb=5
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64be3875a16cd57d662be94d9401706fe6425b88d9eb158a4d095167d0f2547c

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4tGwfiHAwvPsOpMoTn%2Bvo9K6LivPSMNTwBWyt2xqVyBOW%2Be570VBZkZ%2BWqwwYsMtz4MslcEVGUrkXQhfCixFTgQgSnPWiiLJMTgwlu42qX%2FYhHvC9wE%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
cf-ray: 633422c1dffb4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740d2400004dd065a90000000001
x-robots-tag: noindex

GET
H2 200 greenoaks.gif Show response
we-ha.com/detroitchicago/ 0
367 B 22ms
22ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJkb21haW5faWQiOiI2NDczNCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImRhdGEiOlt7Im5hbWUiOiJ1bml2ZXJzYWxfdXNlcl9pZCIsInZhbCI6IjViNmM0NTc4NDA2MDk3ZWQ4MGJhODIwZjVkNjg4Y2I4In1dfV0=
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OJECL18Gmc3ENt5Z%2BqQC9%2FWegjo8EfJida0wZZscQ2VMgZuYOIlvg2StQA7YmLqnbYKLsXqoef7ycTpp1ZPthD3ghPq4o7vJ%2F2l1ELIJaAtBTgmkYxc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422c1dffe4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f4740d2400004dd098802000000001
expires: Sat, 20 Mar 2021 03:36:24 UTC

GET
H2 200 imp.gif Show response
we-ha.com/detroitchicago/ 43 B
570 B 15ms
15ms XHR
image/gif 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A4%2C%22ad_load_version%22%3A0%2C%22ad_location_ids%22%3A%221%2C31%2C35%2C34%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A4%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A3%2C%22city%22%3A%22%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A4%2C%22domain_id%22%3A64734%2C%22domain_test_group%22%3A20200405%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22596%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221101%2C1102%2C1107%2C1126%22%2C%22page_view_count%22%3A1%2C%22page_view_id%22%3A%229799c98c-0f75-4a82-7011-2a1ad933af2a%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A143138%2C%22response_time_orig%22%3A2106%2C%22serverid%22%3A%2218.184.1.158%3A11884%22%2C%22state%22%3A%22%22%2C%22sub_page_ad_positions%22%3A%221101%2C1102%2C1107%2C1126%22%2C%22t_epoch%22%3A1616297781%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwe-ha.com%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A1843%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4HziAhbTknSdgy6AC5IY5vYs9YLxyUuS70YOGFsDrP8i3fr9vtBIvmMFVe2nS506OVobhHTFjdgBTM6WCOlNDc%2B9AWVvypyRirWRkxDND5f38ugfuMw%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
x-middleton-display: imp_sol
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 633422c1f8114dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
cf-request-id: 08f4740d3700004dd0a49cc000000001

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
3 KB 27ms
6ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 423
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 21 Mar 2021 04:29:21 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 4 KB
2 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:17:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1162
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1673
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 22:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 21 Mar 2021 04:17:02 GMT

GET
H3-Q050 200 element_main.js Show response
translate.googleapis.com/element/TE_20210224_00/e/js/element/ 250 KB
90 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 19:59:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113836
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91310
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 18:08:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Mar 2022 19:59:08 GMT

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 107 B
799 B 49ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=we-ha.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 36ms
21ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=we-ha.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 80 KB
27 KB 270ms
269ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4331383540198982&correlator=1245764315597722&output=ldjh&impl=fif&eid=31060502%2C21068031%2C31060209%2C31060344%2C31060367%2C44739387&vrg=2021031701&ptt=17&sc=1&sfv=1-0-38&ecs=20210321&iu_parts=1254144%2Cwe_ha_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&prev_scp=iid19%3D1894835%26t%3D134%26d%3D64734%26t1%3D134%26pvc%3D1%26ap%3D1126%26sap%3D1126%26a%3D%257C1480%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod91-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dwe_ha_com-box-2-1894835%26eb_br%3D60474211daf1dfd4d90000ea01f56c30%26eba%3D1%26ebss%3D10017%2C10082%2C10015%2C10063%2C11304%26asau%3D8441763193%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D0%26br2%3D0%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D82%252C25%252C176%252C4%252C65%252C122%252C89%252C20%252C26%252C188%252C143%252C31%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&cookie_enabled=1&bc=31&abxe=1&lmt=1616297784&dt=1616297784811&dlt=1616297783526&idt=1252&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=290&adks=3878148146&ucis=1&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwe-ha.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1140x250&msz=970x250&ga_vid=240545047.1616297784&ga_sid=1616297785&ga_hid=112025560&ga_fc=false&fws=4&ohw=1600&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

7d1c2bd48f69d6c508fe740e70e22f8bff1836d9b6bf685027a37769cdc9d8b3

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16913016488758466345/970x250/970x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16913016488758466345/970x250/970x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMDJxrq6wO8CFWKGgwcd_VcI6Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/16913016488758466345/970x250/970x250.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16913016488758466345/970x250/970x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16913016488758466345/970x250/970x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMDJxrq6wO8CFWKGgwcd_VcI6Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/16913016488758466345/970x250/970x250.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26288
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sun, 21 Mar 2021 03:36:25 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://we-ha.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 70ms
14ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 7ms
5ms Other
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 416ms
415ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4331383540198982&correlator=1245764315597722&output=ldjh&impl=fif&eid=31060502%2C21068031%2C31060209%2C31060344%2C31060367%2C44739387&vrg=2021031701&ptt=17&sc=1&sfv=1-0-38&ecs=20210321&iu_parts=1254144%2Cwe_ha_com-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C125x125%7C234x60%7C250x250%7C120x240%7C200x200%7C180x150&prev_scp=iid19%3D1890784%26t%3D134%26d%3D64734%26t1%3D134%26pvc%3D1%26ap%3D1101%26sap%3D1101%26a%3D%257C1480%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod91-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dwe_ha_com-large-billboard-2-1890784%26eb_br%3D60474211daf1dfd4d90000ea01f56c30%26eba%3D1%26ebss%3D10017%2C10082%2C10015%2C10063%2C11304%26asau%3D8441763193%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26br1%3D0%26br2%3D0%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%252C13%252C120%252C67%252C51%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&cookie_enabled=1&bc=31&abxe=1&lmt=1616297784&dt=1616297784818&dlt=1616297783526&idt=1252&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3380049552&ucis=2&ifi=2&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwe-ha.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=240545047.1616297784&ga_sid=1616297785&ga_hid=112025560&ga_fc=false&fws=132&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d2d25f60cde8acdc8c83933e6a200ce953a01c88cfab60c68c43492b135d7679

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 231712
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4116
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 353016
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://we-ha.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 11 KB
5 KB 733ms
732ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4331383540198982&correlator=1245764315597722&output=ldjh&impl=fif&eid=31060502%2C21068031%2C31060209%2C31060344%2C31060367%2C44739387&vrg=2021031701&ptt=17&sc=1&sfv=1-0-38&ecs=20210321&iu_parts=1254144%2Cwe_ha_com-large-leaderboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=iid19%3D1895434%26t%3D134%26d%3D64734%26t1%3D134%26pvc%3D1%26ap%3D1102%26sap%3D1102%26a%3D%257C1480%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod91-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1035%26compid%3D0%26tap%3Dwe_ha_com-large-leaderboard-1-1895434%26eb_br%3D60474211daf1dfd4d90000ea01f56c30%26eba%3D1%26ebss%3D10017%2C10082%2C10015%2C10063%2C11304%26asau%3D8441763193%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D2%26ftsn%3D3%26br1%3D0%26br2%3D0%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%252C13%252C120%252C67%252C51%252C0%252C66%252C20%252C71%252C0%252C0%252C31%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&cookie_enabled=1&bc=31&abxe=1&lmt=1616297784&dt=1616297784821&dlt=1616297783526&idt=1252&frm=20&biw=1600&bih=1200&oid=3&adxs=1070&adys=714&adks=3263551624&ucis=3&ifi=3&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwe-ha.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x264&msz=300x250&ga_vid=240545047.1616297784&ga_sid=1616297785&ga_hid=112025560&ga_fc=false&fws=4&ohw=1600&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

7d9ecd93bd4403e071ee07bcc76ebb8a9195876fd48b6dded99b176b0043760d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 231712
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5106
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 353016
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://we-ha.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
3 KB 590ms
589ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4331383540198982&correlator=1245764315597722&output=ldjh&impl=fif&eid=31060502%2C21068031%2C31060209%2C31060344%2C31060367%2C44739387&vrg=2021031701&ptt=17&sc=1&sfv=1-0-38&ecs=20210321&iu_parts=1254144%2Cwe_ha_com-banner-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250%7C300x250%7C120x240%7C200x200%7C180x150%7C125x125%7C234x60&fluid=height&prev_scp=iid19%3D1898434%26t%3D134%26d%3D64734%26t1%3D134%26pvc%3D1%26ap%3D1107%26sap%3D1107%26a%3D%257C1480%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod91-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D31%26al%3D1031%26compid%3D0%26tap%3Dwe_ha_com-banner-2-1898434%26eb_br%3D60474211daf1dfd4d90000ea01f56c30%26eba%3D1%26ebss%3D10017%2C10082%2C10015%2C10063%2C11304%26asau%3D8441763193%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D2%26ftsn%3D3%26br1%3D0%26br2%3D0%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%252C0%252C28%252C67%252C45%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&cookie_enabled=1&bc=31&abxe=1&lmt=1616297784&dt=1616297784823&dlt=1616297783526&idt=1252&frm=20&biw=1600&bih=1200&oid=3&adxs=1070&adys=983&adks=2122034604&ucis=4&ifi=4&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwe-ha.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x264&msz=300x250&ga_vid=240545047.1616297784&ga_sid=1616297785&ga_hid=112025560&ga_fc=false&fws=4&ohw=1600&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e284b82f255e270c06e42c27568ec6a6109adae8de328facd76172d089ec4f58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 134203
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3166
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 182125
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://we-ha.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 edmonton.webp Show response
we-ha.com/detroitchicago/ 14 KB
5 KB 17ms
16ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/detroitchicago/edmonton.webp?a=a&cb=194-4&shcb=34
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 997e1fbf8331c9f3af1ff0ace8c73754cbfce4c143c785b7bc44dbcead23576e

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UVgUbBZn0e5si1l1%2BBd0yf%2BI0oAjPGKdQzMJGFteVRXtdRXGULHVR%2Bqx2chH2oif1S%2BEVo80m9ds4eylVigHUXpWDp0hyp2jwt5tS9VZpQA%2BPr5bhvc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 633422c3899a4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740e3800004dd06daaf000000001
x-robots-tag: noindex

GET
H2 200 jellyfish.webp Show response
we-ha.com/porpoiseant/ 58 KB
12 KB 58ms
57ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/jellyfish.webp?a=a&cb=194-4&shcb=34
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0001e893552b1e9805eaf2cfe9b6867ddb916e2213083d8d1513aa3e2ee2dd78

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qbCXt7hYiOqiCeyVe3QDVPpw7EX7CfbaxVb2xSSSr0pPe8jTUJ8LRbGoZq9ufcP9gyyxwcl9pIML6%2BaKwJ8opLNwIy2wDL9WruC8RCav3R0B1M3XJ1w%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 633422c3899b4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740e3800004dd041add000000001
x-robots-tag: noindex

GET
H2 200 vitals.js Show response
we-ha.com/tardisrocinante/ 4 KB
2 KB 21ms
20ms Script
application/javascript 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/tardisrocinante/vitals.js?gcb=4&cb=3
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 633411252cd3723532e0cb3c8c4214863de95cb26997c7ff3273aaf8f55d0d2a

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1TyNdwB7D2Jg%2BxEcws33XkbIkQEZGzsYA7BtybvYqEZiHmA6rrUrEs%2FUw9KazANuKgPWuw8qhWVgQ9IO6RMsidVM3%2BEm8Zqos5o2g7sfpPYdDF1iFF8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
cf-ray: 633422c3899c4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740e3800004dd087b4c000000001
x-robots-tag: noindex

GET
DATA 200
OK truncated
/ 475 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b8774ee42aac08bc5a2e690896b80dc20953e86dc152dc5b344b589df74273e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 flags.png
cdn-0.we-ha.com/wp-content/plugins/google-language-translator/images/ 54 KB
54 KB 579ms
578ms Image
image/png 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/plugins/google-language-translator/images/flags.png
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/cache/fvm/min/we-ha.com/1614106261-76ae13f736075a22528df3771ea215500615d319.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e

Request headers

Referer: https://cdn-0.we-ha.com/wp-content/cache/fvm/min/we-ha.com/1614106261-76ae13f736075a22528df3771ea215500615d319.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:19 GMT
cf-ray: 633422c3a9a44dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740e4500004dd0960e1000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"d6d4-5bc054aff9e7c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7j6f9neu%2BDN0CVa3AWJl1LulzkQ6PZlYu%2FcmFbzwW4Jbhzpa7yXInXM40fW%2BObUXW53pW9F5crlgwJbclMYLZT%2BeBHz99BBueleCtsi9d6xT3bZtYds8kyZK%2FH4%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: image/png
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 We-haidea3-300p.png
we-ha.com/wp-content/uploads/2017/02/ 10 KB
11 KB 385ms
385ms Image
image/png 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://we-ha.com/wp-content/uploads/2017/02/We-haidea3-300p.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e98bb5ba6b8a29138185a9499ca921530b412ffef24ae655e5cd2a7bbd4c8cc5

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:18 GMT
cf-ray: 633422c47a714dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740ece00004dd0683ab000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"28da-5998dc8931ce7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F4jG%2FVRQcG3AmGDlknbxLvxw0Dl5J7AK8ruswK7fzmZDDjb3iSk6oQHxA61gL8bpM7ZKI3OTSUHzlfg6k5ATg0yJ9opUbYi5i9d3J9O0%2BDi3S2N4TQ8%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: image/png
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H/1.1 200
OK widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html Show response
platform.twitter.com/widgets/ Frame C6A9 320 KB
104 KB 13ms
13ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fwe-ha.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC3) /
Resource Hash: a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://we-ha.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://we-ha.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 888337
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 21 Mar 2021 03:36:25 GMT
Etag: "e9ffeb87a3b6f068499be71966b442d9+gzip"
Last-Modified: Wed, 03 Mar 2021 19:20:25 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BC3)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105690

GET
H2 200 154 Show response
dashboard.presspatron.com/websites/ Frame 7EB0 2 KB
3 KB 80ms
79ms Document
text/html 143.204.209.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.presspatron.com/websites/154?origin=https%3A%2F%2Fwe-ha.com

Requested by

Host: dashboard.presspatron.com
URL: https://dashboard.presspatron.com/dev/banner?b=81BThPX7xbbDUuwPpGpmvW7f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.209.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-209-103.fra53.r.cloudfront.net

Software

Resource Hash

87d8c3ad6f15b4243ca085a39e02c039b0ee92dee5f50af0eac66e938374dedb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: dashboard.presspatron.com
:scheme: https
:path: /websites/154?origin=https%3A%2F%2Fwe-ha.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://we-ha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://we-ha.com/

Response headers

content-type: text/html; charset=utf-8
date: Sun, 21 Mar 2021 03:16:40 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: max-age=0, public, must-revalidate, s-maxage=1800
etag: W/"87d8c3ad6f15b4243ca085a39e02c039"
x-request-id: 3c9c2d23-cefb-4d10-868b-d486bafe4baa
x-runtime: 0.006581
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: eKfPsgrkw7wGaMDaa_DgyC0xOslOMQrAY50oEGfDo5Jcm114V271FA==
age: 1185

GET
H2 200 DSC04142-375x195.jpeg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 17 KB
17 KB 561ms
558ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/DSC04142-375x195.jpeg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e09b20a8735288cfedcb96e0bd35b4aaa7239ac4ff188c1cb147cd582dc4c1a

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4baa94dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740ef500004dd05711c000000001
response: 200
last-modified: Sat, 20 Mar 2021 02:17:49 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"42af-5bdee706aec4e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=82lzBfbH7sf5%2BL8HeLXpckVVaWGapQjrqC%2BpvygcfpikBbv7oZc8GWmMs3kHMfgFnnpgEENouJCyGeutRHji5utpxJqGawtrSSKcjw44%2BYn1BF%2BhTGgmxyM1bh0%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 michael-byrne-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 10 KB
10 KB 503ms
500ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/michael-byrne-375x195.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d963b063c443a6b0c66c575b9515acecf16f683b94fb968523a786d66f07e463

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4baab4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740ef500004dd043b17000000001
response: 200
last-modified: Fri, 19 Mar 2021 19:45:30 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"263e-5bde8f5636d4d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vek3PpaxlQyps%2FSibvVGFMmhE%2FrWWtEJXo8EV0LNz5S9dz5tbQ3cTBfqX%2BJfMMBHaYL3EHg5HlFqnRY9XmIKKfyK1TLHY1d9kAzkIdu5RnAJ4GhKV6OEP5geXVE%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 union-kitchen-outdoor-march-2021-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 20 KB
21 KB 608ms
605ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/union-kitchen-outdoor-march-2021-375x195.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d111d3d5c11903f36e4da0a9e4af24d97a25db95d7cf38959e770af4288e036c

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4baac4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740ef500004dd06dab7000000001
response: 200
last-modified: Sun, 14 Mar 2021 17:11:19 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"4fcf-5bd8238c83a95-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OytvvcMRI2mfHGHrEWHLPWg8Jng%2FAo5zF%2Bn1mfr%2FXk6K5SceElQyjSAUeNItOVo%2FPuCdehVDf0QVHovsoVM%2BPZeLHoy%2BG9TNDzou0NmjMxFJEwvFn6OI%2FTbt%2Fro%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 rodney_butler_zoom_20210318-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 8 KB
8 KB 508ms
506ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/rodney_butler_zoom_20210318-375x195.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 071f986aef5ad255076061f3ac9b67d09fbb99ff3b183f22a1776e6994db3096

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4baad4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740ef600004dd03c221000000001
response: 200
last-modified: Fri, 19 Mar 2021 02:21:10 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"1fe5-5bdda5e9287fd-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WzRnhajK0tzbE18gI3Pmr4grKHbmMNg7B8EIi5BznD5gPVt%2BJomSFb7SEYTZTrfLX4j151xy55a2tJKTfqGpZAD4bq9B0RdkWoFmy2cTnlE%2FziHnYBdJKPQTGW4%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 deidre_gifford_1200_vaccine_20210319-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 12 KB
12 KB 521ms
519ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/deidre_gifford_1200_vaccine_20210319-375x195.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c58e449e99a90b63ee782cc8573809e2c9cb5f9c106c3be748ac764fc9a8a1f

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4baae4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740ef600004dd07820b000000001
response: 200
last-modified: Fri, 19 Mar 2021 21:16:44 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"301d-5bdea3bad7350-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rFH2fh7gkDYkS0bsFnDWQ7Qj4xc8bg%2FcKxCG38yCDe19lFaBhUt86QUuNa7Rz6xZgu1OPf5bUw8zBSfQkBcxTnZ9XtrpbzSVFpZt0CRIVEdyH1s%2BDua%2BSrvMPyU%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 Conard-Senior-Captain-Owen-McGoldrick-Moves-Past-SGWLs-Keegan-Newcomb.-McGoldrick-Scored-Twice-In-The-Conard-Win-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 13 KB
14 KB 530ms
528ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/Conard-Senior-Captain-Owen-McGoldrick-Moves-Past-SGWLs-Keegan-Newcomb.-McGoldrick-Scored-Twice-In-The-Conard-Win-375x195.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0fcbc539ab32251ef05a79c7752fabd0a1cf4e9cbe54acc3dd777d465b234b2

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4bab04dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740ef600004dd05d34d000000001
response: 200
last-modified: Sat, 20 Mar 2021 22:53:44 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"35c6-5bdffb46729f3-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eXmq5KZoKm8VxW2Wf9c6mr3%2BgG3QamfmUPI2ZakAXWnFW%2F4DNPAHhYIv%2F4ohIWfiN6fW47NrCqB0wPBlRdJQIYQaQoWqZdFI6%2B6B31%2BtCMyX6DI%2FQ6s39ZQSGS0%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 whps-office-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2018/02/ 15 KB
16 KB 497ms
495ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2018/02/whps-office-375x195.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15c9a085b8aa474acc67cd9a831b1ec10c5f29a95b071acde47718076b5a92f0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4bab24dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740ef600004dd0960e9000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"3dd7-5a929f0545446-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VaIm8Gibz9QNO2yIXhrYTe3PqoUAs379%2FVH9460BmA784cz0begwus%2BvlHpXb06GumdRByxnzxvOaTEbzsuMMn5mzwo6w5CNRhXljhAR0BPeXxDI7GSqTGLBdFA%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 whps-office-810x569.jpg
cdn-0.we-ha.com/wp-content/uploads/2018/02/ 79 KB
80 KB 594ms
594ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2018/02/whps-office-810x569.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dec31225bd09f22ce1c3c57e39c0c3da1d248d63881133f96bb36d5ef394be35

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4caba4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740efd00004dd07524d000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"13dab-5a929f0483e9b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Jr1uSIxUXin7Tm0jxYp0ANYCP2Yzu2oSrM7txBpg1nOIheplFoTHe7R3plw21DuOXsIo%2BhpSQaKly6pQaqGiCNsYdE9XN1BNVfvq5u2uQ90UxQJ9SkYGM4Qk7Qs%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 town-hall-may-2018-810x489.jpg
cdn-0.we-ha.com/wp-content/uploads/2018/06/ 74 KB
75 KB 669ms
668ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2018/06/town-hall-may-2018-810x489.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3011478c8ca531be7eeeb1b7c245f888bf0535ba052352fb19d2ce3d2f4918ba

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4cabc4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740efd00004dd0ac267000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"12968-5addd6a91c55f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c03VWNjZO3NqHYTSf8azZJyJOfLphnm%2FTOkbFVRdUywbAXf4lUqGyxMcIHBO2oddlzfwZ4mYYIBto63fmDE9zUpKhjE%2BmhkZLAHxgwSNX1xGYcadQC2TXblEero%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 nedlamontscreens.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 68 KB
68 KB 699ms
699ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/nedlamontscreens.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d27f134183c89d8d55a489ee12045085583e70426ce7b6730da3fe8a7c6d471

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4cac04dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0100004dd08e962000000001
response: 200
last-modified: Fri, 19 Mar 2021 21:36:11 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"10ee9-5bdea813e6e20-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dH6UX6JFFDZp6kFjykMN4bEgWOAxR9TcOrEhwgJaqRn0IusLoCdK4nYapjFZQlKFtTbqnNt6sTfU8RcX80bHUAfwry8J0hD%2BdtFt0UVMkXX8rreFrWVPpGJpYA0%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 IMG_0084-2-810x585.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 108 KB
108 KB 1110ms
1109ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/IMG_0084-2-810x585.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481efc85af3c96ec2be4887b67e42b44be89ab3ad0d546de1a5114cf51608d65

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4cac14dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740efe00004dd09ea28000000001
response: 200
last-modified: Thu, 18 Mar 2021 16:39:46 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"1af24-5bdd23f545437-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=45hT9reKEQ47jRklFirFl5ilmgV5TlOIw%2BJekj6x6tzGMCHEFDRG9psFCVwxx7b8vn5Lx88OngFMMeLwpaOHYjFCQD6NAzSAf9i8r21ITWZWtlPkqqyz9K1QL3M%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 union-kitchen-outdoor-march-2021-810x630.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 117 KB
118 KB 697ms
696ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/union-kitchen-outdoor-march-2021-810x630.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27be86b9c8a5b510f0371a493dbf8cfc21a20627f74b9fb6fe9e3a02f7cdaaf4

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4cac34dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740efe00004dd0449e7000000001
response: 200
last-modified: Sun, 14 Mar 2021 17:11:18 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"1d5af-5bd8238bb1b8e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6Xs5e6UAbgNz2RBNCIRRtmCKV7xzTxiFbU3SZHyQmNA9pflxAvIJ9ybo%2BwaLZbdxhqugiy9a3RTA1sosXu2sJbGenJMrpL1LnxAjlRDWKeauSX7PdWSHjsbQpxs%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 IMG_3798-375x195.jpeg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 11 KB
12 KB 507ms
506ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/IMG_3798-375x195.jpeg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c1caec53575a82731b2e26274402b90de80fe1caa7af469eed4182c0a4890e4

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4cac54dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740efe00004dd0a185f000000001
response: 200
last-modified: Sat, 13 Mar 2021 18:10:44 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"2df1-5bd6eef7190e3-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7EcNfEWFgwnooeK4D4MAt2mzNry4EBx95clF13aEFOTBNU73qcc5uVJCS%2Fp1hPTfAZ3zglx2a8zNdAJ3FQ%2BcEXBm0U3oH0gR9Fk6eJixBoeCByyicU7RKlrD9og%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 IMG_4372-375x195.jpeg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 12 KB
13 KB 566ms
565ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/IMG_4372-375x195.jpeg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d18afc24b05b6675227d97a5979cb1d6841a7e7512d7bac6057e09aa9c8f4a3

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4cac64dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740eff00004dd0803fa000000001
response: 200
last-modified: Sat, 20 Mar 2021 20:45:45 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"31f7-5bdfdeaafbd6b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aUaZYfHnN7FrdbZXzoER1HnI20mb2cdA6%2BhT0QKswSeQdKcV30lQHUBF0H4jyKg571E0KVlCGbzqiVmr0tHwSGWlY1aycyJ7P1eII%2FDD%2Bp3lfOXN6QXVZcOGSHg%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 banner-town-green-april-2020-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 18 KB
19 KB 539ms
538ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/banner-town-green-april-2020-375x195.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e044fbf2d7768be035844d400b046ecf7ca37be9ac86428fec6229d4c37b5f5

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4cac74dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740eff00004dd099b41000000001
response: 200
last-modified: Wed, 17 Mar 2021 22:38:53 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"497d-5bdc325c4a19c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Fbd20mtxATnY0366wKxm8g5ipwh0gH%2BYN3ShhTgeAU81p5Q9sUCkTl9MN06Pmbqih8ymV9d52uZkHaksaCe9AsqgRuiXJnoC2Ym0M1Pa%2FNJxSw7tl94Rm7%2FVaJM%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 20210312_123137-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 21 KB
21 KB 630ms
629ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/20210312_123137-375x195.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2f51e105db359afc79b03e131d2c7834d591f67b5793c702aeaa2858528219b

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4cac84dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740eff00004dd0731dd000000001
response: 200
last-modified: Sat, 13 Mar 2021 18:20:37 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"531c-5bd6f12c75430-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w7YP8W%2BGeiaGp9c0Ts7yQWFT2dUzf5Oc58%2FA64LrGHqpSE4VBR1v5bT8og5VIiT5c2ZhI9cuG4ddWFUBEXDnXfiCVimw3cQez3uhcH8ttyolrIznTe%2BLcqa8hiY%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 future-weha-brewing-and-roasting-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 15 KB
16 KB 595ms
594ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/future-weha-brewing-and-roasting-375x195.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d5e88760f14ee046869157c45095f1673b3f66e8e971260cf357d45640cb4c

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4cac94dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0000004dd03e2af000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"3d81-5bcf8a025ed65-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QVJH2i0LuvkerGM4Q7i3jMpaE7R%2F1kzz5vlZKkuKsL8k21AI7nJo6hHPO9lunZEAf1K7m1EWcxQMwLpc1Ltqwk5g1LvQSaliKx42tc1ofN2G9iEV6xlN9bj6QM8%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 IMG_0920-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 17 KB
18 KB 530ms
529ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/IMG_0920-375x195.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3540d68ec93454b1e7771b7403ef13cf9fdb58ac7e2ebbe21d4d49b4a486d27d

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4caca4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0000004dd09c378000000001
response: 200
last-modified: Mon, 15 Mar 2021 22:53:51 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"4410-5bd9b1fa04ed0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S2GYxGNkRpvWVsiCG%2BX1tDQXW2%2BTTk1GMRbOjDlZXkAFdB2XMdQgNA7lhEeU85YOuiSeyOqB1m07D0kApd7WiEvcDYdZXL5eA063xxA5ukPsdKXXoPbTl4fMcWM%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 future-JAR-and-bar-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 19 KB
19 KB 563ms
562ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/future-JAR-and-bar-375x195.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 574c9ae7dc577b34a4ab0739d2f7d0c7c1d1fd1ed492ab36135c933cd5266ccd

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4cacb4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0100004dd082986000000001
response: 200
last-modified: Sun, 14 Mar 2021 17:12:07 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"4b3f-5bd823b9e78fa-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X1%2Bu5KdW9%2B6K8oi3m9b%2BE4EX6Yzts7MmBntRwVNVFpKICw%2BeVJLadOuB9AePgbCl7P4oOB6A6u4XXR%2FZL8pRP85KG41NUQ2I2g6jOgLRlv%2F9eckGGdpHpCc7zKw%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 town-hall-may-2018-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2018/06/ 17 KB
18 KB 592ms
591ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2018/06/town-hall-may-2018-375x195.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bd6819b1c555f23ea16b4f55f88830137abe2c81b4836032f8d4b74cd29568a

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4cacc4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0100004dd065aa2000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"459d-5addd6a9b4a25-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KzuRRJPW4lEHIbrsJtuwDdp9AzJ5mNfYeUgPKY4kVOd74FG84FcR6pozwrt5GXAp%2BwwdgZ%2BaDu2bEGjWxXKCUjRz1JkF8xhIbfk1X9izsNHnMZJrvPZ7ohHbyDQ%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 nedlamontscreens-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 16 KB
17 KB 581ms
580ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/nedlamontscreens-375x195.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ddb0c2a7ca5d75e5dd1652b5010d55a7d6b40516612fd143b2f4c8cf617fd9e

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4cacd4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0100004dd05fa78000000001
response: 200
last-modified: Fri, 19 Mar 2021 21:36:10 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"4175-5bdea81280841-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6DeGi2kHDcKFcLkYQGbPCZH2N2wZOZBk0bY3CITY%2BbZ3af%2BaYjcKLrvd1daTHvkKPCFGoni8%2F%2B6Z8U%2FyE119qIvWElnqcZmHYXG7r2wtTjHwLzud8THJQdMqRNg%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 IMG_0084-2-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 21 KB
21 KB 543ms
542ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/IMG_0084-2-375x195.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e184d0a8fb2b43dedc26481af679e1c202865d062bc0a1fa38ddef42233458d3

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4cace4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0200004dd051248000000001
response: 200
last-modified: Thu, 18 Mar 2021 16:39:48 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"5386-5bdd23f6ac9b7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V1afojI6R%2FvZkliqNBHtux5Ucduv455E66m3wNlPnsVgHWjaD%2FyNoVonp0iFKtnk8iL7eS6qTgIShuSKzdm9tjMzxHdp9Pt68SIFn1qOehn%2BwhOEnXIAWMJb8HU%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 DSC03992-375x195.jpeg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 19 KB
19 KB 496ms
494ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/DSC03992-375x195.jpeg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a5fdf9f420acddfc2488e75a45df2a6249f46f2c066abfc9d52ddc21c1ba13c

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4dacf4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0200004dd098813000000001
response: 200
last-modified: Wed, 17 Mar 2021 01:33:15 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"4c27-5bdb1778568bb-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Nnj455xyMP2p0IrPb4z1byHNEtrJ5O0kzdKGCKHZqzqnOouRua0FR2d%2FzrY6nsTK654BvyKIYTdvNZPoKzBFUQwzq7pMYCqrGY9E8dZxxatPfrCPfToe0AcyqvM%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 Hall-Southington-Goalie-Noah-Behrens-Gould-Squeezes-His-Pads-To-Cover-A-Loose-Puck-In-Overtime-Against-SGWL-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 16 KB
17 KB 545ms
544ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/Hall-Southington-Goalie-Noah-Behrens-Gould-Squeezes-His-Pads-To-Cover-A-Loose-Puck-In-Overtime-Against-SGWL-375x195.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5d2e8e0b1dd76543d0c937cf231ef52f32200edb0e2f743b1b5d63e7f9774e4

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4dad04dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0200004dd088304000000001
response: 200
last-modified: Tue, 16 Mar 2021 15:54:40 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"4191-5bda9625654ee-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YjXD11okZJSDe5HcxJ3Id%2BhOAGsLQVpELaXvtjNxORFF6JaV5TBnn7yJjuudmxTeK74k8oQbE24Olh9Cvfr5jHK08wESdHTmh0rNST6cArR3m34UGDRFjA3gbu4%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 Camp-KO-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 19 KB
19 KB 594ms
592ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/Camp-KO-375x195.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 454f996fe98125d2604ea07ba8eca9321bacc5ded39694815304b053c66877ed

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4dad24dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0300004dd04c051000000001
response: 200
last-modified: Wed, 17 Mar 2021 20:16:03 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"4b81-5bdc126fa1e6b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ByS5ugTafxGslPi3332rD2IYMNxi18o%2Bz8Hm61oswd9gvkcKVT680SYn5Gy%2FWfw%2BxBoiP729qq7oQKBu2i%2BAfBqN56vRnsU9vLKgMFoubsAg3dfYKSVMBBpybN8%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 seal-n-shred-with-shred-bale-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 15 KB
15 KB 605ms
603ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/seal-n-shred-with-shred-bale-375x195.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb14ce21715a2bed8889e3ab23d29a2c30807ea0fe2d6048923d7f187f52f70d

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4dad54dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0300004dd0490ff000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"3a72-5bca8489483ed-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KT%2B5zFTp44fgLNM7jAqqy6IkZFNNgtc%2BQURa%2F3PzAhWCrOyPvCGY22mvz9wf%2FhphTfEot8e55FJ8slFrGs8TuwNX4zPV%2FE3r32oHwSgpDHlYmz4J%2FuE7OIyWPrY%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 Rich-Crowe-now-375x195.png
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 21 KB
22 KB 590ms
587ms Image
image/png 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/Rich-Crowe-now-375x195.png
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa1e37fb42ef10a968dced86d8b7dc5810de3a29ac7257f5b190dc6869028a14

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4dad74dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0400004dd091065000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"5553-5bd25950fe84e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H8zSTr8B%2B7VDU1Lk37lpbTm8iFPJgxgb5h8WE2W6QKYgya7k1jtKZJS5jDA7sea%2B2cKROuqW%2BHT3nv42SWX1vpRYUq4wJqWTWO9rwta65YCVjKpzbeWcozxcwdU%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/png
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 Screen-Shot-2020-12-03-at-11.45.41-PM-375x195.png
cdn-0.we-ha.com/wp-content/uploads/2020/12/ 46 KB
46 KB 600ms
597ms Image
image/png 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2020/12/Screen-Shot-2020-12-03-at-11.45.41-PM-375x195.png
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 894b32d01ee8d93ee4bd93658f1bc70bf746fe5155ca8025db65637ab7aaf95e

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4dada4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0400004dd03c222000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"b62e-5b59c2972804e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HvVmBxSJi7VvNpgJWs7p2PqdwqSvcS0k1SW8925Z7SMo%2BLFxhtE4BpMIcYCQc99l4RmsI44HZDY8t1FMlFyFE9d9ml2Yv60xIQS3XK3bXElKqFicqbQSBgL2w2c%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/png
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 For-Rent3-e1585873727938-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2020/04/ 21 KB
21 KB 628ms
623ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2020/04/For-Rent3-e1585873727938-375x195.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a266cc8fc0125e22c618b0d8a3e71faafdefc173c083684920e1bfa45ac72c8c

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4dadd4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0500004dd0ab21c000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"5425-5a2d1ab2d9678-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I5uaB53SqVQ12lNZaDPdgpYBfkjwLoOj8OW4VlQBM3bwIkIIzJ%2FT1yK4Hlz%2BT0HLgX2lidPYxhSRpVTwybMJBdAcBpdeFjgX6vIN9KoT0o9kG%2FyzdBoKs2v2QBo%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 Rendering-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2020/05/ 20 KB
20 KB 578ms
574ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2020/05/Rendering-375x195.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3891eb15ebd94a344d4a8810cd3df21a6e8fbe6aafb8f4b338aecde0a4181d6c

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4dade4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0600004dd0960ea000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"4f27-5a4d89cb87542-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y1LycZAn7xofsuxJBWokPC7LR0gpsqmZNQsf2kA7ji8W5a5KttcaWcqCDjHP43RVqAyZ8QN%2FFx2y8tNx7ctbeWK%2BtucC1VzdfMVpuDhKbfi8YoQfRHxlrBtP95s%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 IMG_8619-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2020/09/ 21 KB
21 KB 578ms
574ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2020/09/IMG_8619-375x195.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47594379f240db363bf29a7f18c2080111791cd642c78d9fcb1bcad072a005a2

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4dadf4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0600004dd0931aa000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"52c8-5b067c0c7ca36-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bZmfQajiMj8dpIEKht9rcNnlVGJPsR0aihkYNOHgopjBQsaStrDma7BwKXphRyzwACHNw9CizZis5ZuBsVMrhZwxDQhQgPPwEmU0I5j6u5IryS8uSmQ3wmPFeWs%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 childrens-museum-conny-KO-campus-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/01/ 15 KB
15 KB 623ms
618ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/01/childrens-museum-conny-KO-campus-375x195.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c33bcb6e3eeca62ec378dca9900029288e7c9ff35fb5014229161b7068e44ed

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4dae24dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0700004dd08b980000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"3c06-5b82d1cca0d58-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kUR%2FAQEWD%2Fqh%2F2lDWl3lIH1WJ3Pjsv06wLI8WZueF3qegk21KUqL3Kvhiae%2B%2BS8qy2xxx3vSxCSOSQ6EwCLWy8I4lXPKaBaIbzcL2kcyunq94LBa2ZWwWqjzlUU%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 HouseHunters-yellow-375x195.jpg
cdn-0.we-ha.com/wp-content/uploads/2020/12/ 8 KB
8 KB 534ms
529ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2020/12/HouseHunters-yellow-375x195.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b620ea28a59387c296b8a61bea55141395efa9e6325a389e444f66200cfcb9

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4dae34dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0700004dd0b307d000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"1fe2-5b684e621b48d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0%2BQeS8nk3mjx5geYq1dzebPhmCQG%2BJ5bT1dX8FXu2dVIcpUzVs4EBtHyTZ2xG3Hx9OZRNQInd05hlW4ZvIcRF0YmsreGoOualw0STMzhdj1msyf0XYf52Gjquys%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 nedlamontscreens-145x100.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 5 KB
6 KB 405ms
400ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/nedlamontscreens-145x100.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14ba77daf12a912785c29be79d91177e89c98c88a2a505236b490e7a7ac5b4a1

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:19 GMT
cf-ray: 633422c4dae54dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0700004dd06f9da000000001
response: 200
last-modified: Fri, 19 Mar 2021 21:36:10 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"1402-5bdea812ae691-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WC7S%2F8tzq8zKXN87ovx03Fueb2NJNM%2Fz3NlG2ezkV2tUGudsx1qeTWkMvJOQMd%2BVdx6sbKCmwjkXWpp1WCbMNUKK00J4lIXwIRTsts5AB%2FRSC8F%2BnS88yoevA%2Bs%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 IMG_0084-2-145x100.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 4 KB
5 KB 398ms
393ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/IMG_0084-2-145x100.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c90963212e9d1b3ffa5adc953922127de245adb798725e27d1cf86bed4fa8045

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:19 GMT
cf-ray: 633422c4dae64dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0800004dd07524e000000001
response: 200
last-modified: Thu, 18 Mar 2021 16:39:48 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"11d8-5bdd23f6de685-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TPuX8bKCFEmRb43AE8ncM2iMx497eliF5MGYX9jd726Pl3fUXUpEyNo8oSTq9OoWD2IBEYqDXDm90ZcLdSmHxdFmnesRz82nOuz%2FA4xVAXBuJVKegPg4I4jDeck%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 union-kitchen-outdoor-march-2021-145x100.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 5 KB
5 KB 390ms
386ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/union-kitchen-outdoor-march-2021-145x100.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 566612f2147e70df8950d58c81e097350128d6d830761e536bbc542158b7c5c3

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:19 GMT
cf-ray: 633422c4dae74dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0800004dd0ac268000000001
response: 200
last-modified: Sun, 14 Mar 2021 17:11:19 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"1438-5bd8238c9c12b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TUuomIMyjIaOGgAd9d0M1hNFmtKjqF192jIvq4nUWIGrlmNiLYC7%2FRzKt35nAF%2BAZspla6M5faubKP9fmmUgtJTj55OdK5xbDtV4iPnqsB6aRbZxw3X4QN1Dtos%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 whps-office-145x100.jpg
cdn-0.we-ha.com/wp-content/uploads/2018/02/ 4 KB
5 KB 516ms
511ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2018/02/whps-office-145x100.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2542e20dbe75f1cdf23e212b8d25ce6107e1f604b50aaf71d46494d47ef431a9

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4daea4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0900004dd08e963000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"1057-5a929f0559c64-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Fvyhg9D8D84oo2Iehkjj62A0A%2FztGItqX4ab7G7Sr%2BJLbW%2F4DadeMOAa3Cc6HHwyBMSMLYr2WBti%2Fvg9otYZkxGBzv%2FEzTWfl0kgtcBBJ5LJpInAXwFEHa%2FjiH8%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 town-hall-may-2018-145x100.jpg
cdn-0.we-ha.com/wp-content/uploads/2018/06/ 4 KB
4 KB 499ms
494ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2018/06/town-hall-may-2018-145x100.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c7bc301741da4b8f19010ab70ae35e24e20a6ea5368c4d01dc947f99d7b9cb0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4daeb4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0900004dd04f16c000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"10ac-5addd6a9cc108-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DjquWISHeQDtFRflBQAPvS2KF3v5IOtJYKE9tSn4gLXZcXxJdOgdvLQmbM9lOhSEvIyaWt69IeNp5Y4kmAiFEzLuUSUH0vv4qTbjTKsk8wQVR8L93WGK9FGMA2M%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 Conard-Senior-Captain-Owen-McGoldrick-Moves-Past-SGWLs-Keegan-Newcomb.-McGoldrick-Scored-Twice-In-The-Conard-Win-145x100.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 4 KB
4 KB 404ms
399ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/Conard-Senior-Captain-Owen-McGoldrick-Moves-Past-SGWLs-Keegan-Newcomb.-McGoldrick-Scored-Twice-In-The-Conard-Win-145x100.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9481eb0fe4b9c27c47a6672bd2624eb28b0e585ac8ab21e46f98b90311fc9ba

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:19 GMT
cf-ray: 633422c4daec4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0900004dd0449e8000000001
response: 200
last-modified: Sat, 20 Mar 2021 22:53:44 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"f4f-5bdffb468df69-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=whFTRbarExwEX79lgJ9prIqNv4Z%2BJxwRHY1f8gjZfoH74OZGISFDtfMKBhF73PZRZS%2Fx2y9Z5ujXUM71Je0vqAtMOeVSMstm9W%2F1Rrwj4zOwHaXFLhOz2nd8njI%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 DSC04142-145x100.jpeg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 5 KB
5 KB 404ms
400ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/DSC04142-145x100.jpeg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 465ac1100c04c309855b9bdefb4b1b774976c78bbf76983d42fc933b5a8133fc

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:19 GMT
cf-ray: 633422c4daed4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0a00004dd0b1ae1000000001
response: 200
last-modified: Sat, 20 Mar 2021 02:17:49 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"12b7-5bdee706d5d40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1g3oyr9b5pPq19aw8W%2FDS%2Fu%2FV1JCHIdU8xOIZ5QmCi17TtQOKZ0enrNW9q3Ff%2FkWiwu%2BJAHr1ylWqnVa2KdqNSOebNjn0rzC6DGlmVfSVrejr3upkB9uYC88Tuo%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 deidre_gifford_1200_vaccine_20210319-145x100.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 4 KB
4 KB 421ms
416ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/deidre_gifford_1200_vaccine_20210319-145x100.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a55882f7f75e83e795982bfb16037a39b04e6502460f89ddd67cc6f9b133ba7

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:19 GMT
cf-ray: 633422c4daef4dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0a00004dd0a1861000000001
response: 200
last-modified: Fri, 19 Mar 2021 21:16:44 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"f4c-5bdea3baf4806-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UP%2FY90tiGSSyaY9TBwyxeazjXFy0QtMwhmsWs4W0LWMRbxaGEq4t8BYXBTWardzFfWKUiweEYl65MKbc%2FrLVEt7nD8K6Rqcl2tmugwpFQKBs3dSR7LTsq2pOtvM%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 michael-byrne-145x100.jpg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 3 KB
4 KB 386ms
382ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/michael-byrne-145x100.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6fb5b0c5544db02230defe74154065963f988bd056c35fdaa88ca647e9f2f2d

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:19 GMT
cf-ray: 633422c4daf04dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0a00004dd099b42000000001
response: 200
last-modified: Fri, 19 Mar 2021 19:45:30 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"cbc-5bde8f5653262-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jjy3Fi%2FMjMG%2BSRpIIxw08ef%2BbC05ym22ZbWXIeBhDng%2FYAIAAQASvehyLRkFeJ78l7NP93UEZmJ1Yv4j7HRZ4E3aGmU7JarF6INk0JPldPC30KyxS%2Fx83d%2BpXHQ%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 IMG_4372-145x100.jpeg
cdn-0.we-ha.com/wp-content/uploads/2021/03/ 4 KB
4 KB 492ms
489ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2021/03/IMG_4372-145x100.jpeg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b1255ab7ddc2567276a015ff806a0353acb9a36772692643e6ffc18479eca01

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4daf14dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0a00004dd0731de000000001
response: 200
last-modified: Sat, 20 Mar 2021 20:45:45 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"f8d-5bdfdeab153a2-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2C9hHKDM8s%2ByyVi16q6mk4HkkRUWtKXZQhMn87G1G2uPyPSvJe0Eqlrxl%2FuRnuOD%2FGws%2B5nKZ18D9u7HH25LvTz1yNJIIb2ZQhEBY6sieT%2FETyasqcJc%2FIKnXxA%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 IMG_8011-145x100.jpg
cdn-0.we-ha.com/wp-content/uploads/2020/03/ 5 KB
6 KB 396ms
392ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2020/03/IMG_8011-145x100.jpg
Requested by: Host: cdn-0.we-ha.com
URL: https://cdn-0.we-ha.com/wp-content/themes/weha/js/min.js?ver=2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b2e3c033185bdc684f34ad004b66226f5575a394bc56373104bd12191e43ce3

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:19 GMT
cf-ray: 633422c4daf24dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0a00004dd03e2b0000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"14cf-5a12492e2d5c9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p%2FaHmFx9JdC9Lkz56YcdIKWvVI%2B%2B%2B9PTK6cFkT8w6E8rmphE%2F9yP5ORjBj2jOHPj7TT6eGQ%2Bt2ean0y4iq%2FgmeAJRzMhhI3uLA%2BKmS6s7rC5qc6FDxxyZlKoeZQ%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 west-hartford-sign.jpg
cdn-0.we-ha.com/wp-content/uploads/2014/10/ 70 KB
70 KB 658ms
654ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2014/10/west-hartford-sign.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e357de84da2a22b78136ecf0e22dddf877831b36f7a4ac80e3c050115dff5077

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:36:25 GMT
cf-ray: 633422c4daf34dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0b00004dd049101000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"116e6-5a90489743275-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7kjerKnh1I%2B4StKxcp6EsWR4T%2BICAQR6xzsomGzEzY2WPdoJCG%2BLzUlYVqzOM2LpPtaHfwq1pa1%2FCHuuISEtvhoUDqrrFst%2BsT0PERDnCLXiSV7cd9mZP%2F6lFgY%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: MISS
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 town-meeting-on-weiming-crowd.jpg
cdn-0.we-ha.com/wp-content/uploads/2016/05/ 175 KB
176 KB 667ms
664ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2016/05/town-meeting-on-weiming-crowd.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b05ad85ddb81b69abb598425343899477a2f77da44f29b2ceff27b35ffa5f63c

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:19 GMT
cf-ray: 633422c4daf44dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0c00004dd09c37a000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"2bce1-5a918678ff668-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G2%2B6H89OPPjuCgH3rctUG3ZC9Joy4bUyLeVA2ivBlzRrlF%2BVbN6ISUU2NvSFYdrHLgsAMXNiiFbdVZzLw7o8mTOgSEi97lTJLUKENd%2FF6%2BjAp3zySCP5x2uCRks%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 west-hartford-town-hall-fall-2016.jpg
cdn-0.we-ha.com/wp-content/uploads/2016/10/ 196 KB
197 KB 681ms
679ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2016/10/west-hartford-town-hall-fall-2016.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a87a9ff38ca962bd333b2526f9b07ac660fea96cea412bedac7b973f15d7d7d2

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:19 GMT
cf-ray: 633422c4daf54dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0d00004dd0a1862000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"31070-5a9259d001309-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XzgSzdojyUNv8m9KIjzAWecRk7lDu04n465c5mnne%2B6gi094z8%2FadQ8HmCgYZQsQizGFaYg9WiTSLehfKOPpphPibfeJvarsOvDsjnIhcXSwRNKqH1KDKTSgdao%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 Jeffny-Pally.jpg
cdn-0.we-ha.com/wp-content/uploads/2016/10/ 43 KB
43 KB 610ms
607ms Image
image/jpeg 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-0.we-ha.com/wp-content/uploads/2016/10/Jeffny-Pally.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c51faf2c17aaed003e3e307cfaa9e3a681e723f56e701e56247517df029f102e

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
age: Sun, 21 Mar 2021 03:00:19 GMT
cf-ray: 633422c4daf74dd0-FRA
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f4740f0d00004dd0683af000000001
response: 200
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
cache-control: max-age=2592000
etag: W/"aa32-5a925807794ab-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hGvHnc1uWcQBYSbPiGRzhEA3yoANEPT00RqprM9lhLc9wB%2BTje751XosaGYeBwHrqKLw2v8G0c73b9y8RUD%2Br0yIvpLooXcn0g89SRY0VsZENSFYUNGLhI6xUL0%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: HIT
x-hosted-by: DreamPress
content-type: image/jpeg
display: staticcontent_sol, staticcontent_sol
expires: Tue, 20 Apr 2021 03:36:25 GMT

GET
H2 200 greenoaks.gif Show response
we-ha.com/detroitchicago/ 0
369 B 19ms
19ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJkb21haW5faWQiOiI2NDczNCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImRhdGEiOlt7Im5hbWUiOiJkZXZpY2Vfd2lkdGgiLCJ2YWwiOiIxNjAwIn0seyJuYW1lIjoiZGV2aWNlX2hlaWdodCIsInZhbCI6IjEyMDAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJkb21haW5faWQiOiI2NDczNCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTAzLTIxIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiNCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIwIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImRvbWFpbl9pZCI6IjY0NzM0IiwidF9lcG9jaCI6MTYxNjI5Nzc4MSwiZGF0YSI6W3sibmFtZSI6Imxhbmd1YWdlX3RhZyIsInZhbCI6ImVuLVVTIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOTc5OWM5OGMtMGY3NS00YTgyLTcwMTEtMmExYWQ5MzNhZjJhIiwiZG9tYWluX2lkIjoiNjQ3MzQiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX1d
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BinWZsxp1P6DZRRSal8ZjEkrVYlCGamBEuRQRCmp4QskWSO25bI%2FBDIpfC30fVKiVanSkIMyZpqlDIIjcyKiRnrzsA8Zz%2ByIwqoBdfIhLZG3JMtQcHM%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422c4eb044dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f4740f1500004dd03c223000000001
expires: Sat, 20 Mar 2021 03:36:24 UTC

GET
H2 200 pixel;r=102846758;rf=0;a=p-6sFC0grc4fcpV;url=https%3A%2F%2Fwe-ha.com%2F;uht=2;fpan=1;fpa=P0-1558335510-1616297785114;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=we-ha.com;je=0;sr=1...
pixel.quantserve.com/ 35 B
372 B 9ms
7ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=102846758;rf=0;a=p-6sFC0grc4fcpV;url=https%3A%2F%2Fwe-ha.com%2F;uht=2;fpan=1;fpa=P0-1558335510-1616297785114;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=we-ha.com;je=0;sr=1600x1200x24;dst=1;et=1616297785114;tzo=-60;ogl=locale.en_US%2Ctype.website%2Ctitle.We-Ha%20%7C%20West%20Hartford%20News%20%7C%20West%20Hartford%252C%20CT%2Cdescription.We-Ha%252Ecom%20is%20a%20hyperlocal%20online%20site%20providing%20West%20Hartford%20news%252C%20people%20can%20f%2Curl.https%3A%2F%2Fwe-ha%252Ecom%2F%2Csite_name.We-Ha%20%7C%20West%20Hartford%20News

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:25 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK 63769.js Show response
ad.broadstreetads.com/zdisplay/ 13 KB
5 KB 222ms
222ms Script
application/javascript 23.21.72.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.broadstreetads.com/zdisplay/63769.js?b=&kw=not_home_page%2Cnot_landing_page%2Cis_article_page%2Chome-2%2Cpage%2Cnot_home_page%2Cnot_landing_page%2Cis_article_page%2Chome-2%2Cpage&skw=true&ts=1616297784251&target=street-h9340rw95s
Requested by: Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.72.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-72-59.compute-1.amazonaws.com
Software: /
Resource Hash: a9051623a6e96b71a5b719f5d794885df5ea9e38397d158d0228950204ba2a7a

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:25 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 4650
x-hostname: ip-10-156-71-77
content-type: application/javascript

GET
H3-Q050 200 container.html Show response
3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8F5C 6 KB
3 KB 34ms
20ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://we-ha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://we-ha.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 21 Mar 2021 03:36:24 GMT
expires: Mon, 21 Mar 2022 03:36:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 greenoaks.gif Show response
we-ha.com/detroitchicago/ 0
259 B 13ms
13ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJkb21haW5faWQiOiI2NDczNCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiMTYyNiJ9XX1d
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GN2a7hOwD9mwdKyUZDJfJzyupPCeLoQFGWIruU3DtXf0c0bRN85TlxIKEfltcUBXTe1XBXpilmY%2BcNodVxjOEdpFPillXy2gW5T3U%2FUhQnn7GoqVNEs%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422c54b5b4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f4740f4c00004dd04c054000000001
expires: Sat, 20 Mar 2021 03:36:24 UTC

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Sun, 21 Mar 2021 03:36:25 GMT

GET
H2 200 greenoaks.gif Show response
we-ha.com/detroitchicago/ 0
473 B 14ms
12ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJkb21haW5faWQiOiI2NDczNCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9sb2FkIiwidmFsIjoiMTYzNSJ9XX1d
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kAB6raD%2FFnqW0FyNN0zIib39j2tlhBL1J0XLcARd2ZDiENOk%2BGNyJ1gpRpD1kVSeGIcGkQVFF10Qfe%2FAoPu94OM%2BATkd4HpAOKK9yrdLpKpWhTSkUG0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422c55b6c4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f4740f5500004dd08b984000000001
expires: Sat, 20 Mar 2021 03:36:24 UTC

GET
H2 200 army.gif Show response
we-ha.com/porpoiseant/ 0
280 B 15ms
14ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5NDgzNSIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE4OTQ4MzUiLCJkb21haW5faWQiOiI2NDczNCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlX2hhX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYxNjI5Nzc4MSwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiOTc5OWM5OGMtMGY3NS00YTgyLTcwMTEtMmExYWQ5MzNhZjJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4NSwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjYwNDc0MjExZGFmMWRmZDRkOTAwMDBlYTAxZjU2YzMwIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODk0ODM1IiwiZG9tYWluX2lkIjoiNjQ3MzQiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZV9oYV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTYyOTc3ODEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDAwMiwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDAwMiwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODUsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODk0ODM1IiwiZG9tYWluX2lkIjoiNjQ3MzQiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZV9oYV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODUsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDAzNDU4NSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5NDgzNSIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PbJorNrP7ffiSchHGAV37SzLFJaB69ak8oC4tdPgwVRk0EPd526tA79Mt7cWPltM6bQ7E6gjImlQMNnnakbrPWAErZB%2Bv02mmmF3GwBTqGOzYyo%2Bn0U%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422c55b724dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f4740f5800004dd0b5934000000001
expires: Sat, 20 Mar 2021 03:36:25 UTC

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
93 B 183ms
60ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: we-ha.com
URL: https://we-ha.com/porpoiseant/banger.js?cb=194-4&bv=13&v=46&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 21 Mar 2021 03:36:25 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif Show response
we-ha.com/porpoiseant/ 0
257 B 25ms
23ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5NDgzNSIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wMy0yMSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMCJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItNjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QTo0RFi6fwpEElhf2xuIKDlWpN20q3F9aMrN9mz6MmHpy5G8R5S1u1wPMyagZvA%2BNYJtK8VoZVOGPuohXwdFlkk2H7pFE0Fsb1LxxBfCAwsfEqllMWA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422c55b754dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f4740f5900004dd07eb37000000001
expires: Sat, 20 Mar 2021 03:36:25 UTC

GET
H2 200 army.gif Show response
we-ha.com/porpoiseant/ 0
258 B 13ms
13ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5NDgzNSIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJhdWN0aW9uX2Vwb2NoIjoxNjE2Mjk3Nzg1LCJhZF9wb3NpdGlvbiI6MTEyNiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImJpZF9mbG9vcl9pbml0aWFsIjowLCJiaWRfZmxvb3JfcHJldiI6bnVsbCwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MzM2LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Nfx6lC7cOqspPrIHGV%2F%2F6k7DL6hFBXLdMqld1XmC2QS5OYkUKOisjoAiXYaj3BjMFMVtBUb6eJ7cQDAiVwUjuqmyZgMbsfruy91o8mTfsoBQ1QuegRk%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422c55b774dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f4740f5a00004dd0a3939000000001
expires: Sat, 20 Mar 2021 03:36:24 UTC

GET
H2 200 external_banner_main-91789145c436b5ef0707b5a2dde7e53439b7cef9b24747461237bbd954a31d20.css
d867x8xq12ag.cloudfront.net/v1.5.0-861-g2f4d6993/assets/ Frame 7EB0 3 KB
1 KB 42ms
6ms Stylesheet
text/css 2600:9000:2156:e00:1b:11ff:f600:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d867x8xq12ag.cloudfront.net/v1.5.0-861-g2f4d6993/assets/external_banner_main-91789145c436b5ef0707b5a2dde7e53439b7cef9b24747461237bbd954a31d20.css
Requested by: Host: dashboard.presspatron.com
URL: https://dashboard.presspatron.com/websites/154?origin=https%3A%2F%2Fwe-ha.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e00:1b:11ff:f600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4f021b1b3b4788c0ac52e9abc90b46549fa7a3092fc33805ea85e7fa20ce606

Request headers

Referer: https://dashboard.presspatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 17 Feb 2021 02:20:30 GMT
server: AmazonS3
age: 27422
etag: W/"e1567222f42a0b24e37852184826f982"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: max-age=31556952
date: Sat, 20 Mar 2021 19:59:24 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: t5TIPx2fyJtbsv3m5QoyiaJcN3I9S-E0YXYHqpm84DFqn-RHj6GFMA==

GET
H2 200 frames_app-2b4a889c3981231b11b24b6f5ef51e0c491543b56a9a1b799b5adfbe7b2e6a79.js Show response
d867x8xq12ag.cloudfront.net/v1.5.0-861-g2f4d6993/assets/ Frame 7EB0 228 KB
81 KB 42ms
7ms Script
application/javascript 2600:9000:2156:e00:1b:11ff:f600:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d867x8xq12ag.cloudfront.net/v1.5.0-861-g2f4d6993/assets/frames_app-2b4a889c3981231b11b24b6f5ef51e0c491543b56a9a1b799b5adfbe7b2e6a79.js
Requested by: Host: dashboard.presspatron.com
URL: https://dashboard.presspatron.com/websites/154?origin=https%3A%2F%2Fwe-ha.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e00:1b:11ff:f600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2bd3bd4b9f50063ad8bb70b5673ffb31f84a27a23e3868ad7629e2e84c4c2b3

Request headers

Referer: https://dashboard.presspatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 17 Feb 2021 02:20:30 GMT
server: AmazonS3
age: 9342
etag: W/"a0d45fbb979407e42b29e910035b230a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: max-age=31556952
date: Sun, 21 Mar 2021 01:03:56 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: l5FmrCP_Dz0PMKk8g716auoWZSU-LbhXPkWyj1MjgAycuuR47_s4qQ==

GET
H2 200 close-icon-34a6cdd9654c40049a205d943e5346bdaef8d051b8a80dd53ad9afe5b325be8a.svg
d867x8xq12ag.cloudfront.net/v1.5.0-861-g2f4d6993/assets/ Frame 7EB0 713 B
1 KB 8ms
6ms Image
image/svg+xml 2600:9000:2156:e00:1b:11ff:f600:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d867x8xq12ag.cloudfront.net/v1.5.0-861-g2f4d6993/assets/close-icon-34a6cdd9654c40049a205d943e5346bdaef8d051b8a80dd53ad9afe5b325be8a.svg
Requested by: Host: dashboard.presspatron.com
URL: https://dashboard.presspatron.com/websites/154?origin=https%3A%2F%2Fwe-ha.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e00:1b:11ff:f600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3d3586babc62988439752142e3308ebfc51526c1e6158debd9cd16e9196556c

Request headers

Referer: https://dashboard.presspatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified: Wed, 17 Feb 2021 02:20:30 GMT
server: AmazonS3
age: 27422
etag: "a58f2ecc7885858366172bd17da1ee83"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31556952
date: Sat, 20 Mar 2021 19:59:24 GMT
x-amz-cf-pop: FRA50-C1
content-length: 713
x-amz-cf-id: Xa2OzqZ3zD0NAzkcH3jPfEo77q-P7X4eEAG3Zi0GxcHExYbLZ6Fxzg==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame C6A9 183 B
411 B 261ms
156ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=2b111c575b3ad59f17cc79b0d054c3936527ed5a

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fwe-ha.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time: 105
date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 03:36:25 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: fe39a6e7ee2bdec45723a87097999f62
strict-transport-security: max-age=631138519
content-length: 152

GET
H/1.1 200
OK moment~timeline~tweet.bd459ee688d39ebbbe0e6b166a1d2cb9.js Show response
platform.twitter.com/js/ 23 KB
8 KB 13ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.bd459ee688d39ebbbe0e6b166a1d2cb9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B7F) /
Resource Hash: e98a4eaa87878c23468648dab95993b5364dabffd5d3fd09b875243e7d4e9c7c

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:20:13 GMT
Server: ECS (amb/6B7F)
Age: 888361
Etag: "bec3cda673021d4ec31aee3fc3eea418+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 7652

GET
H/1.1 200
OK timeline.4d8f2209bfca17ad1826ab582cf6da09.js Show response
platform.twitter.com/js/ 21 KB
7 KB 27ms
12ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.4d8f2209bfca17ad1826ab582cf6da09.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B85) /
Resource Hash: 7ad582812f30bccc1425611adead2395ca65d59bfe6a6add62fa61b9ee773986

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:20:13 GMT
Server: ECS (amb/6B85)
Age: 888356
Etag: "eb92795319bccd2f28b07dac5efe5412+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6649

GET
H2 200 css
fonts.googleapis.com/ Frame 7EB0 3 KB
526 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,600,700,900

Requested by

Host: d867x8xq12ag.cloudfront.net
URL: https://d867x8xq12ag.cloudfront.net/v1.5.0-861-g2f4d6993/assets/external_banner_main-91789145c436b5ef0707b5a2dde7e53439b7cef9b24747461237bbd954a31d20.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e8158695e0e4cf90e8ee1ac3fd76572a677909d6969df84086026841e84b1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://d867x8xq12ag.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Mar 2021 03:30:35 GMT
server: ESF
date: Sun, 21 Mar 2021 03:36:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Mar 2021 03:36:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7EB0 359 B
360 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Actor

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51a9853cb988abf5539899832bac6eddcc9b4ad2337bdcc004acb5a86d8e66d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://d867x8xq12ag.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Mar 2021 02:51:10 GMT
server: ESF
date: Sun, 21 Mar 2021 03:36:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Mar 2021 03:36:25 GMT

GET
H3-Q050 200 container.html Show response
3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 00BC 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://we-ha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://we-ha.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 21 Mar 2021 03:36:24 GMT
expires: Mon, 21 Mar 2022 03:36:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 970x250.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16913016488758466345/970x250/ Frame DAC9 176 KB
91 KB 36ms
22ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16913016488758466345/970x250/970x250.html

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

715df9b6d44dfbbbe55afb1118369ce2a487ffe32b3be84c95b24e775766c317

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/16913016488758466345/970x250/970x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Wed, 17 Mar 2021 19:41:24 GMT
expires: Thu, 17 Mar 2022 19:41:24 GMT
last-modified: Tue, 09 Feb 2021 03:37:01 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 91780
age: 287701
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8F5C 0
0 60ms
59ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAdXfOL9WYMDNNeKMjuwP_a-hyA7Hxb3wYb2PrLSCDaTn8u2VAhABIPT5xiVg6eTJhdgaoAGs__PhAsgBCakCeSP9aQ75sz7gAgCoAwHIAwiqBOkBT9C7jvek--vSHkykfaTkOfFEowf_d0U7rm3t9msWDPAwtDm2Z9nXa5R5g4sfb3P9uKXFgCarjGmz7FGIbgLIui7PTh-mqM7XBDBCWSHceRebEx23gwDlm1FKLQzqeiwe1zj55boyN2I6aNOql_Q3_n-HWdrh8oj0JsujbT6IZY0WbVrd0AvgXYtrngZ7_1TdF_6B_kmVI5Cst6FmTfYITuNJGlTBNpNZtyO7ftE7d9zARz5ziAMOwsqu7wQEJPcsz0KZFq7w7PM5_MEkMg3HDNRGsJkhnQ_Zl3hMwTNND9D-e6SBymI7V7_ABJjruNyIAuAEAZIFBAgEGAGSBQQIBRgEoAYugAe8gIyeAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHAxDwLtIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTM5MjEwNzQ1NjAzOTY2MYAKA8gLAdgTDbIXGgoYCAASFHB1Yi02Mzk2ODQ0NzQyNDk3MjA4&sigh=Y1wAvBjIC_Q&template_id=419&tpd=AGWhJmv4R1VQeAvqF_UWJGdfcrg0Z1DOCZS5E4K2MwmXLfms5A
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 8F5C 17 KB
7 KB 32ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 03:13:57 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 8F5C 2 KB
1 KB 33ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 03:13:51 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F5C 117 KB
36 KB 45ms
31ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sun, 21 Mar 2021 03:36:25 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 8F5C 13 KB
6 KB 33ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 03:25:53 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8F5C 0
0 14ms
14ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSre0u0THIxr1yrq1bUmDl4TkIT8uvn10VjTbpTrfcEb13GZUcOFXsCTAAaDOQVibyLmCYT3FWot73xTGcSWrBP47KeUw
Requested by: Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 army.gif Show response
we-ha.com/porpoiseant/ 0
474 B 17ms
16ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5MDc4NCIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWxhcmdlLWJpbGxib2FyZC0yLTAiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE4OTA3ODQiLCJkb21haW5faWQiOiI2NDczNCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlX2hhX2NvbS1sYXJnZS1iaWxsYm9hcmQtMi0wIiwidF9lcG9jaCI6MTYxNjI5Nzc4MSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiOTc5OWM5OGMtMGY3NS00YTgyLTcwMTEtMmExYWQ5MzNhZjJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUxNiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjYwNDc0MjExZGFmMWRmZDRkOTAwMDBlYTAxZjU2YzMwIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODkwNzg0IiwiZG9tYWluX2lkIjoiNjQ3MzQiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZV9oYV9jb20tbGFyZ2UtYmlsbGJvYXJkLTItMCIsInRfZXBvY2giOjE2MTYyOTc3ODEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDAwMiwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDAwMiwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MTYsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODkwNzg0IiwiZG9tYWluX2lkIjoiNjQ3MzQiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZV9oYV9jb20tbGFyZ2UtYmlsbGJvYXJkLTItMCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MTYsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDAzNDUxNiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5MDc4NCIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWxhcmdlLWJpbGxib2FyZC0yLTAiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M26O5tkYOqNif%2BZUUv53Bx25fD%2Bm%2ByPX3QA2Kw8LD7PeAMQhstUQTs2w3BjnytW5ucoNOGer67PGQzdPdqgfYXm0%2FWkSj7I221jl%2FP2gCv0cJDVJ2AQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422c5fc1b4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f4740fba00004dd08b988000000001
expires: Sat, 20 Mar 2021 03:36:25 UTC

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
17 B 85ms
60ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: we-ha.com
URL: https://we-ha.com/porpoiseant/banger.js?cb=194-4&bv=13&v=46&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 21 Mar 2021 03:36:25 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif Show response
we-ha.com/porpoiseant/ 0
362 B 14ms
13ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5MDc4NCIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWxhcmdlLWJpbGxib2FyZC0yLTAiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wMy0yMSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMCJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItNjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2SX%2F77HUB8PV%2B8yLm54tXq1RmfSgETqbnkKnzE1RIPYg1vm4zHzygnGDxhJv%2Bmr0BTnObiqOqLhQdnerMObjWZkK5kaQOn0VDgje6VQkaEL8qH%2F3aEw%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422c5fc1c4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f4740fba00004dd0a7142000000001
expires: Sat, 20 Mar 2021 03:36:24 UTC

GET
H2 200 army.gif Show response
we-ha.com/porpoiseant/ 0
258 B 14ms
14ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5MDc4NCIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWxhcmdlLWJpbGxib2FyZC0yLTAiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJhdWN0aW9uX2Vwb2NoIjoxNjE2Mjk3Nzg1LCJhZF9wb3NpdGlvbiI6MTEwMSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImJpZF9mbG9vcl9pbml0aWFsIjowLCJiaWRfZmxvb3JfcHJldiI6bnVsbCwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NDI1LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wA5ewBoJXVZ6K8Hlsszo5GleIMZo%2BlfXooXblshLFxGiZUb8mfIci%2FB6xPLKAiyfw3GISyi1Y0OwunolEU3iptlvBwf6VJurD4XZAYSr20Aq4mBxr9U%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422c5fc1d4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f4740fba00004dd087b5c000000001
expires: Sat, 20 Mar 2021 03:36:25 UTC

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
1 KB 26ms
6ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 20:20:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 112583
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Sat, 19 Mar 2022 20:20:02 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
999 B 27ms
7ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:05:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 217846
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
expires: Fri, 18 Mar 2022 15:05:39 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 26ms
7ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 10:09:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 62828
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Sun, 20 Mar 2022 10:09:17 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 7EB0 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: d867x8xq12ag.cloudfront.net
URL: https://d867x8xq12ag.cloudfront.net/v1.5.0-861-g2f4d6993/assets/frames_app-2b4a889c3981231b11b24b6f5ef51e0c491543b56a9a1b799b5adfbe7b2e6a79.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dashboard.presspatron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5630
date: Sun, 21 Mar 2021 02:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 21 Mar 2021 04:02:35 GMT

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 138 KB
11 KB 252ms
210ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_WeHartford_old&dnt=false&domain=we-ha.com&lang=en&screen_name=WeHartford&suppress_response_codes=true&t=1795886&tz=GMT%2B0100&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

34ca5f64f8387c4262476ab5f3c84672870abbb74216be07d49b865f50ad6df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
content-length: 11140
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 185
last-modified: Sun, 21 Mar 2021 03:36:25 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: eca5f6a815642553869753ebea38990f
timing-allow-origin: *
x-transaction: 00e05170000f20e5
expires: Sun, 21 Mar 2021 03:41:25 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 00BC 0
0 60ms
59ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJvt7Ob9WYMqsA-iBjuwP08KvsAf-0_evXM7PvdjqAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJ4AIAqAMBqgTxAU_QbQ_5u-7cJnBxHozT8NZe1qCEDAjW4s8YxAWjXfjPbIYHi_NPEw-K5MN_x6xAmj2kkILwd37XpTIZszHCMVSAGYxaETQ4LaK8KrOmqa581AZ9leVICEZGZZzuXHOQi3f69b1D6_GgEV7qk99GL9SysPz1jhuYPqVVimWlGQs4bssKI3RlWpuFnxrSepOBZIzmfU1mnZ-Yt1ZAo8K9NDy3TI6ZJ-ZruUDJYCbEi4zqrKXTO26snXhSiMvIgfRpTAKOs5JDOz-Lvhb0S0GKJ69KIqdMKGN765n9HrqGEepbD4D4HWxlS7qWQWPo0YQ8wvzgBAGABvntnfnJlL-kvgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgFAQAfIIG2FkeC1zdWJzeW4tMTM5MjEwNzQ1NjAzOTY2MYAKA_oLAggBgAwBshcYChYSFHB1Yi02Mzk2ODQ0NzQyNDk3MjA4&sigh=c02to5ldCL0&tpd=AGWhJmsD0RgNGrizLAglkNHeIkTfCfd-KoeBSR-cmaeyzFpX__olWKMEcpDKT0wCGdBZTXvkdt8bcfPx65k4l9WHdJK0sqALS9veWeDpY8cZuRrg20NonAFC7HCFFOzGgjHL25sfROBvbVJvcffcd2-ZFptY9L8VZ18apfhDpBnXLhKIDgvk5oomZQZOpO36q1H5Zc7N388D5jdO-BpSskmNvGZLceMMmAowNwAjKC69yo5Kayi2CF1DAVLpnXXNORI_NU9TUMvaKcCIwXDVkYkdTKnXUI1e0n14TsEXDvWSYkQ2tRB7vC2QkU1-Avc6etGzjR_DDJkS4yaAjm4wan79Z5Z8ItKuGDoX2KVRHe0Zn4qY3gi95zwB0mJlVSLd0mHFZiwTnBolbhwO1Fzklfqw7JrGqkiYvzJdnfs9fO1BJo_4U8sE6maNQQ6qmQrtu1Hs3T_b2pl3UvVLJKt0QUvkTgc5m0akF_8dfMe5SH-PtXSk3OL8aLhxqt34q9xq-NlY5C658TT9ZJdp_gqbT6-5EvS505ukWRzFNh14bvSL-bYcpKNU6RxE323ay3D0i40ppKPzBoNF2DUjZnHYKVi8cNqBmg2S5Xlny_zhotQ_-eMad1pyq6p5SrNO9fBif71hTkTr7uauIC-s5QRpFFyx4OrLpqk-fk-D8E-5k3jR6gFde0qAb-KNmf1l7zj6bUQDV3csEWhS29B3PtIWDI21iAQstz8tB3ihE8pIfRmz1xcRjKR8toMeeq0fK7ksHw43okyJE3dv7r8j2vXGjA
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 00BC 1 KB
1 KB 183ms
60ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=43925726;rtbwp=9C6C1482C278E670;rtbdata=vaj0t10VFxJ9FHphii2dERjM4zwes1736ZNmu54nDfL4qoFRRmzJZaKQB7hRDV8bxrdv5ELOT_6oyhbdk-fEMRxzYltO_LuBZ_gXlFFdyGdNxDtEcRiP5tuZAHbslBxGFXk_oqMn0QUVAsxVvZrpaASR9xxoNt_frLSFXiihLtyFLkQEhGcNZzXJgf3xyTn-FjcTFG6sQczOTLhcw75aE1z-Ztu1HgSGtNoa3M8awv2UTf5HFirhlLMC4FPUqhM2oQLryfd1vXN5aFOfz7fkSBhuPObN-ei3wK8PGvBtDrlY7RxDzELfbCa4cqyGdZ34kmhnBFAd8uAwhgQqeWDqtUUrQfwgA-9n7W3Te7p31sVXya-nXnzv0uixgZ5BwMZFKh2dhSME_H80HqZkEAlhuL75Oz-Jutmv0;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/a35973b5-792a-478d-9a35-0cd9cfed9895/

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

aa9484079eb2c455a1603ada298c9a8a16ae566c996d6740cfd0cfcc3337a788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1096
expires: -1

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 00BC 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 03:13:51 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 00BC 117 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sun, 21 Mar 2021 03:36:25 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 00BC 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 03:25:53 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 00BC 0
0 41ms
27ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5g96xeN-AeOZnvR7yDqV26pnKDmdLCp7PFkqWKTra5uGems-JqpX4zHLZ1uuqTs0UpA2Z
Requested by: Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 00BC 22 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 07:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 331801
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 07:26:24 GMT

GET
H3-Q050 200 l Show response
translate.googleapis.com/translate_a/ Frame 63E5 3 KB
1 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-knVNkb0w9r6Kxwy6rbdmpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
origin-trial: AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy: script-src 'report-sample' 'nonce-knVNkb0w9r6Kxwy6rbdmpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AEA4 143 B
226 B 6ms
5ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm1M8Vdq4UcwW7Jn6iAVEP_6OiFPbjpJ7ewf9zoy09FsLMy3ft9S2jGJzq-TD0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 21 Mar 2021 02:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3299
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8F5C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb73a0b752f4bf1de44b8d218240c4d8b18e8ce678a5083ba18cc8900b63661e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame DAC9 9 KB
4 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16913016488758466345/970x250/970x250.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 21 Mar 2021 12:33:25 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DAC9 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16913016488758466345/970x250/970x250.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 21 Mar 2021 12:41:54 GMT

GET
H2 200 23519d43-34ee-45ab-83b2-dadd266241fb.jpg
cdn.broadstreetads.com/assets/ 34 KB
35 KB 22ms
20ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/23519d43-34ee-45ab-83b2-dadd266241fb.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1d753363d611bed4c8c1dfa440d94947659bf92590246d7e92863e082b7996f

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1805161
cf-polished: origFmt=jpeg, origSize=87966
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="23519d43-34ee-45ab-83b2-dadd266241fb.webp"
access-control-allow-methods: GET, HEAD
content-length: 35280
cf-request-id: 08f474105e00004e8b15b6e000000001
last-modified: Wed, 17 Feb 2021 20:56:58 GMT
server: cloudflare
etag: "428edc6807ea237c896608eaa2ad89f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4jg5FmVHEr34KHyco7bgIvhxqPvUV7V097EqQD%2BTsMP544IwrcWdYInqAeNbqn%2FB2%2B%2FmAbEUHFOcYHhP7I5cj5pm6Ylf3yquR4gsLj7V%2Bk9xBrnxgy0JIT4YaYNGjD0Cx%2Bi8"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 633422c6faff4e8b-FRA
x-amz-cf-id: P_jFBo6qjADCOx1ZiJhWEkRiH7Wqbem4Ig3ChbcwcxB0YP0uYjMfvg==
cf-bgj: imgq:100,h2pri

GET
H2 200 e0e1ace5-82aa-4e23-8a1a-15b4048b8048.png
cdn.broadstreetads.com/assets/ 31 KB
32 KB 16ms
14ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/e0e1ace5-82aa-4e23-8a1a-15b4048b8048.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 802bf0bae0a965bc1ae56cefe2b7b1883864fbeec22a8f335758686e4057343b

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
via: 1.1 b113e96fc0d74e801e5a1c2e18cf5618.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2653957
cf-polished: origFmt=png, origSize=52391
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="e0e1ace5-82aa-4e23-8a1a-15b4048b8048.webp"
access-control-allow-methods: GET, HEAD
content-length: 32166
cf-request-id: 08f474105e00004e8b0e1da000000001
last-modified: Mon, 29 Jun 2020 23:06:38 GMT
server: cloudflare
etag: "9aff528cb9f52d3cf50e38fb2a65401f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MmJNiF553ikOmCP%2BZ9BDOdxqzMTCwL%2FKT3cA1RYCEbyjnGXslPJZztspxrJcnLgp%2B0ZQYvgGmJo%2F5ezoAKmSGhdTrXl3TQiHPWkoJrmzEbwc2u0Gv5lat8gW7NQ1%2BFTaQ8gn"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FJR50-C1
accept-ranges: bytes
cf-ray: 633422c6fb004e8b-FRA
x-amz-cf-id: tzb2SS-IxYuFIo8WzfbpfkKl_ctTZJQ_ZatxfgkO_uSc6XrNMqxNBQ==
cf-bgj: imgq:100,h2pri

GET
H2 200 1730d44a-0da8-4df5-8f4b-dc17bcaab340.jpg
cdn.broadstreetads.com/assets/ 16 KB
17 KB 13ms
12ms Image
image/jpeg 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/1730d44a-0da8-4df5-8f4b-dc17bcaab340.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7af1b7efdb21e0c8a7c06ee23dc44e8653f1ce2d1b16dcf30ce2716a4ae8a147

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1730706
cf-polished: origSize=20501, status=webp_bigger
x-cache: Miss from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-length: 16785
cf-request-id: 08f474105e00004e8be8ad0000000001
last-modified: Mon, 22 Feb 2021 19:19:49 GMT
server: cloudflare
etag: "235a10b4bb899036c96d15caafdd3db7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HLR844vmPqZnAvbuOoHoUFHTI86HuKhl09yw%2Bif2zCsJEx%2BtfCxmr2755auAiFLqGljPrB09w6o6I19nLmvs8INuFwcwExMyTyfTHdbAx5bR987Ov%2F162zU5iOER176ppFmt"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 633422c6fb014e8b-FRA
x-amz-cf-id: p96HNWyVawAd4z8SoT-0ruG0PFr026CWOY16UXB1EnnqzLVoD1f3Qg==
cf-bgj: imgq:100,h2pri

GET
H2 200 e0ce1b5a-82be-4eb6-9f0a-839681eaeffa.jpg
cdn.broadstreetads.com/assets/ 38 KB
39 KB 19ms
17ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/e0ce1b5a-82be-4eb6-9f0a-839681eaeffa.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c37b43eaf07d7c5f2b236487baf27296f88997427a946fae6f6ea6020635eb12

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
via: 1.1 13a0c208a8609959304326557bca3a49.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 466188
cf-polished: origFmt=jpeg, origSize=101557
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="e0ce1b5a-82be-4eb6-9f0a-839681eaeffa.webp"
access-control-allow-methods: GET, HEAD
content-length: 38838
cf-request-id: 08f474105f00004e8bcfac1000000001
last-modified: Tue, 02 Feb 2021 18:44:38 GMT
server: cloudflare
etag: "b7a06abcd3d0314b3bd16f51ac13b138"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OZLN8vrgPtaygH2DN2lMV6jevtmtB2AoLTnrhvjatAIAmQRAlbFF4shkkJOBPS9YO%2FR3wHvcR30W%2FisBDzl6FOgZB7G5B4AJXGX8AYFoPsrAasEqKYaGJWxOH0aNwn8vBSmJ"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
cf-ray: 633422c6fb034e8b-FRA
x-amz-cf-id: isuOJHyXO9wPvHOz9kZsoUBJr3u0Ns4t7bpHnK8Ve4ZRD03RvhCJNg==
cf-bgj: imgq:100,h2pri

GET
H2 200 683f98f6-dc78-4483-b42c-92c2452166a6.jpg
cdn.broadstreetads.com/assets/ 17 KB
18 KB 20ms
19ms Image
image/jpeg 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/683f98f6-dc78-4483-b42c-92c2452166a6.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8666418ba045a9cadcadaa1f14102dd591327028c3a0db22c0f6c53cf815005

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
via: 1.1 d8328954e51c0912a8419c1a67cea1dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1730706
cf-polished: origSize=21210, status=webp_bigger
x-cache: Miss from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-length: 17381
cf-request-id: 08f474105f00004e8b2e3fb000000001
last-modified: Mon, 22 Feb 2021 19:30:47 GMT
server: cloudflare
etag: "5b101fed2ace76cb9614b7477e9d03fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BdiXIgT0NLCmlhdE%2FJJMMzl7gT%2BqTCPXJJOAIuBrVmcm3Qpy12VlnMCDnLwDbzjo3a79Fyer3bTe0lJJ5%2Bif768NtkJ0mjLCT8FOMxjSCIqibVyM9i1B%2B8MpzBaHHJV2YQhn"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 633422c6fb054e8b-FRA
x-amz-cf-id: xj2D0jF4MW31QeqSTknSF0mXKwMg0hf_BS3e-yJDn3Bvjn-BWaEBLg==
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK 63768.js Show response
ad.broadstreetads.com/zdisplay/ 7 KB
3 KB 145ms
144ms Script
application/javascript 23.21.72.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.broadstreetads.com/zdisplay/63768.js?b=c266783,c259692,c267426,c264225,c267430&kw=not_home_page%2Cnot_landing_page%2Cis_article_page%2Chome-2%2Cpage%2Cnot_home_page%2Cnot_landing_page%2Cis_article_page%2Chome-2%2Cpage&skw=true&ts=1616297784251&target=street-9asvosu7yo
Requested by: Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.72.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-72-59.compute-1.amazonaws.com
Software: /
Resource Hash: d7f4199f39a1cc905c04ea4e9a58cb37b58eb8ad399bf07c840d42e7192e9834

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:25 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 3248
x-hostname: ip-10-156-71-77
content-type: application/javascript

GET
DATA 200
OK truncated
/ Frame DAC9 31 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e3a740078730900261d5b840606332e05f05294558b54db3fcd5b48b58f9665

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame DAC9 26 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3502a2faed4ded55d53500dfda190546d663b9a589e272471e2ace864b90919

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame DAC9 21 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce6942ec592c11d550222760213d3f2264126023c31e78ccae08e011a96791e4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3-Q050 200 container.html Show response
3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FEC3 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://we-ha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://we-ha.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 21 Mar 2021 03:36:24 GMT
expires: Mon, 21 Mar 2022 03:36:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 army.gif Show response
we-ha.com/porpoiseant/ 0
494 B 16ms
15ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5ODQzNCIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWJhbm5lci0yLTAiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MjA4NjExMDk1LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE4OTg0MzQiLCJkb21haW5faWQiOiI2NDczNCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlX2hhX2NvbS1iYW5uZXItMi0wIiwidF9lcG9jaCI6MTYxNjI5Nzc4MSwiYWRfcG9zaXRpb24iOjExMDcsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiOTc5OWM5OGMtMGY3NS00YTgyLTcwMTEtMmExYWQ5MzNhZjJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODIwODYxMTA5NSwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjYwNDc0MjExZGFmMWRmZDRkOTAwMDBlYTAxZjU2YzMwIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODk4NDM0IiwiZG9tYWluX2lkIjoiNjQ3MzQiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZV9oYV9jb20tYmFubmVyLTItMCIsInRfZXBvY2giOjE2MTYyOTc3ODEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDAwMiwiYWRfcG9zaXRpb24iOjExMDcsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDAwMiwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODk4NDM0IiwiZG9tYWluX2lkIjoiNjQ3MzQiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZV9oYV9jb20tYmFubmVyLTItMCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODIwODYxMTA5NSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5ODQzNCIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWJhbm5lci0yLTAiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MjA4NjExMDk1LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EcfyDoUyqx5x3wBgJdKW0tyWKfo18Y%2BI5bDfJxDNme4WKIh2xAQ5ZzKVv44AJX4OWrnvYpN78WZTTaHqe65cO6G6jlZHc0Gq0dgOe2lwZI%2Fb3ovVVp0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422c77db14dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f47410a900004dd053bb1000000001
expires: Sat, 20 Mar 2021 03:36:25 UTC

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
17 B 64ms
61ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: we-ha.com
URL: https://we-ha.com/porpoiseant/banger.js?cb=194-4&bv=13&v=46&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 21 Mar 2021 03:36:25 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif Show response
we-ha.com/porpoiseant/ 0
346 B 15ms
13ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5ODQzNCIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWJhbm5lci0yLTAiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MjA4NjExMDk1LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wMy0yMSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMCJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItNjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6rdRcan2LB92q6X94%2B8GwE7wetqo20eEWvHcBEZmpnqO77G%2BOcLXboqEDNMg32Xk%2BTrUqZeWbU0rXG7VlKJB8JH5FR1lAqTjXaN67I5%2BQwvaeGsOPdA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422c77db74dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f47410ab00004dd0633c9000000001
expires: Sat, 20 Mar 2021 03:36:24 UTC

GET
H2 200 army.gif Show response
we-ha.com/porpoiseant/ 0
266 B 15ms
14ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5ODQzNCIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWJhbm5lci0yLTAiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJhdWN0aW9uX2Vwb2NoIjoxNjE2Mjk3Nzg1LCJhZF9wb3NpdGlvbiI6MTEwNywiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImJpZF9mbG9vcl9pbml0aWFsIjowLCJiaWRfZmxvb3JfcHJldiI6bnVsbCwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NjYxLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1M0XTcvJ9U%2FJEBgP94OvfGM7U2ZxbRZCWFMvuhFV%2BNuErlsuJResZlvRO5ptrhcu82e71sSdCr%2F86PxZBJnfiV%2FMjfgurs%2FU6H0KJapSdY7F%2BRZOD%2FY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422c77db84dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f47410ab00004dd0b784b000000001
expires: Sat, 20 Mar 2021 03:36:25 UTC

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/620/s1.adform.net/ Frame 00BC 35 KB
16 KB 192ms
61ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=43925726;rtbwp=9C6C1482C278E670;rtbdata=vaj0t10VFxJ9FHphii2dERjM4zwes1736ZNmu54nDfL4qoFRRmzJZaKQB7hRDV8bxrdv5ELOT_6oyhbdk-fEMRxzYltO_LuBZ_gXlFFdyGdNxDtEcRiP5tuZAHbslBxGFXk_oqMn0QUVAsxVvZrpaASR9xxoNt_frLSFXiihLtyFLkQEhGcNZzXJgf3xyTn-FjcTFG6sQczOTLhcw75aE1z-Ztu1HgSGtNoa3M8awv2UTf5HFirhlLMC4FPUqhM2oQLryfd1vXN5aFOfz7fkSBhuPObN-ei3wK8PGvBtDrlY7RxDzELfbCa4cqyGdZ34kmhnBFAd8uAwhgQqeWDqtUUrQfwgA-9n7W3Te7p31sVXya-nXnzv0uixgZ5BwMZFKh2dhSME_H80HqZkEAlhuL75Oz-Jutmv0;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/a35973b5-792a-478d-9a35-0cd9cfed9895/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 686df60545fbf0a0d59457fc410d3f997b5c904afdedb6d1b67a48984d6a2cda

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 15:51:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 22 Mar 2021 06:25:53 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FEC3 0
0 59ms
59ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CmLK1Ob9WYLPtDNLq3wPvkqCgBZ6hoa5cofno_p8DwI23ARABIABg6eTJhdgaggEXY2EtcHViLTYzOTY4NDQ3NDI0OTcyMDjIAQngAgCoAwGqBOMBT9DJgAQm-HD82gaG6wIPHXsMVThZrBys2ginXUNIxJlh9Ugt92S3-hVbwIVcyfhmjnMi0pXQJkulRCe5l2jMuIcfGqrdDn6JXspY-2mJNBhF1_T8YQvhE2HRqijK2m0k55XdxkFz0gIhoTZxPtl_XwFCIq56Vq4q5gVqVGhKiBLarrG4qImsEpuNySMxDBkM10jD0ZhNPqcr1_zK_SEqhJ4Ut_SrKMNXrb8heQzAA-Za9oBoFJSzWHYctYsk2d6mIgq-C-0U1dlk_hXaEtN2vSgHqpGMCd7c7pz3Y8d1v7yCGnPgBAGABoW4zdz19KmyoQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgFAQAfIIG2FkeC1zdWJzeW4tMTM5MjEwNzQ1NjAzOTY2MYAKA_oLAggBgAwBshcYChYSFHB1Yi02Mzk2ODQ0NzQyNDk3MjA4&sigh=Cww1rBOtVfU&tpd=AGWhJmub66ZPtvmBqCjs00d-jZi8a4l9fPofSJHihJQZLnBXkg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK ifnotify Show response
a3377.casalemedia.com/ Frame C9A8 39 B
286 B 164ms
51ms Document
text/html 85.91.45.191
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://a3377.casalemedia.com/ifnotify?consent=1&c=15DB6CD&r=4CA7C7BB&t=6056BF39&u=X1laZG9OWG5CWmY5b0JpR0JIS1VkSWg1&m=3138bd82af29bf88461e5ec82c0a200e&wp=3&aid=e69bb58200581cad9b958c82ba44907d&tid=145B6&s=486DA&cp=0.03&n=we-ha.com&pr=xx&epr=YFa_OQAEIZwKixEiCAFY9g
Requested by: Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.91.45.191 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e

Request headers

Host: a3377.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/

Response headers

Date: Sun, 21 Mar 2021 03:36:25 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-cache
Expires: 0
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame FEC3 953 B
1 KB 62ms
60ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=44610412;rtbwp=YFa_OQAAAABk13e3TInMGQkKM0Goea9nxonKZA;rtbdata=yVEXbqLVfAIk809MZvS0G-Dw02ekmzuvvYYPbWbF183YmkbkMQ8sMrQD31a9JRUnUOwngHF4oWOfhu1E43Hhx9cR2JE3DJS6B5v4qKTEFeTNMyQJ-qfUFnP2iftwFP9sNMbocSPAAh49iY7CVkcTUOcNozvNLji8vT9lOY_0SrmdxAg3ukBs-WJNPgfUbAKYeihy17cMAys1

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

2927ea6c7ebeb0e82b4b904e66ce945bba500ab76de5dffff47b0fd15bbfc5f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 805
expires: -1

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame FEC3 2 KB
1 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 03:13:51 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FEC3 117 KB
36 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sun, 21 Mar 2021 03:36:25 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame FEC3 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 03:25:53 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame FEC3 0
0 16ms
15ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbyOj8tni65M5X45tQEKpvMRovz8N_QTD0G3z6WQv9ILAn4COAJr_MCEi7Hal2WurSDaRg
Requested by: Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame FEC3 22 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 07:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 331801
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 07:26:24 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AEA4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
496 B

44ms
29ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm1M8Vdq4UcwW7Jn6iAVEP_6OiFPbjpJ7ewf9zoy09FsLMy3ft9S2jGJzq-TD0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 21 Mar 2021 03:36:25 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 21-Mar-2021 04:36:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 03:36:25 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 21 Mar 2021 03:36:25 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html Show response
3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 86C4 6 KB
3 KB 10ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://we-ha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://we-ha.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 21 Mar 2021 03:36:24 GMT
expires: Mon, 21 Mar 2022 03:36:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 army.gif Show response
we-ha.com/porpoiseant/ 0
259 B 19ms
14ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5NTQzNCIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5NTQzNCIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiI2MDQ3NDIxMWRhZjFkZmQ0ZDkwMDAwZWEwMWY1NmMzMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5NTQzNCIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2MTYyOTc3ODEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDAwMiwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDAwMiwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODk1NDM0IiwiZG9tYWluX2lkIjoiNjQ3MzQiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZV9oYV9jb20tbGFyZ2UtbGVhZGVyYm9hcmQtMS0wIiwidF9lcG9jaCI6MTYxNjI5Nzc4MSwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiOTc5OWM5OGMtMGY3NS00YTgyLTcwMTEtMmExYWQ5MzNhZjJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDQzNTUwIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODk1NDM0IiwiZG9tYWluX2lkIjoiNjQ3MzQiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZV9oYV9jb20tbGFyZ2UtbGVhZGVyYm9hcmQtMS0wIiwidF9lcG9jaCI6MTYxNjI5Nzc4MSwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiOTc5OWM5OGMtMGY3NS00YTgyLTcwMTEtMmExYWQ5MzNhZjJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oAugiEBXwgkFLCbZRsUuRhm5mSECbfcCvfUiHRX1ZT8%2FKP0EkBCJr0uuGuPdgb1ztJPI%2BVrAv77GEUiQ0a7t9K91Yh6NHHkPwZNA0hMjHNE4KlSKkTg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422c7fe5d4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f47410fb00004dd08299c000000001
expires: Sat, 20 Mar 2021 03:36:25 UTC

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
17 B 64ms
59ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: we-ha.com
URL: https://we-ha.com/porpoiseant/banger.js?cb=194-4&bv=13&v=46&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 21 Mar 2021 03:36:25 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif Show response
we-ha.com/porpoiseant/ 0
262 B 21ms
18ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5NTQzNCIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTAzLTIxIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiNCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIwIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xGK%2BYumYFUuaupKeKfSr%2B%2BgSIBLnFSn65R8W6lt7egkybhPHtKVzhie1pgbWDVNL%2FceZJblLfPDXiXkckmWlY6E8dH9O6rpjsPmlBju1Ye%2Bd3oeiQAI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422c7fe5f4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f47410fc00004dd05125c000000001
expires: Sat, 20 Mar 2021 03:36:25 UTC

GET
H2 200 army.gif Show response
we-ha.com/porpoiseant/ 0
350 B 15ms
12ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5NTQzNCIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImF1Y3Rpb25fZXBvY2giOjE2MTYyOTc3ODYsImFkX3Bvc2l0aW9uIjoxMTAyLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiOTc5OWM5OGMtMGY3NS00YTgyLTcwMTEtMmExYWQ5MzNhZjJhIiwiYmlkX2Zsb29yX2luaXRpYWwiOjAsImJpZF9mbG9vcl9wcmV2IjpudWxsLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo3NTUsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wUe9OKAWDGYvtxR2nSG4x%2FSQ%2BejVeWEOrPlsGhydx%2B6%2Br2YCaP74p%2F2lDRvXLuH3xPT97sEmvPlz62pAFYswCO0yHN8e%2BcVSDNfe5nR%2FrReoKOcYtdk%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422c7fe614dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f47410fc00004dd065aba000000001
expires: Sat, 20 Mar 2021 03:36:25 UTC

GET
H2 200 army.gif Show response
we-ha.com/porpoiseant/ 0
262 B 23ms
21ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5MDc4NCIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWxhcmdlLWJpbGxib2FyZC0yLTAiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiItMSJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiLTEifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODk1NDM0IiwiZG9tYWluX2lkIjoiNjQ3MzQiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZV9oYV9jb20tbGFyZ2UtbGVhZGVyYm9hcmQtMS0wIiwidF9lcG9jaCI6MTYxNjI5Nzc4MSwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiOTc5OWM5OGMtMGY3NS00YTgyLTcwMTEtMmExYWQ5MzNhZjJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTA3MCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiNzU4In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5NDgzNSIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIzMTUifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjI5MCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE4OTg0MzQiLCJkb21haW5faWQiOiI2NDczNCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlX2hhX2NvbS1iYW5uZXItMi0wIiwidF9lcG9jaCI6MTYxNjI5Nzc4MSwiYWRfcG9zaXRpb24iOjExMDcsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiOTc5OWM5OGMtMGY3NS00YTgyLTcwMTEtMmExYWQ5MzNhZjJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODIwODYxMTA5NSwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTA3MCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTAyNyJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hs4%2FLrjkcCP02Ec%2FCLGs5PQ5nYv9YakHStrDZwrTqa%2Bq%2BCyZD8T2A1q1mZZ2AmnfOjBhuh4WIxPtI3AlP9ZpJmZY6uQBi7%2FoC0WkwBs9id5VU5AnE6o%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422c7fe634dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f474110000004dd087b6d000000001
expires: Sat, 20 Mar 2021 03:36:25 UTC

GET
H2 200 a927ff77-b81e-4c2d-b152-ae69cb01d5ec.jpg
cdn.broadstreetads.com/assets/ 22 KB
23 KB 14ms
14ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/a927ff77-b81e-4c2d-b152-ae69cb01d5ec.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 017391c754d6de958ad85204899eabbfefd00860f4fa62b0f18f2e79f5a2c5ef

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 664927
cf-polished: origFmt=jpeg, origSize=64442
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="a927ff77-b81e-4c2d-b152-ae69cb01d5ec.webp"
access-control-allow-methods: GET, HEAD
content-length: 22802
cf-request-id: 08f474110300004e8bfc8f2000000001
last-modified: Fri, 05 Mar 2021 00:18:51 GMT
server: cloudflare
etag: "ec5b451be65642816fe4a88c31354135"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gm04SNE%2BIN%2F2s6KMCSAPJINuuJ%2BhNpq59guMNvUFJS03ujnrlruVhdKCuYOad5E7OT0CGZv7S3avZhtpGfbu3Sfnuo9QRvkiqJh9qmoZPEoXPtu5Lab%2BbyHCy7sfhflcOUMs"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 633422c80c024e8b-FRA
x-amz-cf-id: NfaVRJJTy3vrECP3QssYvdJKgPKdBkHRMolasEyGiXZmawCLjfRaQg==
cf-bgj: imgq:100,h2pri

GET
H2 200 191b83aa-aaca-43db-bcd2-0351f7013615.jpg
cdn.broadstreetads.com/assets/ 42 KB
43 KB 16ms
15ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/191b83aa-aaca-43db-bcd2-0351f7013615.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 507b07e721cc3b7e46d1325013e6fdac0e79a80911dd9e0d356d6ecde446e45f

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
via: 1.1 9db8c72ec08059d1364d1dd74e1dc958.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 108135
cf-polished: origFmt=jpeg, origSize=111030
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="191b83aa-aaca-43db-bcd2-0351f7013615.webp"
access-control-allow-methods: GET, HEAD
content-length: 43230
cf-request-id: 08f474110600004e8bfc8f3000000001
last-modified: Tue, 02 Feb 2021 18:45:38 GMT
server: cloudflare
etag: "64e56c30f7a4e2ec67b6115894e376f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PLP1q7pDPJ70O%2BfSv%2F78MFBEPCv32DqlP9A6eP2RHDmqNmK6VgrCuBGicJiMdKUryRgAONe51%2B%2FlSQnr%2BqV2vyyoQLBn69gwVyt9QKNWAQHJnrniqH84jAspkVJovbwIEk4R"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
cf-ray: 633422c80c044e8b-FRA
x-amz-cf-id: rPssrOka6_rZO9wMkmjQ-YNaHJpA357NVTG-FGNGVA1Kdaj5OF-ziQ==
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK 64513.js Show response
ad.broadstreetads.com/zdisplay/ 63 KB
19 KB 160ms
160ms Script
application/javascript 23.21.72.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.broadstreetads.com/zdisplay/64513.js?b=c266783,c259692,c267426,c264225,c267430,c270300,c264226&kw=not_home_page%2Cnot_landing_page%2Cis_article_page%2Chome-2%2Cpage%2Cnot_home_page%2Cnot_landing_page%2Cis_article_page%2Chome-2%2Cpage&skw=true&ts=1616297784251&target=street-xhf3rhpeeo
Requested by: Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.72.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-72-59.compute-1.amazonaws.com
Software: /
Resource Hash: 745d50cf1761da8a89f78c3850fffd336a2af9852178fa32477384204b0818de

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:25 GMT
Content-Encoding: gzip
Connection: keep-alive
transfer-encoding: chunked
x-hostname: ip-10-156-71-77
content-type: application/javascript

GET
H2 200 2b07.png
abs.twimg.com/emoji/v2/72x72/ Frame B7C5 388 B
703 B 28ms
7ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2b07.png

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F53) /

Resource Hash

11fc3f4ae99586ae01aec05dcf1954dc95024f8d63776d220a3b0187873e6eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
x-content-type-options: nosniff
age: 22691151
x-ton-expected-size: 388
x-cache: HIT
content-length: 388
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Thu, 16 Apr 2020 17:04:17 GMT
server: ECAcc (frc/8F53)
etag: "SALAWUsBYUywup5sSvc+YQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 519d9c76a258adffbd641a83d7c0abf4
accept-ranges: bytes
expires: Mon, 21 Mar 2022 03:36:25 GMT

GET
H2 200 IJNFLZMY
pbs.twimg.com/card_img/1373211491755819012/ Frame B7C5 7 KB
7 KB 64ms
20ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1373211491755819012/IJNFLZMY?format=jpg&name=144x144_2

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

6bfb25a4cb86239a669ab6f9bcd05063cc217339e72c62a8b4cc352bd3be993e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 6969
x-response-time: 98
last-modified: Sat, 20 Mar 2021 09:53:07 GMT
server: tsa_a
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 70fdc9ea1ec15ae8f3b431485867b7cd
akamai-request-bc: [a=2.16.2.92,b=219322524,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 M1B_K7mp
pbs.twimg.com/card_img/1373014688141697024/ Frame B7C5 30 KB
31 KB 416ms
373ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1373014688141697024/M1B_K7mp?format=jpg&name=600x314

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_devel /

Resource Hash

61b1267ab289ffe34db8e6690686427c7e8e609a755634d4829f75edecec3e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 30790
last-modified: Fri, 19 Mar 2021 20:51:05 GMT
server: tsa_devel
date: Sun, 21 Mar 2021 03:36:26 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 835c88cfd35b19d6e20bd728b7c906aa5928fa9dc086f907abc0560abb602b47
akamai-request-bc: [a=2.16.2.92,b=219322525,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_VA_ASHBURN,o=20940]

GET
H2 200 1f517.png
abs.twimg.com/emoji/v2/72x72/ Frame B7C5 635 B
780 B 30ms
9ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f517.png

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FBD) /

Resource Hash

4fa9edbcc0695d4a38486ac2cccd4506320a5acac2de84afd1f5afa3609505c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
x-content-type-options: nosniff
age: 27004152
x-ton-expected-size: 635
x-cache: HIT
content-length: 635
x-response-time: 14
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:25 GMT
server: ECAcc (frc/8FBD)
etag: "nk34YSZt1F6kiuuDsLrAzg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 833c9de9c540cd5729e561a467c056e4
accept-ranges: bytes
expires: Mon, 21 Mar 2022 03:36:25 GMT

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ Frame B7C5 53 KB
12 KB 13ms
13ms Stylesheet
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B87) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:20:10 GMT
Server: ECS (amb/6B87)
Age: 888362
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 14ms
13ms Image
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B87) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:20:10 GMT
Server: ECS (amb/6B87)
Age: 888362
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/620/s1.adform.net/ Frame FEC3 35 KB
16 KB 147ms
104ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=44610412;rtbwp=YFa_OQAAAABk13e3TInMGQkKM0Goea9nxonKZA;rtbdata=yVEXbqLVfAIk809MZvS0G-Dw02ekmzuvvYYPbWbF183YmkbkMQ8sMrQD31a9JRUnUOwngHF4oWOfhu1E43Hhx9cR2JE3DJS6B5v4qKTEFeTNMyQJ-qfUFnP2iftwFP9sNMbocSPAAh49iY7CVkcTUOcNozvNLji8vT9lOY_0SrmdxAg3ukBs-WJNPgfUbAKYeihy17cMAys1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 686df60545fbf0a0d59457fc410d3f997b5c904afdedb6d1b67a48984d6a2cda

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 15:51:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 22 Mar 2021 06:25:53 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 86C4 0
0 61ms
60ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVTEVOb9WYP_CF5Cr3gP_uoWIBf7T969czs-92OoCwI23ARABIABg6eTJhdgaggEXY2EtcHViLTYzOTY4NDQ3NDI0OTcyMDjIAQngAgCoAwGqBO0BT9Do1kAzdA2brq0WwewT9l--2eDZ4sFGGUYPIU-udhv5DEYL8fId1cDWiJ8YFNC_TrrsxyURq5ZlPs37kiKuQ3ihcfl3cyNa0XNZ0TC2MamCsH6t5pgrTkbqBKgQ0fiIvJDMgC19XyGXTFMEasjeNqHHCe323cDorYX38fQOSHiatZeek7Fv6FbH8XjXDWBY_-rLHv85r64FvW6ck7x4RxcG_uMCDn5dbhNKNFpVjmoF2iqk_g6OFLz9-e25fx_UwcOMnwWDl_iLXUIGegvauc28vHQ9ihxwCw9kAGqXI3FaRLfJWBgAilET44rk4AQBgAahxNiE4d3LuwqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgFAQAfIIG2FkeC1zdWJzeW4tMTM5MjEwNzQ1NjAzOTY2MYAKA_oLAggBgAwB0BUBgBcBshcYChYSFHB1Yi02Mzk2ODQ0NzQyNDk3MjA4&sigh=IyA7PtBsuJo&tpd=AGWhJmu71tDF4wncn1LHEoCB810EPDmi2ZWSG4hFs4J6APaQGWAtHGu68vF9OnAO-RpGbIdE9siS7QR5HD3nvEWpfgDayv7K4ZCStRXid9oAoQFKvaXI7OhlVxZY5tkNSBagfcAu27McKhr_NnQYahUr-OF8B7Sdj4nAveNENRnayOCYtT9odzgX09k-ZsLrkBCYrOWOYMBpopcVe6CcEj9hcLKcDYmNDVtF7DTE7l-MNRCAl3PlbAOcD1iWP2iF44ASd_RneXyOJ-a8vTzxy_DU_Qwml4OYfpRT7gvIv1Ip1Bh-M2yRLEMu70mwfvpu77Rqaj-WBXVwk7dPstMrxXt7eQc7Y4xrWt9Py5g2NXTRDmPMCbGH6yFA2KdGYfe1OxpILYcicct_DxhpSuijW2_mwZYLN4O8AlwS30lrfH1Xw8NTEcgmMQIo4tvhadfE8ESGcJmhlB-vPlhmxzPpX8TlK0HzYfH7Gf7Aeupq3juYxPAm5OHM1IPIg9UrXI5v9JUMz41mCyyBpAw4FIZXamijm1rUkTe2wyOUEUqJafFu-bOlGgeKDZbeIZvj-gMEQ51gzCw-Ik78oEUeUOxO6fKiPY7nNEq3WKU-4qKzY95uENWBwjtmCX01Ayb-4DZtGIn7LdwKEvEXk_mfcu5RcbucFBkmGmnIYbKIdhuH1bo8tyWU_yPJlMM2lWoIY9l1v8XItSQmm5rpB9O1Ggl83z0BN9RD7cUUvGF0Kexh20KtH0m460h9gJ8zu9kZOOSGNsTgG_LVM2zXRILBAcnGITYXtw
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 86C4 1 KB
1 KB 63ms
60ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=44610412;rtbwp=2DA5018E56488303;rtbdata=WXw3SM6mU6fsonZbRBKb3FnqOP11OAwgII43K5nBH9Arm2q3AJF1KOiQBooDm9_Rxrdv5ELOT_6oyhbdk-fEMRxzYltO_LuBxkKNAL4S6PifNGnFsuNVvtRsVhl7nQz355UFF0vMvTzeAqEOGYqpnQiHIkyHgUb5RXnTatIzxO7G0IsZ7vzKdgqiPh85E5A4x1EtxhHNdDb-iXYxeRP0ITuDuTuamKBs8zn9gVZz2l5M4DmwAKwhrUsV02_wBAoyBuwkUiBGgN_LyHvTiSi77SaHP2eKgEkbVuS0NtfHcQAVQbuxKeecE4iWAgsn6OC_uzboJOXLxUehzSuyoStMPCEQfjv_NYPrs-4vJrE8ArAX7IyrCToAWfLjuVUM6oj1giVxROHhrokYY0wYPICNDkrzvcOouG350;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/f9ba633f-18ce-4880-85bc-bcba1f0e3893/

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

73aea6737cb5f5da45737dfb6333bc50a441be2f3b1174b43cdd56d8f62f5b29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1101
expires: -1

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 86C4 2 KB
1 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 03:13:51 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 86C4 117 KB
36 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sun, 21 Mar 2021 03:36:25 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 86C4 13 KB
6 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 03:25:53 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 86C4 0
0 19ms
17ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_dqCSrbPyaZJdg2Vat2TkNJcs0HOJOy1hFlhjQwbFl_W8l6gcaQ9TI05-XNfPfbEgeNIc
Requested by: Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 86C4 22 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 07:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 331801
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 07:26:24 GMT

GET
H2 200 2b07.png
abs.twimg.com/emoji/v2/72x72/ Frame B7C5 388 B
462 B 13ms
2ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2b07.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.bd459ee688d39ebbbe0e6b166a1d2cb9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F53) /

Resource Hash

11fc3f4ae99586ae01aec05dcf1954dc95024f8d63776d220a3b0187873e6eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
x-content-type-options: nosniff
age: 22691151
x-ton-expected-size: 388
x-cache: HIT
content-length: 388
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Thu, 16 Apr 2020 17:04:17 GMT
server: ECAcc (frc/8F53)
etag: "SALAWUsBYUywup5sSvc+YQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 519d9c76a258adffbd641a83d7c0abf4
accept-ranges: bytes
expires: Mon, 21 Mar 2022 03:36:25 GMT

GET
H2 200 1f517.png
abs.twimg.com/emoji/v2/72x72/ Frame B7C5 635 B
708 B 13ms
2ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f517.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.bd459ee688d39ebbbe0e6b166a1d2cb9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FBD) /

Resource Hash

4fa9edbcc0695d4a38486ac2cccd4506320a5acac2de84afd1f5afa3609505c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
x-content-type-options: nosniff
age: 27004152
x-ton-expected-size: 635
x-cache: HIT
content-length: 635
x-response-time: 14
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:25 GMT
server: ECAcc (frc/8FBD)
etag: "nk34YSZt1F6kiuuDsLrAzg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 833c9de9c540cd5729e561a467c056e4
accept-ranges: bytes
expires: Mon, 21 Mar 2022 03:36:25 GMT

GET
H2 200 GLveyhKU_normal.jpg
pbs.twimg.com/profile_images/1317118232621387779/ Frame B7C5 3 KB
3 KB 217ms
199ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1317118232621387779/GLveyhKU_normal.jpg

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_devel /

Resource Hash

06ec94eb534a146fc89a718d9809b489a0bc5039797d686953aa756418230e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 2567
last-modified: Fri, 16 Oct 2020 14:58:32 GMT
server: tsa_devel
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bc034faf6980c8a5cbd462534903b1db1feec4198c4df5a11eeb1b78fa099aad
akamai-request-bc: [a=2.16.2.92,b=219322527,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_GA_ATLANTA,o=20940],[c=w,n=US_GA_ATLANTA,o=20940],[c=w,n=US_CA_LOSANGELES,o=20940]

GET
H2 200 H5chLyOD_normal.jpg
pbs.twimg.com/profile_images/689458519372738565/ Frame B7C5 2 KB
2 KB 151ms
135ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/689458519372738565/H5chLyOD_normal.jpg

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_devel /

Resource Hash

cceb5c0b72939306b588da4cc7271ed9927ba0a68cb5557cf9942b3c482b2cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 2035
last-modified: Tue, 19 Jan 2016 14:42:55 GMT
server: tsa_devel
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 79ca61b605aef307d6976817a24b78cd65989d1adea463fa2331942001e97741
akamai-request-bc: [a=2.16.2.92,b=219322528,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_GA_ATLANTA,o=20940]

GET
H2 200 keJ8PdcC_normal.jpg
pbs.twimg.com/profile_images/676603271125962752/ Frame B7C5 2 KB
2 KB 146ms
130ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/676603271125962752/keJ8PdcC_normal.jpg

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_devel /

Resource Hash

f974274d90bcefad41457672ff87e60f946719adc350e3c4e60efc50b6f0aa05

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 1807
last-modified: Tue, 15 Dec 2015 03:20:45 GMT
server: tsa_devel
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ef731f35607d3b6be27c35f2240dc154b54e0f5e45f184fea681e21a1fd19ca5
akamai-request-bc: [a=2.16.2.92,b=219322529,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_GA_ATLANTA,o=20940],[c=w,n=US_GA_ATLANTA,o=20940]

GET
H2 200 3A_wFl5K_normal.jpg
pbs.twimg.com/profile_images/1350040342549192704/ Frame B7C5 2 KB
3 KB 40ms
24ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1350040342549192704/3A_wFl5K_normal.jpg

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

d7b2e254faba6aa2418a134cd0c200ca23924fc9a50d41d4c958f7193edbb1bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 2187
x-response-time: 18
last-modified: Fri, 15 Jan 2021 11:19:14 GMT
server: tsa_b
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 72eba3a3e039ef174fac06e3d479f5c4
akamai-request-bc: [a=2.16.2.92,b=219322530,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 P50Lcaeo_normal.jpg
pbs.twimg.com/profile_images/1365132276523278337/ Frame B7C5 2 KB
3 KB 42ms
26ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1365132276523278337/P50Lcaeo_normal.jpg

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_devel /

Resource Hash

a768b4f039582b8c0127f6001b53d452a27e7ed8819a7dc7102a475e1d20e654

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 2187
last-modified: Fri, 26 Feb 2021 02:49:12 GMT
server: tsa_devel
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2c22869c2e97a8e33ed971360354a6a7a78705ebc242af5e480dc239bf1d0301
akamai-request-bc: [a=2.16.2.92,b=219322531,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 FwpQ8VCA_normal.jpeg
pbs.twimg.com/profile_images/481871161932775424/ Frame B7C5 2 KB
2 KB 43ms
27ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/481871161932775424/FwpQ8VCA_normal.jpeg

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

66dc4311c5b4d078743b612d7374eea20fec33adae7c05a1420665d7a5b79f1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 2111
x-response-time: 18
last-modified: Wed, 25 Jun 2014 18:44:52 GMT
server: tsa_b
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e060a9b4604e4b73b312a50b920d24c1
akamai-request-bc: [a=2.16.2.92,b=219322532,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 zLduKS4r_normal.jpeg
pbs.twimg.com/profile_images/471809534432784384/ Frame B7C5 2 KB
2 KB 34ms
19ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/471809534432784384/zLduKS4r_normal.jpeg

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

e9bd816bd7cb2dc0ba14583fc98c6312e56f8320b70f6f06bda1197bf3246a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 2035
x-response-time: 17
last-modified: Thu, 29 May 2014 00:23:33 GMT
server: tsa_a
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1946162b5b3752f31e9c2d515ce0a3c8
akamai-request-bc: [a=2.16.2.92,b=219322533,c=g,n=CZ__PRAGUE,o=20940],[c=p,n=CZ__PRAGUE,o=20940]

GET
H2 200 VmcJH4cx_normal.jpg
pbs.twimg.com/profile_images/1285944298496827404/ Frame B7C5 2 KB
2 KB 34ms
19ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1285944298496827404/VmcJH4cx_normal.jpg

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

896ebee04cbf2f476cf6863eca12755b6039bd2551f3c81fe9a80e0927ab6a21

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 2111
x-response-time: 22
last-modified: Wed, 22 Jul 2020 14:24:27 GMT
server: tsa_b
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a49ac729209dd678007fa1ef6d72a8ae
akamai-request-bc: [a=2.16.2.92,b=219322534,c=g,n=CZ__PRAGUE,o=20940]

GET
H2 200 vBUgVEiy_normal.jpg
pbs.twimg.com/profile_images/635609844645412864/ Frame B7C5 2 KB
2 KB 45ms
30ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/635609844645412864/vBUgVEiy_normal.jpg

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

c9f68c8a97219227fe93e2edd9689a66fb99f2828f6550971223fcb7a33c93f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 2035
x-response-time: 22
last-modified: Mon, 24 Aug 2015 00:27:30 GMT
server: tsa_b
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 295f02583d02b6fb34ad4f0d4d979fdc
akamai-request-bc: [a=2.16.2.92,b=219322535,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 UsTyDtI-_normal.jpg
pbs.twimg.com/profile_images/637263845312983040/ Frame B7C5 2 KB
2 KB 46ms
31ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/637263845312983040/UsTyDtI-_normal.jpg

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

9339d068e390a3fda35c9f022484e3eb91ed77b211d9d38e9541afb37bbb2624

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 1883
x-response-time: 21
last-modified: Fri, 28 Aug 2015 13:59:55 GMT
server: tsa_b
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a99cc5709def6087bac4a5279d86aeeb
akamai-request-bc: [a=2.16.2.92,b=219322536,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=p,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 Ew-EzvRXEAAfxrd
pbs.twimg.com/media/ Frame B7C5 35 KB
36 KB 141ms
127ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Ew-EzvRXEAAfxrd?format=jpg&name=360x360

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

a9fd4c27b89699ecc8c00ff3b511daf3aaa7fd6301e73d523bbf744b1beb9ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 35866
x-response-time: 58
last-modified: Sun, 21 Mar 2021 02:30:17 GMT
server: tsa_a
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e3f8852c9797dd9cc7c491edce194851
akamai-request-bc: [a=2.16.2.92,b=219322537,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_NY_NEWYORK,o=20940]

GET
H2 200 Ew7LdwNXMAwf2GD
pbs.twimg.com/media/ Frame B7C5 7 KB
7 KB 140ms
125ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Ew7LdwNXMAwf2GD?format=jpg&name=360x360

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_devel /

Resource Hash

3c7f9d632143e7fd5f49b011cdaa76111b5756fbb2c4575ce81e45bc4b1431bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 7123
last-modified: Sat, 20 Mar 2021 13:00:30 GMT
server: tsa_devel
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a73143dc3484cd341551056612af79f947ef67fe23506ba687cff246e38fceda
akamai-request-bc: [a=2.16.2.92,b=219322539,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_VA_ASHBURN,o=20940]

GET
H2 200 Ew72XXsWEAUEGBU
pbs.twimg.com/media/ Frame B7C5 73 KB
73 KB 164ms
150ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Ew72XXsWEAUEGBU?format=jpg&name=small

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

df7afcdd85f021eaec01c2a66245a7aa7569cd5b701afc426253a3f7a23b33a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 74333
x-response-time: 18
last-modified: Sat, 20 Mar 2021 16:07:56 GMT
server: tsa_a
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b6cdc7a0e1c466f22cc757358fd286d9
akamai-request-bc: [a=2.16.2.92,b=219322540,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_GA_ATLANTA,o=20940]

GET
H2 200 Ew9gmDvWYAIjkpp
pbs.twimg.com/media/ Frame B7C5 38 KB
39 KB 404ms
390ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Ew9gmDvWYAIjkpp?format=jpg&name=360x360

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

62a72bc2b18abb37fafbec7f5e102a7041a6e91764c6719cfb81570df95857b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 39106
x-response-time: 61
last-modified: Sat, 20 Mar 2021 23:52:03 GMT
server: tsa_a
date: Sun, 21 Mar 2021 03:36:26 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 184fb1aa57580cd736508aab6386873d
akamai-request-bc: [a=2.16.2.92,b=219322541,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_VA_ASHBURN,o=20940]

GET
H2 200 Ew7qo7TWEAAQns0
pbs.twimg.com/media/ Frame B7C5 17 KB
18 KB 156ms
142ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Ew7qo7TWEAAQns0?format=jpg&name=360x360

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_devel /

Resource Hash

cd07faac73716c2239872319c4d3b76478c2efb0006fdb030f9a761e1e033138

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 17455
last-modified: Sat, 20 Mar 2021 15:16:42 GMT
server: tsa_devel
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fbdff71ed47008114053783d66fb68728163348d2635f411fa7e491933735463
akamai-request-bc: [a=2.16.2.92,b=219322542,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_IL_CHICAGO,o=20940]

GET
H2 200 Ew65vayXMAAcfMq
pbs.twimg.com/media/ Frame B7C5 34 KB
34 KB 247ms
233ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Ew65vayXMAAcfMq?format=jpg&name=360x360

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

5de7ccd49faa6e2e97aa2adddb7d4fd1e903a16fdcaa0b7e051c66c309f13316

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 34747
x-response-time: 103
last-modified: Sat, 20 Mar 2021 11:43:04 GMT
server: tsa_a
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6dc2f4efdf077e55cb5d1ef147236176
akamai-request-bc: [a=2.16.2.92,b=219322543,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_FL_MIAMI,o=20940],[c=w,n=US_CA_SANJOSE,o=20940]

GET
H2 200 Ew3NnHzVkAQurg3
pbs.twimg.com/media/ Frame B7C5 32 KB
33 KB 48ms
35ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Ew3NnHzVkAQurg3?format=jpg&name=360x360

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_devel /

Resource Hash

6f80cc5138c2d568b853f790f8184bc1e896f6eca58b9c388b7f933f53254397

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 33056
last-modified: Fri, 19 Mar 2021 18:31:24 GMT
server: tsa_devel
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ecfcc618fcdab11833262cd2cf89b879334973d72afc3f2d914f04d6914f3b01
akamai-request-bc: [a=2.16.2.92,b=219322544,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 Ew3F2-EWUAIIp1r
pbs.twimg.com/media/ Frame B7C5 86 KB
87 KB 49ms
36ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Ew3F2-EWUAIIp1r?format=jpg&name=small

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_devel /

Resource Hash

edfda9f65fd4d1e7610ad6aec2dc7909cb3e319c9184b9a07ef5903e14b2dffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 88543
last-modified: Fri, 19 Mar 2021 17:57:31 GMT
server: tsa_devel
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: aecf324fe0db711f4efc2dd1e83cd295e3723135a093db6aba266b3432a71f84
akamai-request-bc: [a=2.16.2.92,b=219322545,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 Ew2nxKMW8AIYwSd
pbs.twimg.com/media/ Frame B7C5 14 KB
14 KB 58ms
43ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Ew2nxKMW8AIYwSd?format=jpg&name=360x360

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_devel /

Resource Hash

68de03efb815248d3957f2428cb4183d8c5dfd0200bb9224ab91c6b831761f02

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 14028
last-modified: Fri, 19 Mar 2021 15:46:03 GMT
server: tsa_devel
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6e263533c27dcadbf4bd87f44872ba859576da1d7e2c50ce230206f5ae6bcaec
akamai-request-bc: [a=2.16.2.92,b=219322546,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 Ew2l522XIAUVPe1
pbs.twimg.com/media/ Frame B7C5 28 KB
29 KB 58ms
43ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Ew2l522XIAUVPe1?format=jpg&name=360x360

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

781faabb7b5482fdef236df829f2ad6c9cfc29abf33b5f91afd8a736c2133911

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 29136
x-response-time: 478
last-modified: Fri, 19 Mar 2021 15:37:55 GMT
server: tsa_a
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a2493e41642dcbecb74fa44abbb224c4
akamai-request-bc: [a=2.16.2.92,b=219322548,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 Ew8T-DoVkAAz_zB
pbs.twimg.com/media/ Frame B7C5 9 KB
10 KB 148ms
135ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Ew8T-DoVkAAz_zB?format=jpg&name=240x240

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

093c00de730e1211b86557660153d29441be093deb77542b9986234b0d1616d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 9574
x-response-time: 75
last-modified: Sat, 20 Mar 2021 18:17:17 GMT
server: tsa_a
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 312d4b98ef589b51e0e4bb41f4accd63
akamai-request-bc: [a=2.16.2.92,b=219322549,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_VA_ASHBURN,o=20940],[c=w,n=US_VA_ASHBURN,o=20940]

GET
H2 200 Ew8T-DlUYAQoXy3
pbs.twimg.com/media/ Frame B7C5 10 KB
11 KB 56ms
43ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Ew8T-DlUYAQoXy3?format=jpg&name=240x240

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_devel /

Resource Hash

33f9a22cb9f6689bb38368a86c2853cb77a12eff65dac20906819bef240f11ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 10416
last-modified: Sat, 20 Mar 2021 18:17:17 GMT
server: tsa_devel
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5289f85c3dc1b5703a712f2913da900794bfda729d141aec3222f85f898224ce
akamai-request-bc: [a=2.16.2.92,b=219322550,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 Ew8T-DnVkAQdPqg
pbs.twimg.com/media/ Frame B7C5 10 KB
10 KB 429ms
416ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Ew8T-DnVkAQdPqg?format=jpg&name=240x240

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

1f5351c5b875d043b795632804b8494326c29b9cf494a9dfc99c69a2266e2c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 10002
x-response-time: 66
last-modified: Sat, 20 Mar 2021 18:17:17 GMT
server: tsa_a
date: Sun, 21 Mar 2021 03:36:26 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 56467b591289833df3f43e999c959576
akamai-request-bc: [a=2.16.2.92,b=219322551,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_IL_CHICAGO,o=20940],[c=w,n=US_IL_CHICAGO,o=20940],[c=w,n=US_CA_SANJOSE,o=20940],[c=w,n=US_CA_SANJOSE,o=20940]

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame B7C5 44 KB
44 KB 37ms
9ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
x-content-type-options: nosniff
age: 292146
x-ton-expected-size: 45170
x-cache: HIT
content-length: 45170
x-response-time: 10
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g==+ident"
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 5235edeb7c38858c31401f7635c7e064
accept-ranges: bytes
expires: Sun, 28 Mar 2021 03:36:25 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 44ms
15ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
x-content-type-options: nosniff
age: 292146
x-ton-expected-size: 45170
x-cache: HIT
content-length: 45170
x-response-time: 10
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g==+ident"
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 5235edeb7c38858c31401f7635c7e064
accept-ranges: bytes
expires: Sun, 28 Mar 2021 03:36:25 GMT

GET
DATA 200
OK truncated
/ Frame B7C5 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame B7C5 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame B7C5 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame B7C5 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame B7C5 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame B7C5 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/620/s1.adform.net/ Frame 86C4 35 KB
16 KB 69ms
68ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=44610412;rtbwp=2DA5018E56488303;rtbdata=WXw3SM6mU6fsonZbRBKb3FnqOP11OAwgII43K5nBH9Arm2q3AJF1KOiQBooDm9_Rxrdv5ELOT_6oyhbdk-fEMRxzYltO_LuBxkKNAL4S6PifNGnFsuNVvtRsVhl7nQz355UFF0vMvTzeAqEOGYqpnQiHIkyHgUb5RXnTatIzxO7G0IsZ7vzKdgqiPh85E5A4x1EtxhHNdDb-iXYxeRP0ITuDuTuamKBs8zn9gVZz2l5M4DmwAKwhrUsV02_wBAoyBuwkUiBGgN_LyHvTiSi77SaHP2eKgEkbVuS0NtfHcQAVQbuxKeecE4iWAgsn6OC_uzboJOXLxUehzSuyoStMPCEQfjv_NYPrs-4vJrE8ArAX7IyrCToAWfLjuVUM6oj1giVxROHhrokYY0wYPICNDkrzvcOouG350;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/f9ba633f-18ce-4880-85bc-bcba1f0e3893/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 686df60545fbf0a0d59457fc410d3f997b5c904afdedb6d1b67a48984d6a2cda

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 15:51:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 22 Mar 2021 06:25:53 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 00BC 5 KB
3 KB 62ms
62ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=43925726;rtbwp=9C6C1482C278E670;rtbdata=vaj0t10VFxJ9FHphii2dERjM4zwes1736ZNmu54nDfL4qoFRRmzJZaKQB7hRDV8bxrdv5ELOT_6oyhbdk-fEMRxzYltO_LuBZ_gXlFFdyGdNxDtEcRiP5tuZAHbslBxGFXk_oqMn0QUVAsxVvZrpaASR9xxoNt_frLSFXiihLtyFLkQEhGcNZzXJgf3xyTn-FjcTFG6sQczOTLhcw75aE1z-Ztu1HgSGtNoa3M8awv2UTf5HFirhlLMC4FPUqhM2oQLryfd1vXN5aFOfz7fkSBhuPObN-ei3wK8PGvBtDrlY7RxDzELfbCa4cqyGdZ34kmhnBFAd8uAwhgQqeWDqtUUrQfwgA-9n7W3Te7p31sVXya-nXnzv0uixgZ5BwMZFKh2dhSME_H80HqZkEAlhuL75Oz-Jutmv0;oobclicktrack=http%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2fa35973b5-792a-478d-9a35-0cd9cfed9895%2f;js=1;adfxid=1x;3564;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwe-ha.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

92aebe8d4a5b47ac8cd33ffd00c6a26d4c6dbbbf07758168d368b73ea4454429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2600
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame FEC3 4 KB
2 KB 61ms
61ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=44610412;rtbwp=YFa_OQAAAABk13e3TInMGQkKM0Goea9nxonKZA;rtbdata=yVEXbqLVfAIk809MZvS0G-Dw02ekmzuvvYYPbWbF183YmkbkMQ8sMrQD31a9JRUnUOwngHF4oWOfhu1E43Hhx9cR2JE3DJS6B5v4qKTEFeTNMyQJ-qfUFnP2iftwFP9sNMbocSPAAh49iY7CVkcTUOcNozvNLji8vT9lOY_0SrmdxAg3ukBs-WJNPgfUbAKYeihy17cMAys1;js=1;adfxid=2x;2542;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwe-ha.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

1b36b0e80596052cad894aef8dfb877ae2a168ae24300e1b4698427f502cd354

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2081
expires: -1

GET
H2 200 vue.min.js Show response
cdnjs.cloudflare.com/ajax/libs/vue/1.0.16/ 71 KB
22 KB 14ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/vue/1.0.16/vue.min.js

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3faa93de73bb47449af34d1c6e1c086623bdc09c504534bef8c1aa94fd17c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4522434
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22622
cf-request-id: 08f474122c000005dc76130000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0402b-11d8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3QBuiCVxnwdobzYqdDCzms6uqG7V0kqTHthSiGCJEOJP%2FcHScWMAY3XZKddRTCm2WbAd1is%2BLYb9Y6%2BiffbjT9bEPmw1O1rkCY8ylyBTgtbZRVfuZBUe%2FnDSvnIrIPdEaA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 633422c9da8e05dc-FRA
expires: Fri, 11 Mar 2022 03:36:25 GMT

GET
H2 200 2539d4f2-c388-4766-a13a-715c1672c854.jpg
cdn.broadstreetads.com/assets/ 19 KB
20 KB 12ms
10ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/2539d4f2-c388-4766-a13a-715c1672c854.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 701af3d0d1ed537fa3772e43b9d35d1434a471e8ddccbc6dd3bce83dc664bffa

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 108134
cf-polished: origFmt=jpeg, origSize=39450
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="2539d4f2-c388-4766-a13a-715c1672c854.webp"
access-control-allow-methods: GET, HEAD
content-length: 19870
cf-request-id: 08f474123300004e8bcfad4000000001
last-modified: Tue, 29 Sep 2020 21:55:07 GMT
server: cloudflare
etag: "94a0ddc586a8eaa5efb21cef41acce53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KqMWPn1K%2FavXpg%2FcTrjkULoO3q0WQEgbRB0MiHg%2FWVeO3Px0hM8uHdrkin%2FzzhpXFH%2FQIW2SiuKpzyy3z0iDA3wyuVTPYv6uA8su%2FztQauHpnKahBn%2FcMHtZvcXtkTFhxQzW"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 633422c9edfe4e8b-FRA
x-amz-cf-id: A4cLmuYYSJEwXQ5ssYkX7AHJG8rKruhYv0GlV1EKq013fOYxGood9w==
cf-bgj: imgq:100,h2pri

GET
H2 200 43ff6758-6f2e-414b-b933-34b01718f964.jpg
cdn.broadstreetads.com/assets/ 323 KB
324 KB 22ms
20ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/43ff6758-6f2e-414b-b933-34b01718f964.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7097923459fa8a0082ea45c9eae1acd5ea24f0d93c35f5e6f3b85c4a90dbbc17

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1478565
cf-polished: origFmt=jpeg, origSize=891469
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="43ff6758-6f2e-414b-b933-34b01718f964.webp"
access-control-allow-methods: GET, HEAD
content-length: 330620
cf-request-id: 08f474123300004e8b2bab7000000001
last-modified: Mon, 15 Feb 2021 00:29:28 GMT
server: cloudflare
etag: "ce462f93f35a180aade338cefaa355f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Yh9rjm4ZJ6sHCKVJ9uMsfybecmToaO%2FVj9vwJojPr1Sbuw2YWQpEcgyoUOScdBnlhGMpKPvCbD6WoBCZ5R%2BW0ilUv8YPsMgAqyikkEhrSqgJG%2FChLgmehoKzw3ptpgPdm5bX"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 633422c9edff4e8b-FRA
x-amz-cf-id: fwS-uQHiPYQbAGS_8FSbAwekQbbakLMM99aXAdzq1rzLGErAzw0JUA==
cf-bgj: imgq:100,h2pri

GET
H2 200 df895653-4980-4ac4-83d6-5009f5055cea.jpg
cdn.broadstreetads.com/assets/ 229 KB
230 KB 14ms
13ms Image
image/jpeg 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/df895653-4980-4ac4-83d6-5009f5055cea.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c300a07f26bddcd798cba8355cff631f1b7d76b1461d8cd527d8fd555ff832b5

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 664927
cf-polished: origSize=260335, status=webp_bigger
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-length: 234852
cf-request-id: 08f474123300004e8b08b56000000001
last-modified: Mon, 08 Mar 2021 22:02:56 GMT
server: cloudflare
etag: "1ab769bd01b78455be351c035acbd2b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5SJHgNDWae%2BvQrdNgka%2FbEYRTsXFSN4aRpqkyLuAqAdfjiPx3eAFCWmzEAxaazzlucL9JJ1ZtIgsVmyDAT40ZwVDYlHhDeLwFlxzaMjbcORJ72NOOoB7vD%2B7OaQkrglCnEPy"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 633422c9ee014e8b-FRA
x-amz-cf-id: xHVRq9NIjsTbPLmfCi0gIXylupQE54A6uRPeHkJpGnMF3wCT0zvLmw==
cf-bgj: imgq:100,h2pri

GET
H2 200 f4b7a4df-2f53-46ab-ba51-6a19474d06f1.jpg
cdn.broadstreetads.com/assets/ 32 KB
32 KB 22ms
21ms Image
image/jpeg 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/f4b7a4df-2f53-46ab-ba51-6a19474d06f1.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c819e7bf7a2d264467c9b73445badce4b3ce0eebbd10478eae542ad6b13ecc89

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 202925
cf-polished: origSize=36516, status=webp_bigger
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-length: 32494
cf-request-id: 08f474123300004e8b2e00c000000001
last-modified: Thu, 25 Feb 2021 23:09:09 GMT
server: cloudflare
etag: "bdd76d21a3a26691bcc28b3188dc32fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1%2FGJbeCqrLbVWlsAcWs7WUFgHi2a6EvVoHme28DDf0SvXu2jNQRmTl4k18oBjvC3av6TX87bBV9HQWkPTGxphp7SbYiXEheubmk%2BSOcnto1py1rfErV5NNwpMEHuohIE%2BxTD"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
cf-ray: 633422c9ee024e8b-FRA
x-amz-cf-id: bt7DG3-1BwN_DDygphnuGncZaXIcfAQ9smXBi9z_MOgsRtUb9cKcOg==
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK 65379.js Show response
ad.broadstreetads.com/zdisplay/ 81 KB
25 KB 221ms
220ms Script
application/javascript 23.21.72.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.broadstreetads.com/zdisplay/65379.js?b=c266783,c259692,c267426,c264225,c267430,c270300,c264226,c240525,c233425,c266258,c270767,c268326&kw=not_home_page%2Cnot_landing_page%2Cis_article_page%2Chome-2%2Cpage%2Cnot_home_page%2Cnot_landing_page%2Cis_article_page%2Chome-2%2Cpage&skw=true&ts=1616297784251&target=street-pgx7b735m8
Requested by: Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.72.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-72-59.compute-1.amazonaws.com
Software: /
Resource Hash: 2baafe413ff83183d15440dc173726d8b4b68a56f3ecf3dbb8a34ff4e0528065

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:26 GMT
Content-Encoding: gzip
Connection: keep-alive
transfer-encoding: chunked
x-hostname: ip-10-156-71-77
content-type: application/javascript

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 86C4 5 KB
3 KB 62ms
62ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=44610412;rtbwp=2DA5018E56488303;rtbdata=WXw3SM6mU6fsonZbRBKb3FnqOP11OAwgII43K5nBH9Arm2q3AJF1KOiQBooDm9_Rxrdv5ELOT_6oyhbdk-fEMRxzYltO_LuBxkKNAL4S6PifNGnFsuNVvtRsVhl7nQz355UFF0vMvTzeAqEOGYqpnQiHIkyHgUb5RXnTatIzxO7G0IsZ7vzKdgqiPh85E5A4x1EtxhHNdDb-iXYxeRP0ITuDuTuamKBs8zn9gVZz2l5M4DmwAKwhrUsV02_wBAoyBuwkUiBGgN_LyHvTiSi77SaHP2eKgEkbVuS0NtfHcQAVQbuxKeecE4iWAgsn6OC_uzboJOXLxUehzSuyoStMPCEQfjv_NYPrs-4vJrE8ArAX7IyrCToAWfLjuVUM6oj1giVxROHhrokYY0wYPICNDkrzvcOouG350;oobclicktrack=http%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2ff9ba633f-18ce-4880-85bc-bcba1f0e3893%2f;js=1;adfxid=3x;7604;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwe-ha.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

c1e80a0ad44fae025c66a872421b5852e211177ce5c776d61ffaf1c161363400

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2623
expires: -1

GET
H2 200 IJNFLZMY
pbs.twimg.com/card_img/1373211491755819012/ Frame B7C5 7 KB
7 KB 11ms
10ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1373211491755819012/IJNFLZMY?format=jpg&name=144x144_2

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

6bfb25a4cb86239a669ab6f9bcd05063cc217339e72c62a8b4cc352bd3be993e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 6969
x-response-time: 98
last-modified: Sat, 20 Mar 2021 09:53:07 GMT
server: tsa_a
date: Sun, 21 Mar 2021 03:36:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 70fdc9ea1ec15ae8f3b431485867b7cd
akamai-request-bc: [a=2.16.2.92,b=219322576,c=g,n=CZ__PRAGUE,o=20940]

GET
H2 200 plyr.js Show response
cdn.plyr.io/2.0.18/ 42 KB
13 KB 46ms
12ms Script
application/javascript 2a04:4e42:400::442
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/2.0.18/plyr.js
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::442 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca527118279831529d3a768369965a04d938bcc86840f706da64905e1e6de965

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:25 GMT
content-encoding: gzip
age: 2648465
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
content-length: 12955
x-amz-id-2: EHe7cscgqo0b11p2e0SNJgg9rllJFXHCW3V1gv4y2n/Qt05UyDz2/TcDYuL7p6KHQjB4lk67hr8=
x-served-by: cache-dca17747-DCA, cache-hhn4066-HHN
last-modified: Fri, 02 Aug 2019 03:02:35 GMT
server: AmazonS3
x-timer: S1616297786.984938,VS0,VE0
etag: "11017ff3386dc8738c3f2a1eb4143434"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-request-id: 4695FC213F929E77
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 4, 2

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame B6B2 281 B
554 B 161ms
53ms Document
text/html 104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&geo=eu&co=pl
Requested by: Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KMILYWCN-1I-5GA3; rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt0HZRUZWfOgx0qIf5NGr8Q8WbCrTlkuDKR3OktVOpDwv9SSiUXyP4Wwn1rWxbuVEZ+xAvac7RQXIhpnWrCM9eNbX7S8/cWR7OXNSf+hE=; ses14=; vis14=351284^1; audit=1|SDziDG3X/EjD/lvALRxFf5qpp78UDnSw2F4eSLkXlwEFyLvKw9qhffENxrmtzWkqJhsHlJbldDcuV5t8neMGG6Zr5ZVxLWDe
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Mar 2021 03:36:26 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame FEC3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e85b90af73577d1f0fafa29b6a508e72cb604944d64b1fbf5486592cc30d537

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Standard Show response
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.200/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 00BC 85 KB
36 KB 71ms
70ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.200/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 9bb78f632f67780c00b07e1164aec256155ae77de114a65df8dd39f8088cd83c

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 15:51:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 22 Mar 2021 06:25:52 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.200/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame FEC3 85 KB
36 KB 89ms
88ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.200/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 9bb78f632f67780c00b07e1164aec256155ae77de114a65df8dd39f8088cd83c

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 15:51:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 22 Mar 2021 06:25:52 GMT

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 19 KB
7 KB 152ms
49ms Script
application/javascript 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

80c3bd17e3c0486c71816a9a8a8f019dd66259837fa2eff0edad01b64dbc13da

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: 1
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1742
X-Cache: HIT
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection: keep-alive
X-VServer: infra-playproxy-a-1
Content-Length: 5898
X-Xss-Protection: 1; mode=block
X-Served-By: cache-fra19140-FRA
X-Player-Backend: p
Expires: Sun, 21 Mar 2021 03:37:23 GMT
Server: nginx
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer: S1616297786.169438,VS0,VE0
Date: Sun, 21 Mar 2021 03:36:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript;charset=utf-8
Via: 1.1 varnish, 1.1 varnish
Vary: Accept-Encoding
X-Vimeo-DC: ge
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache-Hits: 240

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2A6C 281 B
554 B 114ms
53ms Document
text/html 104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&geo=eu&co=pl
Requested by: Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KMILYWCN-1I-5GA3; rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt0HZRUZWfOgx0qIf5NGr8Q8WbCrTlkuDKR3OktVOpDwv9SSiUXyP4Wwn1rWxbuVEZ+xAvac7RQXIhpnWrCM9eNbX7S8/cWR7OXNSf+hE=; ses14=; vis14=351284^1; audit=1|SDziDG3X/EjD/lvALRxFf5qpp78UDnSw2F4eSLkXlwEFyLvKw9qhffENxrmtzWkqJhsHlJbldDcuV5t8neMGG6Zr5ZVxLWDe
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Mar 2021 03:36:26 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 86C4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7226125b41a3e7b0105ec39d73e43e1532adada242713137f86d0b0eab121be3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 /
track.adform.net/csimpr/ Frame 00BC 35 B
503 B 60ms
60ms Other
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=43925726&csi=yQPKnXzuFGNf4RBBHZSz1JzMPSbCkH8K2EupcnfG6C_ZKGWOLEEutvLvErD9xNSG0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:26 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 43535725.jpg
s1.adform.net/Banners/43535725/ Frame 00BC 69 KB
69 KB 65ms
65ms Image
image/jpeg 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/43535725/43535725.jpg?bv=2

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

32d8f7902ea87c13080c52612a089eaf1d8d3813692e56641a1165bd30e9fb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
last-modified: Thu, 11 Feb 2021 08:16:57 GMT
server: nginx
etag: "6024e7f9-11414"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 70676

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B6B2 31 KB
10 KB 82ms
57ms Script
text/html 104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&geo=eu&co=pl
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&geo=eu&co=pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=22310
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9441
Expires: Sun, 21 Mar 2021 09:48:16 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame FEC3 35 B
503 B 60ms
60ms Other
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=44610412&csi=YGga4-x8Ozxiq4hMg_oykDn-QKOlIBBN1zunYkW9eX7ZKGWOLEEutvLvErD9xNSG0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:26 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 43970837.jpg
s1.adform.net/Banners/43970837/ Frame FEC3 39 KB
39 KB 75ms
75ms Image
image/jpeg 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/43970837/43970837.jpg?bv=2

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7721fd3d6c83498ab72888b116f14ad7befb0e80f8f7d958367c6d37a5ba5f38

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
last-modified: Thu, 11 Mar 2021 13:43:18 GMT
server: nginx
etag: "604a1e76-9b1d"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 39709

GET
H2 200 Standard Show response
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.200/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 86C4 85 KB
36 KB 86ms
86ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.200/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 9bb78f632f67780c00b07e1164aec256155ae77de114a65df8dd39f8088cd83c

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 15:51:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 22 Mar 2021 06:25:52 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2A6C 31 KB
10 KB 58ms
57ms Script
text/html 104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&geo=eu&co=pl
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&geo=eu&co=pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=22310
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9441
Expires: Sun, 21 Mar 2021 09:48:16 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 810 B
937 B 22ms
21ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.plyr.io
URL: https://cdn.plyr.io/2.0.18/plyr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0897670b44e138788dc10282dd404ad0135d9dee6b6cfd1c44dc9904c974ad0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: private, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sun, 21 Mar 2021 03:36:26 GMT

GET
H2 200 watch
www.youtube.com/ 0
0 36ms
35ms Media
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.youtube.com/watch?v=YFUizrdQIaA
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame FA2F
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
571 B

13ms
13ms

Document
text/html

2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9B) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://we-ha.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 888364
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 21 Mar 2021 03:36:26 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Wed, 03 Mar 2021 19:22:21 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B9B)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Sun, 21 Mar 2021 03:36:26 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Sun, 21 Mar 2021 03:36:26 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
status: 302 Found
strict-transport-security: max-age=631138519
x-connection-hash: fe39a6e7ee2bdec45723a87097999f62
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 173
x-transaction: 005decba00b34ce1
x-tsa-request-body-time: 1
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H2 200 ea292de4-2c37-4cf6-8d4d-1b48f57486fd.jpg
cdn.broadstreetads.com/assets/ 27 KB
28 KB 11ms
10ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/ea292de4-2c37-4cf6-8d4d-1b48f57486fd.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e091569f0d1617e5debc009f669a4a0c05f48b5da84f100f2294c72e5963df2

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1498708
cf-polished: origFmt=jpeg, origSize=44531
x-cache: Miss from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="ea292de4-2c37-4cf6-8d4d-1b48f57486fd.webp"
access-control-allow-methods: GET, HEAD
content-length: 27206
cf-request-id: 08f47413c300004e8bfc91c000000001
last-modified: Wed, 03 Mar 2021 19:01:33 GMT
server: cloudflare
etag: "8d75eae59316bac7f50b71b77fb978b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SnXN2kRVDDyxc4az9qOtWwHwzTkk8GU0zAT1ehJtOq6AQAWChliVIsBFRHeOlXg1p5DLkGq%2FuH1sUvG1IVAYepV0PvmZXXwxz%2F9PZuqlOBK5OrKnlfursx9M%2BXsCywfv34%2BA"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 633422cc684c4e8b-FRA
x-amz-cf-id: GuUk5J0ISD8ipm-qxE8DhTbV5cj25IB8sDhzo2_W0m3fxRoY3dhRtA==
cf-bgj: imgq:100,h2pri

GET
H2 200 951a5ffd-f99a-4584-af56-b6b9b2f25199.jpg
cdn.broadstreetads.com/assets/ 49 KB
50 KB 18ms
17ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/951a5ffd-f99a-4584-af56-b6b9b2f25199.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 165aca928f43329bdb3cf5e102dd792932bd6be4588f3f0755ce941702632d48

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 76396714b4767a1aab64a0c0993e1175.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2653957
cf-polished: origFmt=jpeg, origSize=134596
x-cache: Miss from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="951a5ffd-f99a-4584-af56-b6b9b2f25199.webp"
access-control-allow-methods: GET, HEAD
content-length: 50152
cf-request-id: 08f47413c300004e8be5b9d000000001
last-modified: Wed, 17 Feb 2021 20:48:07 GMT
server: cloudflare
etag: "56ef9fe000884e0495e0c878a1c82b39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jcmq1redELUPchK%2BL%2F3I6N9wd8DCfLznQgwyGO%2B6z3XTsErkWb4OdBk74UWov31c813%2BEPuxziuavILuGffgE7rLCIiiOyIbfveOWSyDg%2Fs0wZtkpy%2BI8VF3E362Zl52nhev"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FJR50-C1
accept-ranges: bytes
cf-ray: 633422cc684d4e8b-FRA
x-amz-cf-id: 5GDVdkua3HnGu2sEUQKru5eCrN_AbvMcUwl25Ma9gKs_yvBryR0Rbw==
cf-bgj: imgq:100,h2pri

GET
H2 200 b716ba39-73cf-4476-b5fe-65ca79b25d19.jpg
cdn.broadstreetads.com/assets/ 41 KB
42 KB 13ms
12ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/b716ba39-73cf-4476-b5fe-65ca79b25d19.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fb875f7abba2dc519e441feace34bab14ffd26ce7847fc7a15b182c1a2cab97

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 ffa7b1f7305a9eb50b3ebbb59c46c01e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 466187
cf-polished: origFmt=jpeg, origSize=113909
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="b716ba39-73cf-4476-b5fe-65ca79b25d19.webp"
access-control-allow-methods: GET, HEAD
content-length: 41942
cf-request-id: 08f47413c300004e8bd62b5000000001
last-modified: Wed, 17 Feb 2021 20:44:58 GMT
server: cloudflare
etag: "5b0e0d37e0f5d72f5abfa041690c9a41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gEKSx%2FW7Mw6yGqAtIztqDPjG1bDPlL%2BhrZlBGaM6tL8ltnB19oB9zBK3QDsr2bf8%2BY6POr0%2BAHC1VyWuAkYDNU0Cfif4i%2BqsGmy5YIUfyQs9SL901tLJxbXiFk5OpW9nKKxO"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
cf-ray: 633422cc684e4e8b-FRA
x-amz-cf-id: 9UuoHdCAzkaONKZU7tiieway26sC5uhtBxdsb-h6QYspF0mIQOIkMw==
cf-bgj: imgq:100,h2pri

GET
H2 200 9c3c8e4a-6e6e-442f-be59-5a6b7e83dc73.jpg
cdn.broadstreetads.com/assets/ 26 KB
26 KB 11ms
11ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/9c3c8e4a-6e6e-442f-be59-5a6b7e83dc73.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5257446059159c15c2c0753a75c3a3fcd3f4b5359e09768e0320b3fea42a61b

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1498708
cf-polished: origFmt=jpeg, origSize=79248
x-cache: Miss from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="9c3c8e4a-6e6e-442f-be59-5a6b7e83dc73.webp"
access-control-allow-methods: GET, HEAD
content-length: 26180
cf-request-id: 08f47413c300004e8b2e01a000000001
last-modified: Wed, 03 Mar 2021 18:58:56 GMT
server: cloudflare
etag: "01ff63dbf1af36689b2f4a2caa08dd39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y%2Fsau05ucp1rDMFtsWsv88HeWPr41LUYNbkgO4U2D6yWxLHjCVRsINaB7yIkrY8XB0%2Fwdjj4Yp%2BVX2AVBes2VFzGICqIYd76abwLXw2WXyBhsKMPkWx9Qi0%2FokYFmqtOXF3g"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 633422cc684f4e8b-FRA
x-amz-cf-id: H_KbV4Qfao3HlLyoDYZPHDsHp2JNdaIS0FF1Oj7MnkuqQO3_l0ZIcw==
cf-bgj: imgq:100,h2pri

GET
H2 200 993563cc-4fff-428b-a2e2-e538a4f077ef.jpg
cdn.broadstreetads.com/assets/ 37 KB
38 KB 12ms
11ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/993563cc-4fff-428b-a2e2-e538a4f077ef.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 789d14de76d2026f99e6e6c0142f721e0798b416ca46866704c159fc49f3167c

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 91f22b7bc376e5af9531f3690bd2d5d3.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 457289
cf-polished: origFmt=jpeg, origSize=91462
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="993563cc-4fff-428b-a2e2-e538a4f077ef.webp"
access-control-allow-methods: GET, HEAD
content-length: 38270
cf-request-id: 08f47413c300004e8b0e1fe000000001
last-modified: Mon, 15 Mar 2021 19:52:50 GMT
server: cloudflare
etag: "6919aeec331a2400b8f5a5b4959b3ab5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dDlJrdCrWTrE9PdT72H%2BPkyHmj0ZrNwRkzNwpIQkNGuSYHVz%2F2forH03B%2F3iEbyZ7Ted2VWZExLwwdE7Q%2FkEW%2FkKr12N4Lyjc8rHb3udmfucH%2BMtE6IPyGiUgebdwFU7bLxZ"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
cf-ray: 633422cc68504e8b-FRA
x-amz-cf-id: 5L8hhpfbsoA2OkEG1viytt9kqq7GP7qgLvxilcP_L0z_PVxHYHWClw==
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK 64514.js Show response
ad.broadstreetads.com/zdisplay/ 6 KB
3 KB 144ms
143ms Script
application/javascript 23.21.72.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.broadstreetads.com/zdisplay/64514.js?b=c266783,c259692,c267426,c264225,c267430,c270300,c264226,c240525,c233425,c266258,c270767,c268326,c270302,c269847,c266778,c266777,c269844,c268820&kw=not_home_page%2Cnot_landing_page%2Cis_article_page%2Chome-2%2Cpage%2Cnot_home_page%2Cnot_landing_page%2Cis_article_page%2Chome-2%2Cpage&skw=true&ts=1616297784251&target=street-8mv3vn0vrk
Requested by: Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.72.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-72-59.compute-1.amazonaws.com
Software: /
Resource Hash: 0f1ff0e37504005a53741c2eb023b68d70a6242425ce31385eeb2ca1606eb124

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:26 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 2424
x-hostname: ip-10-156-71-77
content-type: application/javascript

GET
H2 200 43970837.jpg
s1.adform.net/Banners/43970837/ Frame 86C4 39 KB
39 KB 62ms
61ms Image
image/jpeg 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/43970837/43970837.jpg?bv=2

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.200/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7721fd3d6c83498ab72888b116f14ad7befb0e80f8f7d958367c6d37a5ba5f38

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
last-modified: Thu, 11 Mar 2021 13:43:18 GMT
server: nginx
etag: "604a1e76-9b1d"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 39709

POST
H2 200 /
track.adform.net/csimpr/ Frame 86C4 35 B
503 B 60ms
60ms Other
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=44610412&csi=-L0GJPk_MHN5khjdnsHz6lE9kPK5QDkp1zunYkW9eX7ZKGWOLEEutvLvErD9xNSG0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:26 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3-Q050 200 www-widgetapi.js Show response
www.youtube.com/s/player/223a7479/www-widgetapi.vflset/ 108 KB
39 KB 33ms
19ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef51cb08db5a6bf8867b6bcb164af435614b87b358765d8adb49aa734bf6191f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 19:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 28892
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39074
x-xss-protection: 0
expires: Sun, 20 Mar 2022 19:34:54 GMT

GET
H2 200 bbl0ljo.css
use.typekit.net/ Frame 1284 3 KB
900 B 505ms
493ms Stylesheet
text/css 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/bbl0ljo.css

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

f6ee24757e8fae279c45990c234acb5de25453e2cee1f9daa2039b1ac119ce82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Sun, 21 Mar 2021 03:36:26 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 668

GET
H2 200 style.css
cdn.broadstreetads.com/webfonts/linearicons/ Frame 1284 42 KB
8 KB 12ms
12ms Stylesheet
text/css 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.broadstreetads.com/webfonts/linearicons/style.css
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d867b238eec0d2b2348acf95b4a01bfa9d6eb05c3f1dfa0d6b9f614363c43021

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 fe14b43a6dfec5fc809a25185c7fce43.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 585707
cf-polished: origSize=51890
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-encoding: br
cf-request-id: 08f47413dc00004e8b1d3d8000000001
last-modified: Thu, 05 Dec 2019 19:32:46 GMT
server: cloudflare
etag: W/"2af61da3ebd747d68ff86fdd4d0aef0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AOfDLRI9wCCA6b%2F54g2%2FXyaLfo4HakBIPNl5yYkvEz2fMjgWOUAnFEV6TD6Yl4lLyN8bqoYl6jgMjnc9oeUdEKs8bIUNjUf39AF%2F0C1BLRZF25Xastau1ZCS1uKzvEBsg0s9"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
x-amz-cf-pop: TXL52-C1
cf-ray: 633422cc986c4e8b-FRA
x-amz-cf-id: Ra5pFhdfgL5Eszfvn9sVAzzxMbL6LPsaMMLr0DdJb7_mAEaYvXWnIw==
cf-bgj: minify

GET
H3-Q050 200 iframe_api Show response
www.youtube.com/ Frame 1284 810 B
684 B 47ms
37ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0897670b44e138788dc10282dd404ad0135d9dee6b6cfd1c44dc9904c974ad0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sun, 21 Mar 2021 03:36:26 GMT

GET
H2 200 a4e7b397-784f-4a1f-9446-0372277aceff.png
cdn.broadstreetads.com/uploads/ Frame 1284 4 KB
5 KB 10ms
10ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/a4e7b397-784f-4a1f-9446-0372277aceff.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 884beb273113b9a4d78cd870db76a934827031b07a1c29c11424fee8f960b40c

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 148317
cf-polished: origFmt=png, origSize=5139
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="a4e7b397-784f-4a1f-9446-0372277aceff.webp"
access-control-allow-methods: GET, HEAD
content-length: 4316
cf-request-id: 08f47413e000004e8bcfae5000000001
last-modified: Fri, 05 Mar 2021 00:38:33 GMT
server: cloudflare
etag: "88e16afc72205e571d4e11573f8fbe8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=73M6Z%2BLReNc12zKUx%2BsLw%2BnSUWK9x8wBwVbLIVJJY2NNEx5Wdow8cD3mSzC6NB9RB21nBgKaZZ1rtbUo0ZN%2FKHcO7Yjn2Gq3DjtftCaEkzU1G0svgyPBpe62G6QMrirsaH8p"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 633422cc98764e8b-FRA
x-amz-cf-id: f8oxgOHrWnmD2MKPf8KoqMR11zAcpgiYLVvuO4VqyNKqpm4QT8c89Q==
cf-bgj: imgq:100,h2pri

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame B6B2
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBA...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01JTFlXQ04tMUktNUdBMw==&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZ...

170 B
484 B

122ms
69ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01JTFlXQ04tMUktNUdBMw==&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01JTFlXQ04tMUktNUdBMw==&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame B6B2 0
66 B 161ms
57ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&gdpr=1
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2

204

v1
ads.yahoo.com/cms/ Frame B6B2
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBA...
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMILYWCN-1I-5GA3&sigv=1&esig=2~9e10006f8e867e877d7a0f6cb99bb63caa30e15c&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eX...

0
446 B

35ms
6ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMILYWCN-1I-5GA3&sigv=1&esig=2~9e10006f8e867e877d7a0f6cb99bb63caa30e15c&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMILYWCN-1I-5GA3&sigv=1&esig=2~9e10006f8e867e877d7a0f6cb99bb63caa30e15c&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame B6B2
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABB...
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTQ0NWI3MzQ5OTkzMTQ3MmNmMDg4MmFhMGQ3NWY2NDQzY2RmMGYyYg&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQG...

170 B
190 B

121ms
69ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTQ0NWI3MzQ5OTkzMTQ3MmNmMDg4MmFhMGQ3NWY2NDQzY2RmMGYyYg&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA

Requested by

Host: we-ha.com
URL: https://we-ha.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTQ0NWI3MzQ5OTkzMTQ3MmNmMDg4MmFhMGQ3NWY2NDQzY2RmMGYyYg&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B6B2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X...
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d4e66056-bf3a-4000-adc5-9957e759e8eb&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhV...

42 B
895 B

181ms
50ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d4e66056-bf3a-4000-adc5-9957e759e8eb&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

Date: Sun, 21 Mar 2021 03:36:26 GMT
Server: MT3 3611 f10363c master cdg-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d4e66056-bf3a-4000-adc5-9957e759e8eb&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 21 Mar 2021 03:36:25 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B6B2
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwV...
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAA...
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFa-OgAAAH46XSzr&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCS...

42 B
895 B

50ms
50ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFa-OgAAAH46XSzr&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&gdpr=1&_test=YFa-OgAAAH46XSzr
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1616297787.730755,VS0,VE0
x-served-by: cache-hhn4062-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFa-OgAAAH46XSzr&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&gdpr=1&_test=YFa-OgAAAH46XSzr
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B6B2
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQg...
https://match.adsrvr.org/track/cmb/rubicon?gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQg...
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3ce2255f-b8b5-4cf8-bf0b-9af66e8b05a5&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhV...

42 B
895 B

90ms
50ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3ce2255f-b8b5-4cf8-bf0b-9af66e8b05a5&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&expires=30
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:26 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3ce2255f-b8b5-4cf8-bf0b-9af66e8b05a5&gdpr=1&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&expires=30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 607

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B6B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEg...
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiC...

42 B
895 B

216ms
50ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&gdpr=1&put=CAESEBLm3_OXAQHEvzMAp09aTNY&google_cver=1
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPDY3g6PDY3g6__AAA__DX-AAAAwVqv6fbpG34X03Pt_JkghGL6h8eXVQGAcDoBmQgsTByJIbg0kwhVom9AISIRgcABAZYJCAsgwQhCSkCGBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACEEAQgggEIcAEA&gdpr=1&put=CAESEBLm3_OXAQHEvzMAp09aTNY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 514
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style.css
cdn.broadstreetads.com/webfonts/linearicons/ Frame 1284 42 KB
7 KB 12ms
11ms Stylesheet
text/css 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.broadstreetads.com/webfonts/linearicons/style.css
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d867b238eec0d2b2348acf95b4a01bfa9d6eb05c3f1dfa0d6b9f614363c43021

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 fe14b43a6dfec5fc809a25185c7fce43.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 585707
cf-polished: origSize=51890
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-encoding: br
cf-request-id: 08f47413ff00004e8bfc91e000000001
last-modified: Thu, 05 Dec 2019 19:32:46 GMT
server: cloudflare
etag: W/"2af61da3ebd747d68ff86fdd4d0aef0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fQpIfUyesEBuBqn%2FCR9aZNsw4WztqihMBpOB05%2F%2Fz7J2lPzZ8wH65ihloL9AGvWLH7vHGTS5c%2F4BM9mQae3kjtzJ14kc%2FwOPjATNZbEbdDzq05FDfxsHh8bu1bI8Q1%2FzUeFw"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
x-amz-cf-pop: TXL52-C1
cf-ray: 633422ccc8a44e8b-FRA
x-amz-cf-id: Ra5pFhdfgL5Eszfvn9sVAzzxMbL6LPsaMMLr0DdJb7_mAEaYvXWnIw==
cf-bgj: minify

GET
H3-Q050 200 YFUizrdQIaA Show response
www.youtube.com/embed/ Frame A80A 51 KB
21 KB 52ms
52ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/YFUizrdQIaA?autoplay=1&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fwe-ha.com&enablejsapi=1&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/www-widgetapi.vflset/www-widgetapi.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75a57b80ec0d0a2764909eb9a24f2f6867d632c004d2bb005bab4a154fc29a9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/YFUizrdQIaA?autoplay=1&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fwe-ha.com&enablejsapi=1&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://we-ha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=yGEorAFpy-0; VISITOR_INFO1_LIVE=M8yJbSQzATQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://we-ha.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 21 Mar 2021 03:36:26 GMT
strict-transport-security: max-age=31536000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+868; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 www-widgetapi.js Show response
www.youtube.com/s/player/223a7479/www-widgetapi.vflset/ Frame 1284 108 KB
38 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef51cb08db5a6bf8867b6bcb164af435614b87b358765d8adb49aa734bf6191f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 19:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 28892
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39074
x-xss-protection: 0
expires: Sun, 20 Mar 2022 19:34:54 GMT

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 86C4 54 KB
21 KB 50ms
49ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: 3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
URL: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3477e8fe3b7becd59943c9497c9a6cdcb7768f59f5c0bba0bcf981c923b25c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 02:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3298
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20897
x-xss-protection: 0
server: cafe
etag: 7857869394883405340
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 03:41:28 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/223a7479/ Frame A80A 341 KB
51 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YFUizrdQIaA?autoplay=1&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fwe-ha.com&enablejsapi=1&widgetid=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f3d44464550faae5daa4a090d801ef80ffb455b2c82e9a41b2864b1b5edc7c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/YFUizrdQIaA?autoplay=1&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fwe-ha.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 14:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 133267
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52229
x-xss-protection: 0
expires: Sat, 19 Mar 2022 14:35:19 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/223a7479/www-embed-player.vflset/ Frame A80A 161 KB
58 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b30cd93097a382cdabbcd066d8002c86b4e31011fbd62596f7b2b902bb00dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/YFUizrdQIaA?autoplay=1&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fwe-ha.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 351228
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59641
x-xss-protection: 0
expires: Thu, 17 Mar 2022 02:02:38 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/ Frame A80A 2 MB
2 MB 12ms
12ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f59ec302ed00a6311bae7276bff76ffd918ca4cc692fa8109dadb786a241a165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/YFUizrdQIaA?autoplay=1&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fwe-ha.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 11:28:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 144481
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1617663
x-xss-protection: 0
expires: Sat, 19 Mar 2022 11:28:25 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/223a7479/fetch-polyfill.vflset/ Frame A80A 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/YFUizrdQIaA?autoplay=1&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fwe-ha.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 02:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 2637
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Mon, 21 Mar 2022 02:52:29 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A80A 15 KB
15 KB 34ms
19ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 201301
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:41:25 GMT

GET
H2 200 style.css
cdn.broadstreetads.com/webfonts/linearicons/ Frame 1284 42 KB
7 KB 15ms
15ms Stylesheet
text/css 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.broadstreetads.com/webfonts/linearicons/style.css
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d867b238eec0d2b2348acf95b4a01bfa9d6eb05c3f1dfa0d6b9f614363c43021

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 fe14b43a6dfec5fc809a25185c7fce43.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 585707
cf-polished: origSize=51890
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-encoding: br
cf-request-id: 08f474144b00004e8b359f5000000001
last-modified: Thu, 05 Dec 2019 19:32:46 GMT
server: cloudflare
etag: W/"2af61da3ebd747d68ff86fdd4d0aef0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GWfULBO%2Bo%2FWiE801BaZW2uiQfQjh53itzZBkrnZM7aoPqjzZrqAQb9u%2Fur%2BT%2FsWdF5oKCw0tY4dOlQrK%2FQH3zHEtZ3oe8SFFQRc0vhInvY0RWY0jyurXz9SrDFuhVXkS37gz"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
x-amz-cf-pop: TXL52-C1
cf-ray: 633422cd49194e8b-FRA
x-amz-cf-id: Ra5pFhdfgL5Eszfvn9sVAzzxMbL6LPsaMMLr0DdJb7_mAEaYvXWnIw==
cf-bgj: minify

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8F5C 42 B
501 B 45ms
22ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUHluMFONo4Wjs6HSbisgR6D6f6OojRGNCXOgJ7lNnBJLMYgIbG4axeQxCQAwNT7GCl7YJr6NGOPbnrylHdk51pb9XApWYxYsSuBm_kSbe3YSg6_bn148MtilYtfQG4fkTiJTsBYkWpgguPmvO7ROi&sai=AMfl-YRuaVGkY-fXNL4PoLXCiMmbQPTJiNK7S23jMvwmaaMG5A2TtSP2zkQZL44gJBpEf4N_L9Tl5Q1NAd6awtBkDTwKaNPSNv62SQ7iMNo6VRFe5tBW844EE1bmDth3noA&sig=Cg0ArKJSzD3VVS_OsZsuEAE&id=osdim&mcvt=1003&p=290,315,540,1285&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3878148146&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1616297785163&dlt=50&rpt=283&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1d292b1e-50ab-4534-8d79-a180b3cd9a89.png
cdn.broadstreetads.com/assets/ 17 KB
17 KB 11ms
11ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/1d292b1e-50ab-4534-8d79-a180b3cd9a89.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3a446486b7e55dd742c0d43485889808cff02175f1356659e4826ae63f37336

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 0db8881d14f219a945f6f3898134012d.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 466186
cf-polished: origFmt=png, origSize=84285
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="1d292b1e-50ab-4534-8d79-a180b3cd9a89.webp"
access-control-allow-methods: GET, HEAD
content-length: 17216
cf-request-id: 08f474147d00004e8b08b6d000000001
last-modified: Mon, 08 Mar 2021 21:58:54 GMT
server: cloudflare
etag: "51da1b9f649ca92b828536a8fd061c9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ns4%2FbzqJVVjx5QoRwppx7l5E%2FGqlFXIdtrf6vhRjh5bpT7ybVMujieQtB%2FejTZBpctIANtl8vOG9wngDZPzRzoUHSg89zQIwVZjHkSduThAnvECCdQMBqEef%2B3dMuoD5Luif"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
cf-ray: 633422cd995b4e8b-FRA
x-amz-cf-id: St6bswsjARtfQXVqra3pk9GNHhvbUB2Oo7anhHLRxJU6jgGakD7KEA==
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK 64516.js Show response
ad.broadstreetads.com/zdisplay/ 28 KB
11 KB 150ms
150ms Script
application/javascript 23.21.72.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.broadstreetads.com/zdisplay/64516.js?b=c266783,c259692,c267426,c264225,c267430,c270300,c264226,c240525,c233425,c266258,c270767,c268326,c270302,c269847,c266778,c266777,c269844,c268820,c270766&kw=not_home_page%2Cnot_landing_page%2Cis_article_page%2Chome-2%2Cpage%2Cnot_home_page%2Cnot_landing_page%2Cis_article_page%2Chome-2%2Cpage&skw=true&ts=1616297784251&target=street-l3lrk4z9ls
Requested by: Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.72.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-72-59.compute-1.amazonaws.com
Software: /
Resource Hash: 256ba0c0020e5fca3ae0d957613ff5a0ebbc0b392a552a1bf1b2d9ea1eb1d290

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:26 GMT
Content-Encoding: gzip
Connection: keep-alive
transfer-encoding: chunked
x-hostname: ip-10-156-71-77
content-type: application/javascript

GET
H2 200 army.gif Show response
we-ha.com/porpoiseant/ 0
364 B 14ms
13ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5NDgzNSIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XOPMoTp%2FAgU%2Bg0yVOaHeVqk7M8F%2FBtE7n7ZQe%2BEUCNV5pkkc%2FfjYWiR5qsETlEr49HCKdCvcwZaTyI6eka0rRraVau%2BuEffGtSOcu31QT1%2BKd2CPtuk%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422cdab654dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f474148900004dd0ac2a1000000001
expires: Sat, 20 Mar 2021 03:36:26 UTC

POST
H2 204 csi
csi.gstatic.com/ Frame 86C4 0
331 B 923ms
222ms Other
image/gif 172.217.11.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kmilyxrz&ctx=2&qqid=CL_D5bq6wO8CFZCVdwodf10BUQ&met.4=fb.1w~lb.dq~ol.ml~idt.do~dt.-l4&met.3=739.dq~740.e4~740.e5~740.e5~740.e5~740.fq~443.k7~441.k8~740.kb~740.lr~738.mg~749.mg_4~735.ms_1~113.pf_4~112.pe_6~740.pk&met.1=1.kmilyx2l~6.0~7.0~8.0~9.0~10.0~12.2~13.a~14.c~15.v~16.dq~17.dq~18.dq~19.mf~20.mf~21.ml&met.7=CBsQCBgBMAw4rQZoAnALeL4YgAGkGIgBzi-wAQG4AQM~CCEQBBgBIEQoRDCBATg9~CBsQCiBFOEA~CBwQChgBIEUoRTBROA1oSHBQeLMKgAGXCogB0ROwAQG4AQM~CCoQChgBIEUoRTBgOBs~CBwQChgBIEUoRTBQOAtoSHBPeIMvgAHnLogBrWuwAQG4AQM~CBsQBhgBIEUoRTBaOBQ~CBEQChgBIEUoRTBROAtoSHBPeIg3gAHuNogB47MBsAEBuAED~CBsQCiD7AThF~CBsQCiDSAjg_~CBsQBSDOAzhz~CBsQCiCoBDhc~CBsQBiDaBThB~CBsQASDaBTg9~CCgQChgBILMGKLMGMOoGODdotAZw5QZ4w6QBgAGhowGIAZuvA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.11.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lax28s15-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame A80A 113 B
476 B 39ms
38ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30623cb92e19974899beed670bc25a6ce153d582e90ef5396936f434a6e223ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame A80A 29 B
406 B 25ms
5ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:26:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 622
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Sun, 21 Mar 2021 03:41:04 GMT

GET
H3-Q050 200 3eYrsmSQBEQu88LBPmoKpV_BHftGk26qyGDx_h5vt1k.js Show response
www.google.com/js/th/ Frame A80A 33 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/3eYrsmSQBEQu88LBPmoKpV_BHftGk26qyGDx_h5vt1k.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dde62bb2649004442ef3c2c13e6a0aa55fc11dfb46936eaac860f1fe1e6fb759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 18:59:37 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 18:00:00 GMT
server: sffe
age: 290209
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12653
x-xss-protection: 0
expires: Thu, 17 Mar 2022 18:59:37 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/ Frame A80A 23 KB
23 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d0c3cbb514094c98860c6f43d28502541eaa1defe9a6755ba47e538b85a3b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/YFUizrdQIaA?autoplay=1&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fwe-ha.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:06:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 351019
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23645
x-xss-protection: 0
expires: Thu, 17 Mar 2022 02:06:07 GMT

POST
H3-Q050 200 player Show response
www.youtube.com/youtubei/v1/ Frame A80A 53 KB
16 KB 64ms
64ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08f20df6f870bf202747b0fe12c82240a6a78e3746f743cdaea2038329528151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/YFUizrdQIaA?autoplay=1&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fwe-ha.com&enablejsapi=1&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210315.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id: CgtNOHlKYlNRekFUUSi6_tqCBg%3D%3D
Content-Type: application/json

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16179
x-xss-protection: 0
expires: Sun, 21 Mar 2021 03:36:26 GMT

GET
H2 200 army.gif Show response
we-ha.com/porpoiseant/ 0
258 B 20ms
20ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5NDgzNSIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbOTcwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE4OTQ4MzUiLCJkb21haW5faWQiOiI2NDczNCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlX2hhX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYxNjI5Nzc4MSwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiOTc5OWM5OGMtMGY3NS00YTgyLTcwMTEtMmExYWQ5MzNhZjJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4NSwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODk0ODM1IiwiZG9tYWluX2lkIjoiNjQ3MzQiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZV9oYV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODUsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMTQzIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KhSa%2FrSoGH5Nq8esbwkKosE8eldl44P23WbYDEfCyET8NorGisYjdOlMP0kfMHPtxlaVFkUXDcvO9gNPL4rvjiOTrgP4Az2wxsaP%2Bfgb4ZpqXaweKTo%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422cefc964dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f474155800004dd06daf6000000001
expires: Sat, 20 Mar 2021 03:36:26 UTC

GET
H2 200 s_800_672e105b-6683-4bb5-998c-32acd8bba5b4.png
cdn.broadstreetads.com/uploads/ 240 KB
241 KB 22ms
19ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_672e105b-6683-4bb5-998c-32acd8bba5b4.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9781ebf8db2893c7f4d27ba7cf9cac65b9b4c6cafb77240d73488bcfd9cac50

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 2d69f677a4a0e3e7eefdf9d24bd43661.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 704551
cf-polished: origFmt=png, origSize=398935
x-cache: Miss from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_672e105b-6683-4bb5-998c-32acd8bba5b4.webp"
access-control-allow-methods: GET, HEAD
content-length: 245540
cf-request-id: 08f474156a00004e8bc4abd000000001
last-modified: Fri, 12 Mar 2021 19:22:52 GMT
server: cloudflare
etag: "b6bcaa96825dfe450d4ba508f3892ff4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fNKw3EDKj33NIpEULl8E3D3PMVJq0VjgL6V0lNxV%2FnFqRXSarRyJLGFRTJfQ%2FBrVLFa%2Bdn6fI%2Bvlyvfu%2Bb0ZIphJoVNOUiMPUi33bGx5JSsQxsHTwr%2FVaMwKnYvuNI8aK%2FOz"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
cf-ray: 633422cf0aa94e8b-FRA
x-amz-cf-id: a30zuAv6GMYO81vXWiPlvan8Tuo4L7AFLtGAV1Gm900pPk7iSF9YBA==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_6dc5c4ec-9458-4b9e-bb87-4ef37d001db8.png
cdn.broadstreetads.com/uploads/ 183 KB
184 KB 16ms
12ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_6dc5c4ec-9458-4b9e-bb87-4ef37d001db8.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be800fcd68e13a994dec5e4499b5908c17dca2ce1cc04608c97b33bd8898ee4b

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 610473
cf-polished: origFmt=png, origSize=293490
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_6dc5c4ec-9458-4b9e-bb87-4ef37d001db8.webp"
access-control-allow-methods: GET, HEAD
content-length: 187220
cf-request-id: 08f474156b00004e8b2f235000000001
last-modified: Fri, 12 Mar 2021 19:24:20 GMT
server: cloudflare
etag: "2d2e4a03bdef135f3642da23b97844ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mnyKBL8WfsH1fHMGAfi9EeBpL%2FoDcXKJQit4JWvDnrxXIJTaDhcQdikkvWZhqXkeX1N8Wk0tm3xTKfAHretQ1YyR0aMAhvdqzh8awuSVv8iSwd%2Fa8wqeOT%2BLtPRsWUs9QgSg"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 633422cf1aab4e8b-FRA
x-amz-cf-id: aZvwFIN2sqMvYM6yHciEccsLAyQmAdLCI-DLRCH7pa_YB9N19weDww==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_d9b96579-d361-4c57-8263-5a4bf13eeac3.png
cdn.broadstreetads.com/uploads/ 192 KB
192 KB 26ms
22ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_d9b96579-d361-4c57-8263-5a4bf13eeac3.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15dca577793baa92fc2c501718d67c58852fa63382a7dc76a504b59c701c5795

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 704551
cf-polished: origFmt=png, origSize=325263
x-cache: Miss from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_d9b96579-d361-4c57-8263-5a4bf13eeac3.webp"
access-control-allow-methods: GET, HEAD
content-length: 196312
cf-request-id: 08f474156b00004e8b2ea2a000000001
last-modified: Fri, 12 Mar 2021 19:25:44 GMT
server: cloudflare
etag: "7c6d9dcc9ae5c0a31519d8f0f15fef91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Hxp9jDSgoHHLirVW16BK%2BCud7Sx7EJg8lR4GjIfShGn3jScqmYo7cb2v3Y4tKBjBogE5nMsx0TCcXMyeHPJ7h3QEBzsPSNtG2kPkPNxbA%2FOoE69X9QxN7AW6VqBNy337Zgq2"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 633422cf1aac4e8b-FRA
x-amz-cf-id: ZC8Q345QdTzRhqa1h3deTg9bzMhYR-QMxZ4eqZgyHORq_JJ3K8EZ9A==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_99e308f5-ec4e-40ab-8507-2fec1ddb2e24.png
cdn.broadstreetads.com/uploads/ 227 KB
229 KB 33ms
29ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_99e308f5-ec4e-40ab-8507-2fec1ddb2e24.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 858bdf131497ccb816def72d6da59a2109a80af02f90f63ff17af22ca759b000

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 8f9305e858931aa6ae96c1310e7ea597.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 466186
cf-polished: origFmt=png, origSize=372792
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_99e308f5-ec4e-40ab-8507-2fec1ddb2e24.webp"
access-control-allow-methods: GET, HEAD
content-length: 232934
cf-request-id: 08f474156b00004e8b129a9000000001
last-modified: Fri, 12 Mar 2021 19:26:24 GMT
server: cloudflare
etag: "aadd2af10c0d188240ab2a241bd39d7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EOVgiyFY6Ukv43IsnO%2B%2Bal1zrvgMBrSAjAS4BYjXVeKFw4uYqBfNGqaRU7Wqgs2SZbLAWbMgadSLCQzZTaPwRLg8%2BKSCn8qc6TrcxZUT%2FO%2BJcF%2FrXPSPcQlHagZW4y4eBw62"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
cf-ray: 633422cf1aae4e8b-FRA
x-amz-cf-id: 6nvLdiyFiRihGXmyAL5djr1TiPUmOx4mKG_UGKUMBfJWs_V0M-wa0Q==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_cdab9e45-403a-4e3a-a763-1f9c278db64e.png
cdn.broadstreetads.com/uploads/ 193 KB
194 KB 22ms
18ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_cdab9e45-403a-4e3a-a763-1f9c278db64e.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8953c8aca97c9688901ff2fca274e032abe846dbc4d5f7c5efe98e7862971f63

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 664927
cf-polished: origFmt=png, origSize=303767
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_cdab9e45-403a-4e3a-a763-1f9c278db64e.webp"
access-control-allow-methods: GET, HEAD
content-length: 197688
cf-request-id: 08f474156b00004e8bf92aa000000001
last-modified: Fri, 12 Mar 2021 19:26:54 GMT
server: cloudflare
etag: "e1970ef70bb739983989d6a0db7b8761"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PZvBF9ErO5f89Hl4LCFt%2BQ2p1zgtOz3nEhcyzGbjmoCJfKKS3%2FZf656zJSyWmEdrbZfcdv%2Boyf50ZtrOIqD1exe4oEVU6x1LRSzHf9rentiJG4bzXV4OSC5l%2F6KV3%2BMy%2FJ7S"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 633422cf1aaf4e8b-FRA
x-amz-cf-id: Sg-adtiXHlSTJLk3_wGQ0jEGEwfVh9h89qOP31Yrfqqir8L6ebQkfA==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_df60ba20-14fd-4898-ae3b-038d900a3309.png
cdn.broadstreetads.com/uploads/ 233 KB
234 KB 17ms
13ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_df60ba20-14fd-4898-ae3b-038d900a3309.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d039567bd95fbc4b0a90ee1ca82ddb9f33469bb6845f6cc696f1ed9915701748

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 ee327b50c68ee28ed3c41a10d5a0b1d5.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 459839
cf-polished: origFmt=png, origSize=384260
x-cache: Miss from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_df60ba20-14fd-4898-ae3b-038d900a3309.webp"
access-control-allow-methods: GET, HEAD
content-length: 238872
cf-request-id: 08f474156c00004e8befaba000000001
last-modified: Mon, 15 Mar 2021 19:36:57 GMT
server: cloudflare
etag: "f16a2a6da9bf3d3d56cd5d45c0420f9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ua%2F%2FdRJ7ITApdioA5wLQNnM4QfK%2FjvZe1tvXib2%2FymqQblFcPpckPeg5nn1bZeQk2MTNGUKTzUVTG2KddHRPs8rTiwsExv2laLYfKvtHOvLZ0bYSNrLcGBxaeHHGqEFwPN4k"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
cf-ray: 633422cf1ab04e8b-FRA
x-amz-cf-id: THx7rGJBSIxEQ2Pbbvy3ttmPmX8jyg0GKdVLssre-FxN2uX3cL6OvQ==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_a7ae8cf2-a34d-40ab-b799-266630ddd170.png
cdn.broadstreetads.com/uploads/ 207 KB
208 KB 21ms
17ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_a7ae8cf2-a34d-40ab-b799-266630ddd170.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 984692fe71f2c6648bba11d6c87130859c49c875a8e58d73cd1ebb27733f5659

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 b46ec6462593127fefb6ecac53956825.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 564023
cf-polished: origFmt=png, origSize=331992
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_a7ae8cf2-a34d-40ab-b799-266630ddd170.webp"
access-control-allow-methods: GET, HEAD
content-length: 211852
cf-request-id: 08f474156c00004e8b363b6000000001
last-modified: Fri, 12 Mar 2021 19:28:20 GMT
server: cloudflare
etag: "85c31c4fcd0ca6eb2abc85495d61d6f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Lj1Jb7vF%2FqbVJpO8neHLLYDOjlgRGN9uJpcLZXgzlVqBF0%2FNhIejno6Q5ymn%2FRFsmZ3Ee99sQwdTQJ7BxQJweX44QiEPVPgSFIKGpi2dUw2A8UbCw4z9Ip7x3y3FlNuJbeYR"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
cf-ray: 633422cf1ab24e8b-FRA
x-amz-cf-id: VQMzNCRxPB5Br3ghyD2ZidSwHWQqx_Kkjh7rugkUbtiL0jyBcyMuQw==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_41818cae-f0c6-4816-980e-5d40e4842dd4.png
cdn.broadstreetads.com/uploads/ 189 KB
190 KB 22ms
18ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_41818cae-f0c6-4816-980e-5d40e4842dd4.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df9af92beb448a62113341e6b78bef21ed9ab8a4aab752c30b5baab02a31afe9

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 704551
cf-polished: origFmt=png, origSize=307860
x-cache: Miss from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_41818cae-f0c6-4816-980e-5d40e4842dd4.webp"
access-control-allow-methods: GET, HEAD
content-length: 193530
cf-request-id: 08f474157000004e8b35a01000000001
last-modified: Fri, 12 Mar 2021 19:28:53 GMT
server: cloudflare
etag: "e86253c1ad745c6033b2af595a32d2c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VvOija5GyqLrWWQRkXuXQPS5MeYsH3%2Fzpyr8WG8w0jBDxHQ6JEgmtCDGNI%2BMr6gngCDTQvUcMSZ6WDaX3gzbeXPuVfBgD6p7WV58QPZX8xSupm3iUeRrS82udvCAOmBLu8ci"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
cf-ray: 633422cf1ab34e8b-FRA
x-amz-cf-id: WqkacpZwV_hBO1xf-4q8kMNWJt8YfhpYdMtUZdwIvdtdTHTGi4ux5A==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_e708a653-d4f5-42ff-90a6-6ff8daaef26f.png
cdn.broadstreetads.com/uploads/ 235 KB
236 KB 21ms
17ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_e708a653-d4f5-42ff-90a6-6ff8daaef26f.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1e640c9ac32f50988c2a271e285327476e419587b45d1575e65c6503f80892b

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 6c26a6f006166d6418b47ce1f42cffd6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 466185
cf-polished: origFmt=png, origSize=380296
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_e708a653-d4f5-42ff-90a6-6ff8daaef26f.webp"
access-control-allow-methods: GET, HEAD
content-length: 240786
cf-request-id: 08f474156c00004e8bf1233000000001
last-modified: Fri, 12 Mar 2021 19:29:34 GMT
server: cloudflare
etag: "0b8113e8347ac4057c7f96cf051faa16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kNzeRK8xEZt3Bdr3wHhteFMrCzLpF4bH%2BHhb5SAcNFAr29G5cw5TTLg03X7XJRQghG0MSqcaOMzW9wr3kZLFtxaT5jVU9ZUJHzLWH2%2BamD32VT3KI%2BBoCY%2BRnHkE7NIUGKEs"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
cf-ray: 633422cf1ab64e8b-FRA
x-amz-cf-id: 8DyGO_yI9LQlBpBqLS1AEiuAEt9hQWk_KQCfRfIYYXe-7bDDAPG6FA==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_35026c37-d14a-4338-9a78-9af335359a1e.png
cdn.broadstreetads.com/uploads/ 188 KB
189 KB 19ms
16ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_35026c37-d14a-4338-9a78-9af335359a1e.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 430a41c06d6c4a0bb3e9bcbcfe63a24b20e86b4ce4825d68e88ec89d58654fcc

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
via: 1.1 5e73c9f0818a1864e592f61fe6506072.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 704551
cf-polished: origFmt=png, origSize=306341
x-cache: Miss from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_35026c37-d14a-4338-9a78-9af335359a1e.webp"
access-control-allow-methods: GET, HEAD
content-length: 192414
cf-request-id: 08f474156d00004e8b28158000000001
last-modified: Fri, 12 Mar 2021 19:30:16 GMT
server: cloudflare
etag: "d2bd36de9ac845e779f83c4745c800bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lAXbGZhKVQyI2wgODsRKSVY25sepWWH04LqKhfaJ77VR1UyBjTlow%2BCF3nJqSU%2FrV%2BKjwW1OQ8KFe%2B%2FsG5oi%2FEHBMCzuKy%2BukKBKMA%2BgEZ2nW60W4ajpiMSKbkvTURkLhkhE"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
cf-ray: 633422cf1ab84e8b-FRA
x-amz-cf-id: Yimh4AiaQar-8MyzbqZOoVXi0FjnHdPRlCuQ9T0sjZIztXXjDHa69w==
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK 64517.js Show response
ad.broadstreetads.com/zdisplay/ 4 KB
4 KB 147ms
145ms Script
application/javascript 23.21.72.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.broadstreetads.com/zdisplay/64517.js?b=c266783,c259692,c267426,c264225,c267430,c270300,c264226,c240525,c233425,c266258,c270767,c268326,c270302,c269847,c266778,c266777,c269844,c268820,c270766,c271682&kw=not_home_page%2Cnot_landing_page%2Cis_article_page%2Chome-2%2Cpage%2Cnot_home_page%2Cnot_landing_page%2Cis_article_page%2Chome-2%2Cpage&skw=true&ts=1616297784251&target=street-as02c1ah74
Requested by: Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.72.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-72-59.compute-1.amazonaws.com
Software: /
Resource Hash: 7d4e0a8a6e64a00fcb94350dd2a7d2aff4388b4558fce3aaf4d410da8418bba8

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:26 GMT
Connection: keep-alive
Content-Length: 3974
x-hostname: ip-10-156-71-77
content-type: application/javascript

GET
H2 200 plyr.svg Show response
cdn.plyr.io/2.0.18/ 4 KB
2 KB 42ms
13ms XHR
image/svg+xml 2a04:4e42:400::442
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/2.0.18/plyr.svg
Requested by: Host: cdn.plyr.io
URL: https://cdn.plyr.io/2.0.18/plyr.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::442 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c84ea903b1833a97bb0e508404cded491e4f2c2b7042d193137cc25fcbce4297

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
content-encoding: gzip
age: 3241872
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
content-length: 1222
x-amz-id-2: ySwxjOCjGNtCyu/lyj7yjRnbQ6RbRhX1yUw8p+eBfyD2Rh7yzl/fNnsPLG+1Ho5+gCUFgHxqPiE=
x-served-by: cache-dca17769-DCA, cache-hhn4059-HHN
last-modified: Fri, 02 Aug 2019 03:02:35 GMT
server: AmazonS3
x-timer: S1616297787.775927,VS0,VE0
etag: "2e424027329f13b2cf82d00129c5e193"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-request-id: B204925698CB6C16
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 1, 46

POST
H3-Q050 204 qoe
www.youtube.com/api/stats/ Frame A80A 0
145 B 14ms
13ms Other
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=243&afmt=251&cpn=GHcz01A4NW29URtc&ei=Or9WYKjxKpDX1wLvgISICg&el=embedded&docid=YFUizrdQIaA&ns=yt&fexp=23966110%2C23969934%2C23973491%2C23983296%2C24001374%2C24005870%2C24006795%2C24007246&cl=363272815&seq=1&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210315.1.1&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.125:N&afs=0.125:251::i&vfs=0.125:243:243::r&bwe=0.125:130000&bat=0.125:1:1&vis=0.125:0&cmt=0.125:0.000&bh=0.125:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/YFUizrdQIaA?autoplay=1&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fwe-ha.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:26 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-4g5ednsz.googlevideo.com/ Frame A80A 90 KB
91 KB 44ms
30ms XHR
video/webm 2a00:1450:4001:6c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednsz.googlevideo.com/videoplayback?expire=1616319386&ei=Or9WYKjxKpDX1wLvgISICg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACSMY-Fe2WKQOGZcYRRUnK4hJSnZ2Na2VvJfJYq55eI5&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=mK&mm=31%2C26&mn=sn-4g5ednsz%2Csn-5goeen7d&ms=au%2Conr&mv=m&mvi=5&pl=47&initcwndbps=1178750&vprv=1&mime=video%2Fwebm&ns=sHdL1df1bKgUKkUXeLpcSzkF&gir=yes&clen=2826861&dur=118.518&lmt=1599481299738040&mt=1616297553&fvip=5&keepalive=yes&fexp=24001374%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5316222&n=Gn8zu1nbXY4A2g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJ49rCgj5LMi5DqMCHY_biiyIYQ_v2yxCqkeUckhqfDMAiBQr8xre5W89thk578NpmpWj8_eP4L2QT2Xzj7PH9SuLw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgFSSogQjVeXXRvLh_QQYbqwWIMhYfJhMvh1kYEvYU2x8CIAWYsnwAHuEWnBWIdCsRyjtyWfsZDFxozMk5rcH4r7Nt&alr=yes&cpn=GHcz01A4NW29URtc&cver=1.20210315.1.1&range=0-92503&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:6c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

269fbddd1c9cff35e80b905b6080ecf7f4ecf4bd00e2098136a81cf16b67662f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:26 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 92504
Last-Modified: Mon, 07 Sep 2020 12:21:39 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Sun, 21 Mar 2021 03:36:26 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-4g5ednsz.googlevideo.com/ Frame A80A 64 KB
65 KB 54ms
41ms XHR
audio/webm 2a00:1450:4001:6c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednsz.googlevideo.com/videoplayback?expire=1616319386&ei=Or9WYKjxKpDX1wLvgISICg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACSMY-Fe2WKQOGZcYRRUnK4hJSnZ2Na2VvJfJYq55eI5&itag=251&source=youtube&requiressl=yes&mh=mK&mm=31%2C26&mn=sn-4g5ednsz%2Csn-5goeen7d&ms=au%2Conr&mv=m&mvi=5&pl=47&initcwndbps=1178750&vprv=1&mime=audio%2Fwebm&ns=sHdL1df1bKgUKkUXeLpcSzkF&gir=yes&clen=2109187&dur=118.541&lmt=1599481288214737&mt=1616297553&fvip=5&keepalive=yes&fexp=24001374%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311222&n=Gn8zu1nbXY4A2g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANX1ZAG7qBQC3dlPjbVnxLJNRhHKFjC-vX1p4Uc74hR2AiEArkqe0xBfh9xl33ZfP1HoUlJIZqOQt4cohQAYqKRYEhA%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgFSSogQjVeXXRvLh_QQYbqwWIMhYfJhMvh1kYEvYU2x8CIAWYsnwAHuEWnBWIdCsRyjtyWfsZDFxozMk5rcH4r7Nt&alr=yes&cpn=GHcz01A4NW29URtc&cver=1.20210315.1.1&range=0-66002&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:6c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5890ac04c645cf074a3cb9a5624413c3eeb0819e550be6a0a86ded26a9cabd46

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:26 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 66003
Last-Modified: Mon, 07 Sep 2020 12:21:28 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Sun, 21 Mar 2021 03:36:26 GMT

GET
H3-Q050 200 endscreen.js Show response
www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/ Frame A80A 26 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13ea3da1216b54358a7a63c7dff7aa7863d3e3e2f4cafb1be55d3f737966b115

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/YFUizrdQIaA?autoplay=1&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fwe-ha.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 351305
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7434
x-xss-protection: 0
expires: Thu, 17 Mar 2022 02:01:21 GMT

POST
H3-Q050 200 next Show response
www.youtube.com/youtubei/v1/ Frame A80A 33 KB
4 KB 109ms
109ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

70298515009aed507a7b1948f0862d1fde7a460dd6ad5ec4b73fd32ba0620792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/YFUizrdQIaA?autoplay=1&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fwe-ha.com&enablejsapi=1&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210315.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id: CgtNOHlKYlNRekFUUSi6_tqCBg%3D%3D
Content-Type: application/json

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3553
x-xss-protection: 0
expires: Sun, 21 Mar 2021 03:36:26 GMT

GET
H2 200 army.gif Show response
we-ha.com/porpoiseant/ 0
265 B 20ms
20ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5MDc4NCIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWxhcmdlLWJpbGxib2FyZC0yLTAiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMjUwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE4OTA3ODQiLCJkb21haW5faWQiOiI2NDczNCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlX2hhX2NvbS1sYXJnZS1iaWxsYm9hcmQtMi0wIiwidF9lcG9jaCI6MTYxNjI5Nzc4MSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiOTc5OWM5OGMtMGY3NS00YTgyLTcwMTEtMmExYWQ5MzNhZjJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUxNiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODkwNzg0IiwiZG9tYWluX2lkIjoiNjQ3MzQiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZV9oYV9jb20tbGFyZ2UtYmlsbGJvYXJkLTItMCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MTYsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNjcifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s%2BGHAxohp7n7u%2FLW%2BVhtcTylK1Q3Kd8LWq7l895ddNRUYHotz3qT47GQNOVw0jtPvkep%2FLmrLfGR2W8b8z8%2FTL7J9UIwm3uAoC%2FoVgEkDiOkKi%2FIrCo%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422cf8d3f4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f47415b400004dd05fab8000000001
expires: Sat, 20 Mar 2021 03:36:26 UTC

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame A80A 0
36 B 6ms
5ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?K7BqeQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/YFUizrdQIaA?autoplay=1&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fwe-ha.com&enablejsapi=1&widgetid=1
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/YFUizrdQIaA?autoplay=1&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fwe-ha.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 p.css
p.typekit.net/ Frame 1284 5 B
149 B 20ms
6ms Stylesheet
text/css 2a02:26f0:7100:295::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=bbl0ljo&ht=tk&f=6849.6851.6852&a=354106&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bbl0ljo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:295::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
last-modified: Wed, 02 Sep 2020 04:03:39 GMT
server: nginx
etag: "5f4f199b-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5

GET
H3-Q050 200 DIks3QUjdpU Show response
www.youtube.com/embed/ Frame 0F2D 51 KB
21 KB 44ms
43ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/DIks3QUjdpU?rel=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fwe-ha.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/www-widgetapi.vflset/www-widgetapi.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa198afdcb3201e1846aa38e2addbf981471c1bc3819073b2c930478a1ed8a47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/DIks3QUjdpU?rel=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fwe-ha.com&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://we-ha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=yGEorAFpy-0; VISITOR_INFO1_LIVE=M8yJbSQzATQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://we-ha.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 21 Mar 2021 03:36:26 GMT
strict-transport-security: max-age=31536000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+075; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 videoplayback Show response
r5---sn-4g5ednsz.googlevideo.com/ Frame A80A 64 KB
65 KB 14ms
7ms XHR
audio/webm 2a00:1450:4001:6c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednsz.googlevideo.com/videoplayback?expire=1616319386&ei=Or9WYKjxKpDX1wLvgISICg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACSMY-Fe2WKQOGZcYRRUnK4hJSnZ2Na2VvJfJYq55eI5&itag=251&source=youtube&requiressl=yes&mh=mK&mm=31%2C26&mn=sn-4g5ednsz%2Csn-5goeen7d&ms=au%2Conr&mv=m&mvi=5&pl=47&initcwndbps=1178750&vprv=1&mime=audio%2Fwebm&ns=sHdL1df1bKgUKkUXeLpcSzkF&gir=yes&clen=2109187&dur=118.541&lmt=1599481288214737&mt=1616297553&fvip=5&keepalive=yes&fexp=24001374%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311222&n=Gn8zu1nbXY4A2g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANX1ZAG7qBQC3dlPjbVnxLJNRhHKFjC-vX1p4Uc74hR2AiEArkqe0xBfh9xl33ZfP1HoUlJIZqOQt4cohQAYqKRYEhA%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgFSSogQjVeXXRvLh_QQYbqwWIMhYfJhMvh1kYEvYU2x8CIAWYsnwAHuEWnBWIdCsRyjtyWfsZDFxozMk5rcH4r7Nt&alr=yes&cpn=GHcz01A4NW29URtc&cver=1.20210315.1.1&range=66003-131538&rn=3&rbuf=3705

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:6c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b09c81639563df42843b2dac18518f0e63d20d30aef90d398b777fbd00301349

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:26 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65536
client-protocol: quic
last-modified: Mon, 07 Sep 2020 12:21:28 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Sun, 21 Mar 2021 03:36:26 GMT

GET
H/1.1 200
OK 64518.js Show response
ad.broadstreetads.com/zdisplay/ 26 KB
11 KB 155ms
154ms Script
application/javascript 23.21.72.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.broadstreetads.com/zdisplay/64518.js?b=c266783,c259692,c267426,c264225,c267430,c270300,c264226,c240525,c233425,c266258,c270767,c268326,c270302,c269847,c266778,c266777,c269844,c268820,c270766,c271682&kw=not_home_page%2Cnot_landing_page%2Cis_article_page%2Chome-2%2Cpage%2Cnot_home_page%2Cnot_landing_page%2Cis_article_page%2Chome-2%2Cpage&skw=true&ts=1616297784251&target=street-95wkr3pjwg
Requested by: Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.72.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-72-59.compute-1.amazonaws.com
Software: /
Resource Hash: af65ea4d834ebcac11c2d43c1602c4d009b35c10a6c39ef7a52c038ae1602668

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:27 GMT
Content-Encoding: gzip
Connection: keep-alive
transfer-encoding: chunked
x-hostname: ip-10-156-71-77
content-type: application/javascript

GET
H2 200 l
use.typekit.net/af/c630c3/000000000000000000017098/27/ Frame 1284 24 KB
24 KB 28ms
6ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c630c3/000000000000000000017098/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bbl0ljo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c0496017a38339a0b77090a30a305602c92fc5aa3a656fce16a1014a20e41cd7

Request headers

Origin: https://we-ha.com
Referer: https://use.typekit.net/bbl0ljo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
server: nginx
etag: "1c74b79e9ba3360bbac2fe98f412a723013c3fe0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24208

GET
H2 200 l
use.typekit.net/af/80c5d0/00000000000000000001709c/27/ Frame 1284 24 KB
24 KB 24ms
7ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/80c5d0/00000000000000000001709c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bbl0ljo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 260631120e38908780090a2c774b13900801fa1133f9accff8b630ace589dfff

Request headers

Origin: https://we-ha.com
Referer: https://use.typekit.net/bbl0ljo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
server: nginx
etag: "9852112d8099a97564f64224e106ceeffff9e7c4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24248

GET
H3-Q050 200 videoplayback Show response
r5---sn-4g5ednsz.googlevideo.com/ Frame A80A 138 KB
138 KB 7ms
6ms XHR
audio/webm 2a00:1450:4001:6c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednsz.googlevideo.com/videoplayback?expire=1616319386&ei=Or9WYKjxKpDX1wLvgISICg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACSMY-Fe2WKQOGZcYRRUnK4hJSnZ2Na2VvJfJYq55eI5&itag=251&source=youtube&requiressl=yes&mh=mK&mm=31%2C26&mn=sn-4g5ednsz%2Csn-5goeen7d&ms=au%2Conr&mv=m&mvi=5&pl=47&initcwndbps=1178750&vprv=1&mime=audio%2Fwebm&ns=sHdL1df1bKgUKkUXeLpcSzkF&gir=yes&clen=2109187&dur=118.541&lmt=1599481288214737&mt=1616297553&fvip=5&keepalive=yes&fexp=24001374%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311222&n=Gn8zu1nbXY4A2g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANX1ZAG7qBQC3dlPjbVnxLJNRhHKFjC-vX1p4Uc74hR2AiEArkqe0xBfh9xl33ZfP1HoUlJIZqOQt4cohQAYqKRYEhA%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgFSSogQjVeXXRvLh_QQYbqwWIMhYfJhMvh1kYEvYU2x8CIAWYsnwAHuEWnBWIdCsRyjtyWfsZDFxozMk5rcH4r7Nt&alr=yes&cpn=GHcz01A4NW29URtc&cver=1.20210315.1.1&range=131539-272838&rn=4&rbuf=7411

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:6c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c88f5a0e32e1da9288e75f83cbaf74eb63ca8e4ec6dc717b3b37a6eec4d010d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141300
client-protocol: quic
last-modified: Mon, 07 Sep 2020 12:21:28 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Sun, 21 Mar 2021 03:36:27 GMT

GET
H2 200 army.gif Show response
we-ha.com/porpoiseant/ 0
306 B 14ms
14ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5ODQzNCIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWJhbm5lci0yLTAiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MjA4NjExMDk1LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE4OTg0MzQiLCJkb21haW5faWQiOiI2NDczNCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlX2hhX2NvbS1iYW5uZXItMi0wIiwidF9lcG9jaCI6MTYxNjI5Nzc4MSwiYWRfcG9zaXRpb24iOjExMDcsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiOTc5OWM5OGMtMGY3NS00YTgyLTcwMTEtMmExYWQ5MzNhZjJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODIwODYxMTA5NSwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODk4NDM0IiwiZG9tYWluX2lkIjoiNjQ3MzQiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZV9oYV9jb20tYmFubmVyLTItMCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nsEu6fHugNDtOLI31dLispqa06phz8XKTY9CTjdQ%2FErSw8c4uIP%2FCZC%2FPeaBjGJfg1hAXIjG4eubWNvre7qcdELSZOjUl6Md83lmFNDBLdnRWO9sahI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422d0dea54dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f474168800004dd073226000000001
expires: Sat, 20 Mar 2021 03:36:27 UTC

GET
H3-Q050 200 videoplayback Show response
r5---sn-4g5ednsz.googlevideo.com/ Frame A80A 397 KB
398 KB 6ms
6ms XHR
video/webm 2a00:1450:4001:6c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:6c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7309301cdb611307d3f4b78af1a7ffd366b4c947c1d1d668e289587695583016

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 406964
client-protocol: quic
last-modified: Mon, 07 Sep 2020 12:21:39 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Sun, 21 Mar 2021 03:36:27 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/223a7479/ Frame 0F2D 341 KB
51 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DIks3QUjdpU?rel=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fwe-ha.com&widgetid=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f3d44464550faae5daa4a090d801ef80ffb455b2c82e9a41b2864b1b5edc7c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/DIks3QUjdpU?rel=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fwe-ha.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 14:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 133268
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52229
x-xss-protection: 0
expires: Sat, 19 Mar 2022 14:35:19 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/223a7479/www-embed-player.vflset/ Frame 0F2D 161 KB
58 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DIks3QUjdpU?rel=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fwe-ha.com&widgetid=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b30cd93097a382cdabbcd066d8002c86b4e31011fbd62596f7b2b902bb00dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/DIks3QUjdpU?rel=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fwe-ha.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 351229
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59641
x-xss-protection: 0
expires: Thu, 17 Mar 2022 02:02:38 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/ Frame 0F2D 2 MB
2 MB 10ms
8ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DIks3QUjdpU?rel=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fwe-ha.com&widgetid=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f59ec302ed00a6311bae7276bff76ffd918ca4cc692fa8109dadb786a241a165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/DIks3QUjdpU?rel=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fwe-ha.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 11:28:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 144482
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1617663
x-xss-protection: 0
expires: Sat, 19 Mar 2022 11:28:25 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/223a7479/fetch-polyfill.vflset/ Frame 0F2D 8 KB
3 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DIks3QUjdpU?rel=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fwe-ha.com&widgetid=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/DIks3QUjdpU?rel=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fwe-ha.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 02:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 2638
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Mon, 21 Mar 2022 02:52:29 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0F2D 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DIks3QUjdpU?rel=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fwe-ha.com&widgetid=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 201302
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:41:25 GMT

GET
H2 200 army.gif Show response
we-ha.com/porpoiseant/ 0
469 B 20ms
19ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5NTQzNCIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlszMDAsMjUwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5NTQzNCIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5NTQzNCIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n2tTl%2Bh0fFM3zwFwxJ8OgrqgQV9KFsD7gGqWdzumAtlsKllW0d0bIlWapsnPZXJV7NRMIITtDvDdL15F8AzLzZasNvjO37L1ru96blsQ%2BoLNa1KJi2c%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422d15f184dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f47416d300004dd09ea71000000001
expires: Sat, 20 Mar 2021 03:36:26 UTC

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 0F2D 113 B
183 B 15ms
15ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c343a53d4e6f0de0b02657b2210095985fbb7af64e0c99e518523d2ac05c580b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 0F2D 29 B
394 B 34ms
21ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:26:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 623
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Sun, 21 Mar 2021 03:41:04 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/ Frame 0F2D 97 KB
32 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e876557b18f3103f57f783a5fbcf889c056566f70555ff879105884369c70f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/DIks3QUjdpU?rel=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fwe-ha.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 351306
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32697
x-xss-protection: 0
expires: Thu, 17 Mar 2022 02:01:21 GMT

GET
H3-Q050 200 3eYrsmSQBEQu88LBPmoKpV_BHftGk26qyGDx_h5vt1k.js Show response
www.google.com/js/th/ Frame 0F2D 33 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/3eYrsmSQBEQu88LBPmoKpV_BHftGk26qyGDx_h5vt1k.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dde62bb2649004442ef3c2c13e6a0aa55fc11dfb46936eaac860f1fe1e6fb759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 18:59:37 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 18:00:00 GMT
server: sffe
age: 290210
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12653
x-xss-protection: 0
expires: Thu, 17 Mar 2022 18:59:37 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/ Frame 0F2D 23 KB
23 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d0c3cbb514094c98860c6f43d28502541eaa1defe9a6755ba47e538b85a3b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/DIks3QUjdpU?rel=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fwe-ha.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:06:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 351020
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23645
x-xss-protection: 0
expires: Thu, 17 Mar 2022 02:06:07 GMT

GET
DATA 200
OK truncated
/ Frame 0F2D 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnjzDBEmvQtKH7hLoUDJOnDALwVe8UzlQiex5Q5G=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 0F2D 3 KB
4 KB 26ms
6ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnjzDBEmvQtKH7hLoUDJOnDALwVe8UzlQiex5Q5G=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DIks3QUjdpU?rel=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fwe-ha.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d613dbc85c4565d62942dc40b700e38164a011dfb0ee12c84c8fa79bb0fc168a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 23:56:41 GMT
x-content-type-options: nosniff
age: 13186
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3328
x-xss-protection: 0
server: fife
etag: "v3f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 16 Mar 2021 18:06:21 GMT

GET
H2 200 default.webp
i.ytimg.com/vi_webp/DIks3QUjdpU/ Frame 0F2D 1 KB
2 KB 38ms
18ms Image
image/webp 2a00:1450:4001:801::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/DIks3QUjdpU/default.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DIks3QUjdpU?rel=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fwe-ha.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9639f1d23fd79e8bb217a779d5a8bcc7b9acbf3a6e1ca46582e43591ba0819a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1603895980"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1284
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:36:27 GMT

GET
H2 200 s_800_7db1d230-f99c-409c-b04c-c6a3a333669a.png
cdn.broadstreetads.com/uploads/ 87 KB
88 KB 14ms
11ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_7db1d230-f99c-409c-b04c-c6a3a333669a.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7092f057c778c5a55ea8d085aa64e764e61ec81ffa96695f86f4de0817022eb4

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
via: 1.1 b448bc80d67210455b28a7dbefe37288.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 466185
cf-polished: origFmt=png, origSize=155369
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_7db1d230-f99c-409c-b04c-c6a3a333669a.webp"
access-control-allow-methods: GET, HEAD
content-length: 89218
cf-request-id: 08f474177300004e8b08b89000000001
last-modified: Fri, 12 Mar 2021 19:38:11 GMT
server: cloudflare
etag: "ff8d0d5c1bf86aea031e1cba1c245dea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mJrtYoLywCxvH422ocwYe1g3p8jGrdj35jneDAvduYzhMuhhiTsFVtduS3YihzKU220GG2IHDjy3%2BoeNuwSogye3Zq1G%2BaLBeDT%2FLx4iuCdypR16R2txDsLDGh8v9mcJezGb"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
cf-ray: 633422d25d904e8b-FRA
x-amz-cf-id: 2bfvzxL4UV0l63smoD_eZlru19yMZVZOHvQr8zTl8cAQ2WI3HmHMIA==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_86c12c8c-dee7-445b-a71c-094ee13c8cd0.png
cdn.broadstreetads.com/uploads/ 84 KB
85 KB 23ms
21ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_86c12c8c-dee7-445b-a71c-094ee13c8cd0.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e929559770114a7f44eb4c34954509debe3407847f0f26365e5cf99882fad2e3

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
via: 1.1 f66aaf2d9f6a8e65595a1e24d5f18bcd.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 564024
cf-polished: origFmt=png, origSize=144838
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_86c12c8c-dee7-445b-a71c-094ee13c8cd0.webp"
access-control-allow-methods: GET, HEAD
content-length: 86006
cf-request-id: 08f474177300004e8b29314000000001
last-modified: Fri, 12 Mar 2021 19:39:00 GMT
server: cloudflare
etag: "c9b7d9bf0f24e7e6279b6d27f1f9c90d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7Ep7aQ9TzkmgcGqNEREDRknWDbgr2XQy71XwgP8TJvqdQ3TeqcfK9NRp2UfdUfB%2B5FnoSlq9pTRR2WG%2FlOo9cwFFOpKx5F6X6B8iiwuf2ti89qM3ZbM2cbW%2FCs1dIPDUfP6f"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
cf-ray: 633422d25d914e8b-FRA
x-amz-cf-id: zF-Umlit1ETog4RR6j6MNshKPed22-RT7-zAR-enqhK8WER7Qpv9hw==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_6d062719-90e0-4ad1-af07-e73f54ea521d.png
cdn.broadstreetads.com/uploads/ 108 KB
109 KB 15ms
13ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_6d062719-90e0-4ad1-af07-e73f54ea521d.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42ada955a3439a56e0e20ac96515012ca6188cecf36123041cda6a23662b87c2

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
via: 1.1 fe14b43a6dfec5fc809a25185c7fce43.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 704552
cf-polished: origFmt=png, origSize=174445
x-cache: Miss from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_6d062719-90e0-4ad1-af07-e73f54ea521d.webp"
access-control-allow-methods: GET, HEAD
content-length: 110974
cf-request-id: 08f474177400004e8be4ab9000000001
last-modified: Fri, 12 Mar 2021 19:39:31 GMT
server: cloudflare
etag: "52497ca5f86037a91f57a0d736150e1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3uVPpmBC8bmBfiutrrq27pPk9r%2BgrPLLtWB%2BKFhTYu6bfjDZbQzvTzDkz4cBoXjPRlwDYB%2F4YUyGMeBtj%2FMXtG6DlCe3jE%2FqTJTK7A7pKqRuzbIdV3fo2Xl0OMWyA6xF4p0A"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
cf-ray: 633422d25d924e8b-FRA
x-amz-cf-id: -Aw6HYfNuMxIIbDc0r2mBrEOr5Jb2nxO0KN7cP-TZu3yGyq5iFj6Tw==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_6e5a2a1e-e7dd-434d-b7c7-8b63e0bdebe0.png
cdn.broadstreetads.com/uploads/ 106 KB
107 KB 18ms
16ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_6e5a2a1e-e7dd-434d-b7c7-8b63e0bdebe0.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ab1b638777a35c313824ca2caa5412d609e88e6a8ae6fa872eb3485c34f0d5f

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
via: 1.1 117b54f007fbf40fc2a4bbbd8e88fc21.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 704552
cf-polished: origFmt=png, origSize=177054
x-cache: Miss from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_6e5a2a1e-e7dd-434d-b7c7-8b63e0bdebe0.webp"
access-control-allow-methods: GET, HEAD
content-length: 108872
cf-request-id: 08f474177400004e8bc8172000000001
last-modified: Fri, 12 Mar 2021 19:40:13 GMT
server: cloudflare
etag: "be25281d893b4aff126664a7466f2675"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iQXzxQNXiW5idBqsZbUY2bZmxhy2oK5M1jxfJhN1pfCdlPaTvvWVcabw6MAyJ08TQwBASDrY%2BwLQwj79hTx7nnmi8ObkM2mWOKqo57FF%2B3US45woi3fGPujwDyLmF50D4A3B"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
cf-ray: 633422d25d934e8b-FRA
x-amz-cf-id: xbkazhoNV8XrEWcdCjz2RwRvyxpbYssmApEJrb5zIbtsE7r2B8jCsg==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_bef83c99-5e41-42fa-a82f-dae0f872fca1.png
cdn.broadstreetads.com/uploads/ 121 KB
122 KB 21ms
19ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_bef83c99-5e41-42fa-a82f-dae0f872fca1.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17b34a8b7d32c6b6f30d8613218f99955900911ae21aff19b326b4f78ab308d2

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 704552
cf-polished: origFmt=png, origSize=198079
x-cache: Miss from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_bef83c99-5e41-42fa-a82f-dae0f872fca1.webp"
access-control-allow-methods: GET, HEAD
content-length: 123840
cf-request-id: 08f474177400004e8b03a38000000001
last-modified: Fri, 12 Mar 2021 19:40:48 GMT
server: cloudflare
etag: "f80eb0e970e83f65d6a6cf295fe65535"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vg50zdDcF3sT08GGMI6ZBxkbvm78O1G0Ay3TMR95a0WdfecBP9t9m5fPoYvx4sdcJMYT8GENMadyYbUlVKUlVBuxSCRN28Qkg6LwWKjiVernYkIvFZVr%2BUI5qARt1x0vtbIS"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
cf-ray: 633422d25d944e8b-FRA
x-amz-cf-id: dyWaqfNY2WVN3JuI26NHsp_DTxkGy-sMV9H2dHdMthUufiRU5Ny42g==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_64bf9958-a1c4-4cc5-a932-116dfe90138b.png
cdn.broadstreetads.com/uploads/ 91 KB
92 KB 15ms
14ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_64bf9958-a1c4-4cc5-a932-116dfe90138b.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2b1c7a31cc4b7084dec314b3ffc35fe93fc8c6794e4eff829801eb11348bf69

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 704552
cf-polished: origFmt=png, origSize=152472
x-cache: Miss from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_64bf9958-a1c4-4cc5-a932-116dfe90138b.webp"
access-control-allow-methods: GET, HEAD
content-length: 92832
cf-request-id: 08f474177400004e8be5bbd000000001
last-modified: Fri, 12 Mar 2021 19:41:37 GMT
server: cloudflare
etag: "b8f3aff25a6e88b93027f653c0fab771"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OpbcxUhPwUYYyxhWNpEKxPFSpxwHYaMJUTrDSiMomwKD7GnhDn1SMRkD4jAtTVf2k51XbT9S2tXAKGyrMzt7tSEygVTNTN5J5HABqf28HyY0rw26UQAj1XtqiCBIK7Q%2FcTXU"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
cf-ray: 633422d25d954e8b-FRA
x-amz-cf-id: GVLuP-Dkou18WdAUhBaQVUybbRSREbu_83iOZQS5eWvNQfnsXj_SQg==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_4680b1f7-4787-45f4-ac99-4d71177dbcc3.png
cdn.broadstreetads.com/uploads/ 102 KB
103 KB 19ms
17ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_4680b1f7-4787-45f4-ac99-4d71177dbcc3.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cb65f0193046277ae32cfd7bf701954132627b35ba0b727c66239f3c566d359

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 202926
cf-polished: origFmt=png, origSize=176558
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_4680b1f7-4787-45f4-ac99-4d71177dbcc3.webp"
access-control-allow-methods: GET, HEAD
content-length: 104330
cf-request-id: 08f474177400004e8b288a2000000001
last-modified: Fri, 12 Mar 2021 19:42:22 GMT
server: cloudflare
etag: "7ee778747564449930cf1abbbdf256ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ELSSoUMIrVK1r6eQQqPV%2B252mYpabVblH8YKDybGPJVsSf5YFBjrpoMk2vwo4JVJXQSAcOphYDBVqY9GFasnAJPjpAxXpBSIz9yetzuauscQMdy63NGDEcSbNOoY3%2BK%2FvOV7"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
cf-ray: 633422d25d964e8b-FRA
x-amz-cf-id: 18W8BHabILo9m9YRQ0EQ1e93ViWJ35Xs0VIPuAP2IXcKY7qw5DKWHg==
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK 65697.js Show response
ad.broadstreetads.com/zdisplay/ 26 KB
11 KB 150ms
149ms Script
application/javascript 23.21.72.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.broadstreetads.com/zdisplay/65697.js?b=c266783,c259692,c267426,c264225,c267430,c270300,c264226,c240525,c233425,c266258,c270767,c268326,c270302,c269847,c266778,c266777,c269844,c268820,c270766,c271682,c271689&kw=not_home_page%2Cnot_landing_page%2Cis_article_page%2Chome-2%2Cpage%2Cnot_home_page%2Cnot_landing_page%2Cis_article_page%2Chome-2%2Cpage&skw=true&ts=1616297784251&target=street-1gukggnwds
Requested by: Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.72.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-72-59.compute-1.amazonaws.com
Software: /
Resource Hash: d4d61f8ba9765cf4ad5871320848860d0bbce9731b34e86685437f8b59a92f88

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:27 GMT
Content-Encoding: gzip
Connection: keep-alive
transfer-encoding: chunked
x-hostname: ip-10-156-71-77
content-type: application/javascript

GET
H3-Q050 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 0F2D 4 KB
2 KB 41ms
28ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Sun, 21 Mar 2021 03:36:27 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame 0F2D 0
36 B 6ms
5ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?fZBKmA
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/DIks3QUjdpU?rel=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fwe-ha.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 s_800_f6c2c080-1b48-4aee-a423-645a7e51a301.png
cdn.broadstreetads.com/uploads/ 128 KB
129 KB 20ms
18ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_f6c2c080-1b48-4aee-a423-645a7e51a301.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47919f60fc7a596bce5d5601e18bbb7421d38413fe34253dc6a953a8f5b4e92a

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
via: 1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 704552
cf-polished: origFmt=png, origSize=208531
x-cache: Miss from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_f6c2c080-1b48-4aee-a423-645a7e51a301.webp"
access-control-allow-methods: GET, HEAD
content-length: 131328
cf-request-id: 08f474185a00004e8bd90f3000000001
last-modified: Fri, 12 Mar 2021 19:51:53 GMT
server: cloudflare
etag: "5c479699c2faceb89d62fe89304e4d6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lki%2FBoMYjjG4xE1qwZoJ8lhNC0MaQUZzZBz54ey5BlSUMio%2BcWg%2F5eHZjKzDHeVLZa1qbZ%2Bnm6wuB397HDZovjADlc8QTIxw6TjmZBLJjvt0E4xicaMepYJfcD1PFM71xYzY"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
cf-ray: 633422d3cedf4e8b-FRA
x-amz-cf-id: Skeh4c9SUxCHolXAITQrIbG8pB04FxVoW8Keq8jLRYZaAoJ6oZjbJg==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_ad822342-69be-45ce-b732-58539619636a.png
cdn.broadstreetads.com/uploads/ 93 KB
94 KB 15ms
13ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_ad822342-69be-45ce-b732-58539619636a.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96e1d3969a7b3af0e660b2fb99e8237a1194506a0320de168afc76cc4732ff22

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 704552
cf-polished: origFmt=png, origSize=170723
x-cache: Miss from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_ad822342-69be-45ce-b732-58539619636a.webp"
access-control-allow-methods: GET, HEAD
content-length: 95104
cf-request-id: 08f474185a00004e8b15bc2000000001
last-modified: Fri, 12 Mar 2021 19:55:27 GMT
server: cloudflare
etag: "f001a2ca406dc50d1d5b2b800017cd17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2dvYvwPYynnfidQumpJN0Rvn012pDcuRdRUdywY8nHhnomj7BA%2B232e2d1a%2F546XLDEtid9J46gadN4ZoZJwGQRDUoCUE5tmimtjqcXwoo2zK3eZxYjPLelL3Y4EMZli0gR%2B"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
cf-ray: 633422d3cee04e8b-FRA
x-amz-cf-id: da-kbL9aMic9lx5ob6cs0oUYB_u4XiU6PLGm3MukoteuNLt3d_WvqQ==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_2a4276ec-0996-49df-af14-60466c98108c.png
cdn.broadstreetads.com/uploads/ 131 KB
132 KB 17ms
15ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_2a4276ec-0996-49df-af14-60466c98108c.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2038f9c6f7842b862cffdac5417ce555954cfb9518bc02a4f28cb581d49d40d

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
via: 1.1 9d11c99c18949c4780bf1400ceca8369.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 704552
cf-polished: origFmt=png, origSize=214088
x-cache: Miss from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_2a4276ec-0996-49df-af14-60466c98108c.webp"
access-control-allow-methods: GET, HEAD
content-length: 133948
cf-request-id: 08f474185a00004e8b2e044000000001
last-modified: Fri, 12 Mar 2021 19:56:06 GMT
server: cloudflare
etag: "88f532019c4c34d9e2c32d95e1111ff6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=39h8r%2BBzCl2xhJL5QnF9KG2%2FkPk2ODGKpyiOOKEc0%2FVH961svH08tpm%2FeTRICogvKIVt6o2I5b7OhCh3CR5ZoIxVFZrR8M8J1rwnM%2BbDyE8L4IbO7VmsEzyzMT%2FsPqv%2F8hLM"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
cf-ray: 633422d3cee14e8b-FRA
x-amz-cf-id: YwKq6BojZ1FVJbS_kuaOCvVQUFXJFCM3lts5KmYt4lhUiCmRfKfTJQ==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_38479849-f46f-427f-9e6e-8d6c43ae91ac.png
cdn.broadstreetads.com/uploads/ 122 KB
123 KB 23ms
21ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_38479849-f46f-427f-9e6e-8d6c43ae91ac.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd56e9032c8d4b3b48b20b3afa6121d7d0f092ad60e0f365fc3d2f762cd9707

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
via: 1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 202926
cf-polished: origFmt=png, origSize=200527
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_38479849-f46f-427f-9e6e-8d6c43ae91ac.webp"
access-control-allow-methods: GET, HEAD
content-length: 125372
cf-request-id: 08f474185b00004e8bc4ada000000001
last-modified: Fri, 12 Mar 2021 19:56:35 GMT
server: cloudflare
etag: "1a9d4949f2be9af37d40e76ac34a8da2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hmYEMuXylXFeh2UUH%2FxwvGH4vCqsbozgsFMOhZilhCPHaUW2AeWE2%2FrrP7pFPSae7JHOHrva1qMyNuUHyBD%2Fu9WKNS7SfHdqd8OaWD409cqQhIJE2FbRO%2FNiecQaF1PdndQV"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
cf-ray: 633422d3cee24e8b-FRA
x-amz-cf-id: M1bywtIlcxNBmIirH1bzeouuUdgfF-e6Olm2ssFIJm6RUlUgRm_7bw==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_3d7a5777-a8a0-46b3-b07b-5babb1fb937d.png
cdn.broadstreetads.com/uploads/ 93 KB
94 KB 18ms
16ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_3d7a5777-a8a0-46b3-b07b-5babb1fb937d.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9308e083ed897b261e247183de63122e16c91c4f6ba5ee070b0f85efc2dba4bc

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 704552
cf-polished: origFmt=png, origSize=158454
x-cache: Miss from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_3d7a5777-a8a0-46b3-b07b-5babb1fb937d.webp"
access-control-allow-methods: GET, HEAD
content-length: 95734
cf-request-id: 08f474185b00004e8b2ea45000000001
last-modified: Fri, 12 Mar 2021 19:57:18 GMT
server: cloudflare
etag: "da75362bc294bf460aca88dbad5b801a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MD7Aw91y2G%2BhzebXxy6Ay0Yy3a5NsxIUHV5jwGtsGJ%2FBeEOlRyfzpMP3NScFN%2BOOqU5i1MhQuZKlEFjEQGk%2BOgA4oJk0OweF7KiQY3vy%2Fg6bIb0kTiZsXgxOUKwRn09XAFGc"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
cf-ray: 633422d3cee34e8b-FRA
x-amz-cf-id: tBiUyFyo9Ny6YXwjxGeYTrJn65iZ8XJG9oIDixc1_DEUFbm4T-9TQg==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_715fe339-be29-4c1e-8c97-710ef9751ed0.png
cdn.broadstreetads.com/uploads/ 106 KB
106 KB 13ms
11ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_715fe339-be29-4c1e-8c97-710ef9751ed0.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 702d92ec43f159795e0beaeb9bbff0bc4f7b087fdab8345dec512f37545e73cf

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 704552
cf-polished: origFmt=png, origSize=175648
x-cache: Miss from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_715fe339-be29-4c1e-8c97-710ef9751ed0.webp"
access-control-allow-methods: GET, HEAD
content-length: 108122
cf-request-id: 08f474185b00004e8b129c4000000001
last-modified: Fri, 12 Mar 2021 19:58:21 GMT
server: cloudflare
etag: "24c525ebd314bd2385ea5b55563366ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7OIwgFoqUeUlkBvVwbiGud4Lpg2HBN8G5LVhD7SHDDvtpYGQHHNnzKF9PuiuyG%2BuqsvUoJznNIQq%2F2ytPTYn3qqjjE8DuXOYfWX10eWEZvQsLW6unj0py9UnU77osXFqB6jc"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
cf-ray: 633422d3cee54e8b-FRA
x-amz-cf-id: a3TDRNgJLFrpyR3A_OEi32UZXXzooEjVHGaadDhhuonzutvN3IVzvg==
cf-bgj: imgq:100,h2pri

GET
H2 200 s_800_853f4671-b601-4ce1-b42f-8c2187251e82.png
cdn.broadstreetads.com/uploads/ 92 KB
92 KB 19ms
18ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/uploads/s_800_853f4671-b601-4ce1-b42f-8c2187251e82.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eb62df8403907fa9d61ec6e1496223868df325e678973c25b816f539c4ae34d

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 704552
cf-polished: origFmt=png, origSize=156663
x-cache: Miss from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="s_800_853f4671-b601-4ce1-b42f-8c2187251e82.webp"
access-control-allow-methods: GET, HEAD
content-length: 93794
cf-request-id: 08f474185b00004e8b001dc000000001
last-modified: Fri, 12 Mar 2021 19:59:18 GMT
server: cloudflare
etag: "eafda50df0e1d22e4a0411c759dee26f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6bfBn9li8ePjaXH0Ev6AekHPlnBa%2BPT4S2GsXgR8vqxeQO6BhR6cCQwiEEQBgb1hnZkiyCbAzKagxVBCCqHRGxVlimfq1bee48oZ5e1aoC9aH3wxecpS8UTx%2FY4BZ6UiQFVf"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
cf-ray: 633422d3cee74e8b-FRA
x-amz-cf-id: R2HJ_5gLktqc9LFRjsNk68hl7QBbEkSPvarrpvVyUp7ZoKVPsfudQg==
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK 64515.js Show response
ad.broadstreetads.com/zdisplay/ 14 KB
5 KB 153ms
152ms Script
application/javascript 23.21.72.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.broadstreetads.com/zdisplay/64515.js?b=c266783,c259692,c267426,c264225,c267430,c270300,c264226,c240525,c233425,c266258,c270767,c268326,c270302,c269847,c266778,c266777,c269844,c268820,c270766,c271682,c271689,c271695&kw=not_home_page%2Cnot_landing_page%2Cis_article_page%2Chome-2%2Cpage%2Cnot_home_page%2Cnot_landing_page%2Cis_article_page%2Chome-2%2Cpage&skw=true&ts=1616297784251&target=street-bg85l0hgb4
Requested by: Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.72.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-72-59.compute-1.amazonaws.com
Software: /
Resource Hash: cd9d9c971b2dba9eae260467d11c4ae45b4652322cc8fd6236370c28dfb45c56

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 4416
x-hostname: ip-10-156-71-77
content-type: application/javascript

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 72ms
25ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=criteo,pulsepoint,rubicon,sovrn&cb=194-4-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 22 Mar 2021 03:36:27 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 65ms
23ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 22 Mar 2021 03:36:27 GMT

GET
H2 200 373ca3a6-3f71-4ff7-82c5-a7ac197e40ab.png
cdn.broadstreetads.com/assets/ 121 KB
122 KB 14ms
12ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/373ca3a6-3f71-4ff7-82c5-a7ac197e40ab.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1241d422e3c93fbc8362a7661e9e64034c708c3759790e3f8d683fb8bf0c346

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2640407
cf-polished: origFmt=png, origSize=176135
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="373ca3a6-3f71-4ff7-82c5-a7ac197e40ab.webp"
access-control-allow-methods: GET, HEAD
content-length: 124154
cf-request-id: 08f47418f800004e8bcfb18000000001
last-modified: Sun, 20 May 2018 12:52:21 GMT
server: cloudflare
etag: "9f8915da2444667807ffca1cdc776765"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DKe6gG%2F3tdZggzUfw7lSWykVmg10pX0lE9VJtJXOXCkn%2FKuX6InFOCUI%2FxyXZjp2Jjj9mt2VHcKh%2FXiJJYIMZNrcBg%2FquaxcZchtvaAkriB6Vq%2FkN5rW%2FBFQ2ChS%2BQ58GWMK"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 633422d4bfb04e8b-FRA
x-amz-cf-id: 0P9c36GDYtC2oKN02WqjzEqJ2iBdwnHQZ1GNlMzXssjOez-BPKjm8A==
cf-bgj: imgq:100,h2pri

GET
H2 200 e26fc02b-f6e6-4e18-809c-79a8a705d17d.jpg
cdn.broadstreetads.com/assets/ 35 KB
36 KB 12ms
11ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/e26fc02b-f6e6-4e18-809c-79a8a705d17d.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99e704b4c2bd0f85a4f8f8ddad7c7f5c22c01cb957c4693a4423d50e39a246d5

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
via: 1.1 21b99afa310f2ff34977f80506fb1672.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 356161
cf-polished: origFmt=jpeg, origSize=90242
x-cache: Miss from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="e26fc02b-f6e6-4e18-809c-79a8a705d17d.webp"
access-control-allow-methods: GET, HEAD
content-length: 35830
cf-request-id: 08f47418f800004e8b03a46000000001
last-modified: Wed, 17 Mar 2021 00:39:14 GMT
server: cloudflare
etag: "ea080c7c25eec8fe982f9b3e146715b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dRB%2FqT%2Fc6XWO3j7LjgsaUV%2FJwY9ihDr7w7eIhs%2B6Scf%2BdYdGKLfImWymVrtyTXXUbtPgZm1iMcd9cP5wni4L7ObfYc6bpQZaxfjZ9rK6H3K5LXKPhtXKh6TGWRPP0AcEracZ"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
cf-ray: 633422d4cfb14e8b-FRA
x-amz-cf-id: 1-0SBJbr_dNNqQAQmVV-0Oguy1DpJtsecouimUW5NQs2Sy9Uhe4Fwg==
cf-bgj: imgq:100,h2pri

GET
H2 200 8862651c-4046-461c-80fa-6eff9820188f.jpg
cdn.broadstreetads.com/assets/ 33 KB
33 KB 11ms
10ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/8862651c-4046-461c-80fa-6eff9820188f.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd8594860ffe42ef067c17eb5aa32db23e8a6d93e1bd8f88fa417f4f1fe7e8c3

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2653959
cf-polished: origFmt=jpeg, origSize=39321
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="8862651c-4046-461c-80fa-6eff9820188f.webp"
access-control-allow-methods: GET, HEAD
content-length: 33408
cf-request-id: 08f47418f800004e8b288b0000000001
last-modified: Tue, 16 Jun 2020 04:05:49 GMT
server: cloudflare
etag: "0b7fc0e67814e167316059ae2d249b03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H2rVDVryGcqohWW2Qgm%2Bsf%2BTRX0HiIlEyMLKyo9%2BpuNrgMU80FMPKue8JtGtulbs7A8Ymp%2FIKINrfeBqqkDfxkd9oQRMvY5E%2FD8CX42FB8Jia3T97%2BIxY5RlGW8yDXlZL8kF"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 633422d4cfb24e8b-FRA
x-amz-cf-id: DDc7ivYjKPAI1HlC5khe3eKPkaxZ5A-CLG5S7ptk3Y7rXD-kS1CTEw==
cf-bgj: imgq:100,h2pri

GET
H2 200 8c0d3a7e-0500-4e85-ae69-5cefb77dd161.jpg
cdn.broadstreetads.com/assets/ 113 KB
114 KB 14ms
13ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/8c0d3a7e-0500-4e85-ae69-5cefb77dd161.jpg
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81273973ec1a5bff71b06e158f1324c5117e4e615262ce0dbe07af8c1f66f1b0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
via: 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 796717
cf-polished: origFmt=jpeg, origSize=130282
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="8c0d3a7e-0500-4e85-ae69-5cefb77dd161.webp"
access-control-allow-methods: GET, HEAD
content-length: 115786
cf-request-id: 08f47418f800004e8b19040000000001
last-modified: Thu, 29 Aug 2019 04:13:38 GMT
server: cloudflare
etag: "bcc725643030effae9dfe92236990ec4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zHor7JDi7XWwCDssA7L3luJtBxOtWIjIW64Fb%2FPZFpU9iiqh7yVsGYE634DVvPO7W9UDUyjKsQJrOEBKLk75P5jD0sBz%2BYZqf4nV%2B6UdEXD0cE1X8tZLaau7fv3NDxwJOZQQ"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
cf-ray: 633422d4cfb34e8b-FRA
x-amz-cf-id: 8LWiCK_yIzXqBI2usKixBy-wPOu_l2YNIxqtYMgtKfAeub9gQkXCTg==
cf-bgj: imgq:100,h2pri

GET
H2 200 a1ef58d7-f969-4350-9304-a5ae6f152a90.png
cdn.broadstreetads.com/assets/ 61 KB
62 KB 16ms
15ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/a1ef58d7-f969-4350-9304-a5ae6f152a90.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d320c446bfdf5a76221c838693159057841e83f1cf7a19143dc079b3cda5fe8a

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
via: 1.1 fac12edd3ea2d7d16f6e74eebe042dcc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 466183
cf-polished: origFmt=png, origSize=102730
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="a1ef58d7-f969-4350-9304-a5ae6f152a90.webp"
access-control-allow-methods: GET, HEAD
content-length: 62966
cf-request-id: 08f47418f800004e8b0e22f000000001
last-modified: Fri, 16 Oct 2020 16:47:09 GMT
server: cloudflare
etag: "6b52723ad64d68ba787014315c3e5966"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZBFLq6ToTjGc7dzZm%2B0%2FVD2JRXiuqmYMmHWO9nF41Cb26Cbnf7PbenDnkcrmA0GDUQGlgg6BOIewx01x9QVablG4T4W1yf%2ByRb1Awn5VvCd7L3GxZ44EFv1zBnVaV9gqyI3k"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
cf-ray: 633422d4cfb44e8b-FRA
x-amz-cf-id: 0l53WIdGDuJW6jktWpW5o5Gb91BPhGp7TCHIR5ZKWiHrppeu9_JrWw==
cf-bgj: imgq:100,h2pri

GET
H2 200 28aaa4df-9e35-46fa-a161-5ff16a5b98cd.png
cdn.broadstreetads.com/assets/ 47 KB
48 KB 13ms
13ms Image
image/webp 2606:4700:20::681a:9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.broadstreetads.com/assets/28aaa4df-9e35-46fa-a161-5ff16a5b98cd.png
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9853e63b42fee49bc33be87daa12882504d4e9303df720266d6e91aa2414495

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1053218
cf-polished: origFmt=png, origSize=151613
x-cache: Miss from cloudfront
access-control-max-age: 3000
content-disposition: inline; filename="28aaa4df-9e35-46fa-a161-5ff16a5b98cd.webp"
access-control-allow-methods: GET, HEAD
content-length: 47994
cf-request-id: 08f47418f800004e8be23d9000000001
last-modified: Mon, 08 Mar 2021 22:30:09 GMT
server: cloudflare
etag: "59b271e152a3290b1d0baec91a6f9028"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BmSkwCrye3Su2lpIE5eAR3LbNbSBsMtLCO%2FPa%2FCJmCSobUQmPenDi%2B5ZFlRbf%2B4Cew%2FO6w1uAD7jJ6ZlqUgHDJD5HBfUIpyxwk3RptC%2BeDnkFXAGHGFtj9r%2FbV7poIq7WVYV"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=315576000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 633422d4cfb54e8b-FRA
x-amz-cf-id: 2G4gTbksy-584x5pDI01iO02_y576UljvmjnwOkTrAWj2Uuh1-sJgQ==
cf-bgj: imgq:100,h2pri

GET
H2 200 dark-bottom.css
we-ha.com/ezoic/styles/ 3 KB
1 KB 16ms
15ms Stylesheet
text/css 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/ezoic/styles/dark-bottom.css
Requested by: Host: we-ha.com
URL: https://we-ha.com/ezoic/cookieconsent.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 633422d4ea5c4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f474191000004dd088364000000001
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: cloudflare
etag: W/"bd7-5bd5a9e4b6200-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g0AGOuksO1GtXeZUrgJ9vLPetapUNGbQbWGzdjEg1WPLPC5QH29uDXcbmD%2FPaYoQoz8VJepo6%2FZoc7mdDJz5C97dg1jgpJXLvZW1De7PIod%2Bs6sgBLU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 greenoaks.gif Show response
we-ha.com/detroitchicago/ 0
260 B 15ms
14ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJkb21haW5faWQiOiI2NDczNCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImRhdGEiOlt7Im5hbWUiOiJuYXZpZ2F0aW9uX3R5cGUiLCJ2YWwiOiIwIn0seyJuYW1lIjoicmVkaXJlY3RfY291bnQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOTc5OWM5OGMtMGY3NS00YTgyLTcwMTEtMmExYWQ5MzNhZjJhIiwiZG9tYWluX2lkIjoiNjQ3MzQiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiI2NDIifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6IjMwMDcifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjcifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiMTM1NyJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjE1MjkifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiNDEzMiJ9XX1d
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eGOsjoCzoaUFOufjyzIvLIY3P3kxzx6Awn4nh2dwIrNdkIdJswVokFJKo4cQ4FuR%2Fhz3qdtTlWjvqT1AhWKHEmPbl2DkPs4k8glE9L%2F9ye6uqjni%2FLU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422d51a8b4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f474192f00004dd07ca8a000000001
expires: Sat, 20 Mar 2021 03:36:27 UTC

GET
H2 200 greenoaks.gif Show response
we-ha.com/detroitchicago/ 0
283 B 22ms
21ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJkb21haW5faWQiOiI2NDczNCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjM3ODUifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJkb21haW5faWQiOiI2NDczNCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiMzc4NSJ9XX1d
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H6dTRZ9wsZk9fJRmp1maxOPBBIXiskb2zChe1INoDj7parnO8OR41%2BdgF31c%2FNMgJEG9xBK0VEZdoSlAHXJ1%2FAGu8MkPahV1EnD5UHcbWRYxm%2FjFIyY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422d51a8c4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f474192f00004dd044a4b000000001
expires: Sat, 20 Mar 2021 03:36:27 UTC

GET
H2 200 greenoaks.gif Show response
we-ha.com/detroitchicago/ 0
316 B 19ms
19ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJkb21haW5faWQiOiI2NDczNCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2VmZmVjdGl2ZV90eXBlIiwidmFsIjoiNGcifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJkb21haW5faWQiOiI2NDczNCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2Rvd25saW5rIiwidmFsIjoiMTAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJkb21haW5faWQiOiI2NDczNCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19XQ==
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TaziJCBaCdHIsrN381KeJ0MdNY6FgGaH%2BwfbPYQ9Sq5QlDK3Dt8TM2d5F2p73LLy6EvDTOyVJBDvDOlz7NjWerf1EdOulRj%2B%2Bw%2FR1CPIuiKg0pa1Y7E%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422d51a8d4dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f474192f00004dd06a164000000001
expires: Sat, 20 Mar 2021 03:36:27 UTC

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 45ms
31ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9728a9afa26ace92869289d448d02f2198b703ce45b74cfce6c01990079970e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 03:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6525
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 322D 0
150 B 14ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=we-ha.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=we-ha.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://we-ha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://we-ha.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1444
date: Sun, 21 Mar 2021 03:36:27 GMT
content-length: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sun, 21 Mar 2021 03:36:27 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 85D9 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://we-ha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://we-ha.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sat, 20 Mar 2021 21:49:31 GMT
expires: Sun, 20 Mar 2022 21:49:31 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 20816
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 85D9 14 KB
6 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 13:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 138687
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 13:05:00 GMT

POST
H/1.1 200 457.json Show response
id5-sync.com/g/v2/ 606 B
921 B 201ms
51ms XHR
application/json 51.89.20.87
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/457.json

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=criteo,pulsepoint,rubicon,sovrn&cb=194-4-11

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.20.87 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p19.id5-sync.com

Software

Resource Hash

6623b30176c7498d7845120dccbbfda47e1217a4d23cc0883e4931d88d7575c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://we-ha.com
Date: Sun, 21 Mar 2021 03:36:26 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2CB8 281 B
554 B 53ms
53ms Document
text/html 104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=criteo,pulsepoint,rubicon,sovrn&cb=194-4-11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://we-ha.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KMILYWCN-1I-5GA3; rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt0HZRUZWfOgx0qIf5NGr8Q8WbCrTlkuDKR3OktVOpDwv9SSiUXyP4Wwn1rWxbuVEZ+xAvac7RQXIhpnWrCM9eNbX7S8/cWR7OXNSf+hE=; ses14=; vis14=351284^1; pux=1512%3D98332%262249%3D98332%262307%3D98332%263778%3D98332%26goog%3D98332%26idl%3D98332%26brx%3D98332%262249-DV360-Hosted%3D98332%26; audit=1|SDziDG3X/EjD/lvALRxFf5qpp78UDnSw2F4eSLkXlwGzDUQe0w+z7IMp8p9Fn2XjaNgdOVL2Yy+2Zoa7Mt6Q9IYmuYOkUT54j2DbZcTmSB+PdFXUvO1Npzv+73uuwhOoJ0ZFsXULLkWHzgtDMLjdLUdbYWu0URHxu7quczfRnm09Pm9juhwBBm5qsQvM5tzyMjG0ON7RYwTJAbjxEIzLZKa4dk8bhkDV0XXjw/s/yM+46pSbDXXpBhCQGleypWruTqb5aEFIRoRCRMOTEBTqDZKU5cMVTe4hFJ7tnkmNZTtz5YCRMZ0WXA==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://we-ha.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Mar 2021 03:36:27 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 682D 0
0 67ms
67ms Document
text/plain 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=8711458
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=criteo,pulsepoint,rubicon,sovrn&cb=194-4-11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://we-ha.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://we-ha.com/

Response headers

Server: nginx
Date: Sun, 21 Mar 2021 03:36:27 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap1ams1

GET
H2 200 visitormatch Show response
bh.contextweb.com/ Frame CC9B 27 B
496 B 434ms
167ms Document
text/html 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL

https://bh.contextweb.com/visitormatch

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=criteo,pulsepoint,rubicon,sovrn&cb=194-4-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: bh.contextweb.com
:scheme: https
:path: /visitormatch
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://we-ha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vf=1; V=01wkKhN3n9Je; wf=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://we-ha.com/

Response headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-568ff9c7d-p4jwm
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
content-type: text/html;charset=iso-8859-1
set-cookie: V=;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sun, 21-Mar-2021 03:36:28 GMT;Max-Age=0;SameSite=None INGRESSCOOKIE=70a0f0e276a785ae; path=/; HttpOnly; Secure; SameSite=None
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2CB8 31 KB
10 KB 59ms
58ms Script
text/html 104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=22309
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9441
Expires: Sun, 21 Mar 2021 09:48:16 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 15ms
15ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031701&jk=4331383540198982&bg=!ZmWlZSHNAAbUo7L91KM7ACkAdvg8WkfUU60RXMgclZ4NotKOKWJJXIWCkXNhMmj1cwoy0vlubEwlkAIAAACiUgAAAAxoAQcKAGlq_spwm4EwPkfPnhnTIgh57WpxpSlSd5UsiL6PMHiq1yQ_5ABMnIRg641laGBEjyxVQXax9xYWkLJnIUsYPMXUbAnO0bORdykSRJv7sBQvjdWjxC02PGiXWFK_Cnjs9GBRx9WnnwxBR7eZAcvtqIDtHfAHky67SHW1vakoQLJSBtJLOxYHoXIyo-QlUrjbCfKj04FeY11xrhTdFQIOt-MEWkUlMci2JC-kkEno8bVFPTpR7yHoKumVBwXNRZfkx2mC9S1s34jHmO_ywnvt08_U4w85b_ousL9dXYjl5Df3K5emNstx6PmPyGzAIVtL8ZjQ2zCCU8McFXOAiWsJEtSCDe9GWM1DS3QyOTBv7JugaHlg7lMLAqhHsFDLlmF6fmewHR7iZvcNUVYKk9EW3Hk_gXjj0CAG3u9lKh94uMVhEmNeKvhIn_yOVL3a5gTvsLMMqxQaP9ffPvoIP1H4RrChTytDfXlLxSRTPkepyS9jqsofRxxwP4fFrm86dxdF_XoA_5dgqfw-e_sG4qdqyQP_qMbpZMRtALENINsibzdUMDryFmONA4sdIL2Op_hh9-nRdMptznNbdAw6C5EyQuHhyZa4ewL3U5GyZ8v_bsB270IiKtt5fhqJ_96IrYCwsfFL6s1bpt08AUG5ydYBy4OdcpuCU0zGdt2YFSyCQGolScrHks6wtk_WUMPUo5kQOuPtfFXgY133P4fdQAkOcM3hL9fdlKFAqGo_26jL6aiUw3AOxU7EH00

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 common.js Show response
maps.google.com/maps-api-v3/api/js/44/6/ 77 KB
28 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/44/6/common.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyALXYiMS-gjJn_UXL_i9E-x0pDq1x6365Q&ver=5.5.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d044362b15b514ca1cd2c994866dc89a7f6fc47a4bb49d97f0bb7055e99cb712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:54:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 21:17:07 GMT
server: sffe
age: 294134
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28997
x-xss-protection: 0
expires: Thu, 17 Mar 2022 17:54:15 GMT

GET
H2 200 util.js Show response
maps.google.com/maps-api-v3/api/js/44/6/ 146 KB
54 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/44/6/util.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyALXYiMS-gjJn_UXL_i9E-x0pDq1x6365Q&ver=5.5.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ab08db19a330452c31f9ab1bfdac4cfbd374d968d567b0a142e41eb96d0642b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 17:54:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 21:17:07 GMT
server: sffe
age: 294134
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55241
x-xss-protection: 0
expires: Thu, 17 Mar 2022 17:54:15 GMT

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
207 B 36ms
36ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwe-ha.com%2F&4sAIzaSyALXYiMS-gjJn_UXL_i9E-x0pDq1x6365Q&callback=_xdc_._gs03ak&key=AIzaSyALXYiMS-gjJn_UXL_i9E-x0pDq1x6365Q&token=91951

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps-api-v3/api/js/44/6/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

ce29ffa3db63e5806bb77c15fcfa69e27faec50fb6e8925faaec30dafa867f3a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:29 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=22
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 00BC 35 B
503 B 60ms
59ms Other
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@43925726,8181521254457070309,0|0|0|0|0|0|0|0|0||0|1|31|0d439f2fa757b978eedefa3e49bddb8297e97c8b_1|||1|0|0|8PS9jc23kxkEfUZHiYmJHGOiuwSL1Rui0|||11|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:31 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame FEC3 35 B
503 B 61ms
60ms Other
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@44610412,603936162705334553,0|0|0|0|0|0|0|0|0||0|1|1538|e69bb58200581cad9b958c82ba44907d_1|||1|0|0|GR0Va4MwbqQEfUZHiYmJHGOiuwSL1Rui0|||11|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:31 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 86C4 35 B
503 B 60ms
60ms Other
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@44610412,538832324383716528,0|0|0|0|0|0|0|0|0||0|1|31|587d5628ad8fc92cca2c1f32e555ac3900b92c70_1|||1|0|0|GR0Va4MwbqQEfUZHiYmJHGOiuwSL1Rui0|||11|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:31 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 greenoaks.gif Show response
we-ha.com/detroitchicago/ 0
415 B 14ms
14ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJkb21haW5faWQiOiI2NDczNCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImRhdGEiOlt7Im5hbWUiOiJkaXNwbGF5X2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMjQyNTAwIn0seyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjEifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX3B4IiwidmFsIjoiMzkyNTAwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfY291bnQiLCJ2YWwiOiIzIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6InZpZXdwb3J0X3NpemUiLCJ2YWwiOiIxNjAweDEyMDAifSx7Im5hbWUiOiJ2aWV3cG9ydF9weCIsInZhbCI6IjE5MjAwMDAifSx7Im5hbWUiOiJkb2NfcHgiLCJ2YWwiOiIxMDY0MTYwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiI2NjUxIn1dfV0=
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:32 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Pct4skKV%2FHvIv9orebr5w%2BCyKXGgYo1ZhSW%2FMTKbV2ZUhwZIfF54nB4X3Li%2BM%2FCS3jzb59gCbrYZ6Zv7sVVGvc0yNBFwb0FOotEzdH1WwmkRQK84168%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422f3ee934dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f4742c7000004dd03e3d0000000001
expires: Sat, 20 Mar 2021 03:36:32 UTC

GET
H2 200 audins.js Show response
go.ezoic.net/detroitchicago/ 466 B
883 B 10ms
9ms Script
application/javascript 2600:9000:2182:5400:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezoic.net/detroitchicago/audins.js?cb=194-4
Requested by: Host: we-ha.com
URL: https://we-ha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5400:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: fd78f51affedcaa173cd1f15fca8f1fbecdbaafa7020cec2ae0fe3befbed5ea1

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 23:51:32 GMT
via: 1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: nginx/1.16.0
age: 99900
etag: "1d2-5bd5a9e4b6200;5bd5a9e4b6200-gzip"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: noindex
content-length: 466
x-amz-cf-id: 9fToBpZjFVXHokTT3szTt7fNqWlPYjc06RThPZuTUh8YfDbtA-unjA==

GET
H2 200 army.gif Show response
we-ha.com/porpoiseant/ 0
261 B 13ms
13ms XHR
text/plain 2606:4700:3035::ac43:9f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://we-ha.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg5MDc4NCIsImRvbWFpbl9pZCI6IjY0NzM0IiwidW5pdCI6ImRpdi1ncHQtYWQtd2VfaGFfY29tLWxhcmdlLWJpbGxib2FyZC0yLTAiLCJ0X2Vwb2NoIjoxNjE2Mjk3NzgxLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI5Nzk5Yzk4Yy0wZjc1LTRhODItNzAxMS0yYTFhZDkzM2FmMmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTE2LCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiLTg0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODk1NDM0IiwiZG9tYWluX2lkIjoiNjQ3MzQiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZV9oYV9jb20tbGFyZ2UtbGVhZGVyYm9hcmQtMS0wIiwidF9lcG9jaCI6MTYxNjI5Nzc4MSwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiOTc5OWM5OGMtMGY3NS00YTgyLTcwMTEtMmExYWQ5MzNhZjJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjE1NDgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE4OTQ4MzUiLCJkb21haW5faWQiOiI2NDczNCIsInVuaXQiOiJkaXYtZ3B0LWFkLXdlX2hhX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYxNjI5Nzc4MSwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiOTc5OWM5OGMtMGY3NS00YTgyLTcwMTEtMmExYWQ5MzNhZjJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4NSwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjE2In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODk4NDM0IiwiZG9tYWluX2lkIjoiNjQ3MzQiLCJ1bml0IjoiZGl2LWdwdC1hZC13ZV9oYV9jb20tYmFubmVyLTItMCIsInRfZXBvY2giOjE2MTYyOTc3ODEsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijk3OTljOThjLTBmNzUtNGE4Mi03MDExLTJhMWFkOTMzYWYyYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIxNzMzIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: we-ha.com
URL: https://we-ha.com/detroitchicago/memphis.js?gcb=194-4&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:32 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7lmL7atj6EOW%2B7oO1eZUWeR9ywSlC3Vwh8G1DEqaHBzriA3%2B2oGmdBtbpHsDmGNJ9hmyX%2BrwwVFzlBjaY6LI2E2PgENM8hq12%2BImtPFsDjTrfmZ8X8M%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 633422f45ef74dd0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08f4742cbb00004dd08787d000000001
expires: Sat, 20 Mar 2021 03:36:32 UTC

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 7ms
7ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: go.ezoic.net
URL: https://go.ezoic.net/detroitchicago/audins.js?cb=194-4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:32 GMT
content-encoding: gzip
etag: "YoFsxqR3BwPygbSjh02Dug=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 28 Mar 2021 03:36:32 GMT

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 3 B
348 B 9ms
8ms Script
application/x-javascript 2600:9000:2182:c200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:c200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:09:10 GMT
via: 1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 19:50:24 GMT
server: AmazonS3
age: 1643
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: q7B_knNyEvfrF1VriNDi3YKByaewzT3mJQMXbSWre-gycbOE_RaVsQ==

GET
H2 200 pixel;r=1375056986;labels=Domain.we_ha_com%2CDomainId.64734;rf=3;a=p-31iz6hfFutd16;url=https%3A%2F%2Fwe-ha.com%2F;uht=2;fpan=0;fpa=P0-1558335510-1616297785114;ns=0;ce=1;qjs=1;qv=e576aef5-2021031721...
pixel.quantserve.com/ 35 B
371 B 8ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1375056986;labels=Domain.we_ha_com%2CDomainId.64734;rf=3;a=p-31iz6hfFutd16;url=https%3A%2F%2Fwe-ha.com%2F;uht=2;fpan=0;fpa=P0-1558335510-1616297785114;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=we-ha.com;je=0;sr=1600x1200x24;dst=1;et=1616297792706;tzo=-60;ogl=locale.en_US%2Ctype.website%2Ctitle.We-Ha%20%7C%20West%20Hartford%20News%20%7C%20West%20Hartford%252C%20CT%2Cdescription.We-Ha%252Ecom%20is%20a%20hyperlocal%20online%20site%20providing%20West%20Hartford%20news%252C%20people%20can%20f%2Curl.https%3A%2F%2Fwe-ha%252Ecom%2F%2Csite_name.We-Ha%20%7C%20West%20Hartford%20News

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://we-ha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:32 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
DATA 200
OK truncated
/ Frame A80A 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnjzDBEmvQtKH7hLoUDJOnDALwVe8UzlQiex5Q5G=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A80A 3 KB
3 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnjzDBEmvQtKH7hLoUDJOnDALwVe8UzlQiex5Q5G=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d613dbc85c4565d62942dc40b700e38164a011dfb0ee12c84c8fa79bb0fc168a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 23:56:41 GMT
x-content-type-options: nosniff
age: 13194
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3328
x-xss-protection: 0
server: fife
etag: "v3f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 16 Mar 2021 18:06:21 GMT

GET
H2 200 default.webp
i.ytimg.com/vi_webp/YFUizrdQIaA/ Frame A80A 2 KB
2 KB 47ms
46ms Image
image/webp 2a00:1450:4001:801::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/YFUizrdQIaA/default.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09a4d2d6380726f353fe5a057861c66e57591c3533fbe6e2ef73e3aa4f649020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:35 GMT
x-content-type-options: nosniff
server: sffe
etag: "1595358143"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2046
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:36:35 GMT

POST
H2 204 qoe
www.youtube.com/api/stats/ Frame A80A 0
159 B 13ms
13ms Other
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=243&afmt=251&cpn=GHcz01A4NW29URtc&ei=Or9WYKjxKpDX1wLvgISICg&el=embedded&docid=YFUizrdQIaA&ns=yt&fexp=23966110%2C23969934%2C23973491%2C23983296%2C24001374%2C24005870%2C24006795%2C24007246&cl=363272815&seq=2&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210315.1.1&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&ctmp=loudness:-7.810,dompaused:t.141;promise;m.NotAllowedError&bwm=10.000:772307:0.472&bwe=10.000:564049&bat=10.000:1:1&cmt=10.000:0.000&bh=10.000:15.121&df=10.000:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/YFUizrdQIaA?autoplay=1&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fwe-ha.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 03:36:36 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-4g5ednsz.googlevideo.com/ Frame A80A 259 KB
260 KB 6ms
6ms XHR
audio/webm 2a00:1450:4001:6c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednsz.googlevideo.com/videoplayback?expire=1616319386&ei=Or9WYKjxKpDX1wLvgISICg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACSMY-Fe2WKQOGZcYRRUnK4hJSnZ2Na2VvJfJYq55eI5&itag=251&source=youtube&requiressl=yes&mh=mK&mm=31%2C26&mn=sn-4g5ednsz%2Csn-5goeen7d&ms=au%2Conr&mv=m&mvi=5&pl=47&initcwndbps=1178750&vprv=1&mime=audio%2Fwebm&ns=sHdL1df1bKgUKkUXeLpcSzkF&gir=yes&clen=2109187&dur=118.541&lmt=1599481288214737&mt=1616297553&fvip=5&keepalive=yes&fexp=24001374%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311222&n=Gn8zu1nbXY4A2g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANX1ZAG7qBQC3dlPjbVnxLJNRhHKFjC-vX1p4Uc74hR2AiEArkqe0xBfh9xl33ZfP1HoUlJIZqOQt4cohQAYqKRYEhA%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgFSSogQjVeXXRvLh_QQYbqwWIMhYfJhMvh1kYEvYU2x8CIAWYsnwAHuEWnBWIdCsRyjtyWfsZDFxozMk5rcH4r7Nt&alr=yes&cpn=GHcz01A4NW29URtc&cver=1.20210315.1.1&range=272839-537583&rn=6&rbuf=15185

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:6c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6aba59f64ae1a4b966b763547478bc20b5fed806874a3d7bb42e096c8631d8c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:36 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 264745
Last-Modified: Mon, 07 Sep 2020 12:21:28 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21290
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Sun, 21 Mar 2021 03:36:36 GMT

POST
H3-Q050 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame A80A 28 B
196 B 18ms
18ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/YFUizrdQIaA?autoplay=1&controls=0&rel=0&showinfo=0&iv_load_policy=3&cc_load_policy=0&cc_lang_pref=en&wmode=transparent&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fwe-ha.com&enablejsapi=1&widgetid=1
X-YouTube-Client-Version: 1.20210315.1.1
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtNOHlKYlNRekFUUSi6_tqCBg%3D%3D
X-YouTube-Ad-Signals: dt=1616297786471&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C278%2C156&vis=1&wgl=true&ca_type=image&bid=ANyPxKrHK1Em-lTxfx3TGtk_RoC2_OogCJw_2EyOMCgRkrlrzTRditvKr5PtfneKLXdTCKa7j2MVeYi_J_9_ggD2D-E_5Vuk0w

Response headers

date: Sun, 21 Mar 2021 03:36:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sun, 21 Mar 2021 03:36:37 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 0F2D 28 B
244 B 18ms
18ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/DIks3QUjdpU?rel=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fwe-ha.com&widgetid=1
X-YouTube-Client-Version: 1.20210315.1.1
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtNOHlKYlNRekFUUSi6_tqCBg%3D%3D
X-YouTube-Ad-Signals: dt=1616297787077&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C298%2C159&vis=1&wgl=true&ca_type=image&bid=ANyPxKo46f4vEKj-0HGPeqK_MGwrJRXyuH6Dd7d4Yxpt8iDtpwprAOjhPJSebQa9BMIt1iTGIv3AGRrUue1xfIAF3CSwOLH64A

Response headers

date: Sun, 21 Mar 2021 03:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sun, 21 Mar 2021 03:36:45 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-4g5ednsz.googlevideo.com/ Frame A80A 1 MB
1 MB 6ms
6ms XHR
video/webm 2a00:1450:4001:6c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:6c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

411b7a56b95b24e518944679fed6c4c754367f6d800eeaa28823cdd38252e346

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:36:46 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1224655
Last-Modified: Mon, 07 Sep 2020 12:21:39 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21280
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Sun, 21 Mar 2021 03:36:46 GMT

GET
H3-Q050 200 videoplayback Show response
r5---sn-4g5ednsz.googlevideo.com/ Frame A80A 508 KB
508 KB 6ms
6ms XHR
audio/webm 2a00:1450:4001:6c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednsz.googlevideo.com/videoplayback?expire=1616319386&ei=Or9WYKjxKpDX1wLvgISICg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACSMY-Fe2WKQOGZcYRRUnK4hJSnZ2Na2VvJfJYq55eI5&itag=251&source=youtube&requiressl=yes&mh=mK&mm=31%2C26&mn=sn-4g5ednsz%2Csn-5goeen7d&ms=au%2Conr&mv=m&mvi=5&pl=47&initcwndbps=1178750&vprv=1&mime=audio%2Fwebm&ns=sHdL1df1bKgUKkUXeLpcSzkF&gir=yes&clen=2109187&dur=118.541&lmt=1599481288214737&mt=1616297553&fvip=5&keepalive=yes&fexp=24001374%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311222&n=Gn8zu1nbXY4A2g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANX1ZAG7qBQC3dlPjbVnxLJNRhHKFjC-vX1p4Uc74hR2AiEArkqe0xBfh9xl33ZfP1HoUlJIZqOQt4cohQAYqKRYEhA%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgFSSogQjVeXXRvLh_QQYbqwWIMhYfJhMvh1kYEvYU2x8CIAWYsnwAHuEWnBWIdCsRyjtyWfsZDFxozMk5rcH4r7Nt&alr=yes&cpn=GHcz01A4NW29URtc&cver=1.20210315.1.1&range=537584-1057785&rn=8&rbuf=30001

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:6c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4cf8945c9fc8ca1a1dfb7583ddbb6d4d6f531e36f2728a2b5e8c4b7c21f3bf52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 03:36:46 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 520202
client-protocol: quic
last-modified: Mon, 07 Sep 2020 12:21:28 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21280
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Sun, 21 Mar 2021 03:36:46 GMT

Verdicts & Comments Add Verdict or Comment

314 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
eus.rubiconproject.com/	1970-01-19 19:07:53	Name: pux Value: 1512%3D98332%262249%3D98332%262307%3D98332%263778%3D98332%26goog%3D98332%26idl%3D98332%26brx%3D98332%262249-DV360-Hosted%3D98332%26
.rubiconproject.com/	1970-01-19 16:59:56	Name: ses14 Value:
.rubiconproject.com/	1970-01-20 01:43:53	Name: audit Value: 1\|SDziDG3X/EjD/lvALRxFf5qpp78UDnSw2F4eSLkXlwGzDUQe0w+z7IMp8p9Fn2XjaNgdOVL2Yy+2Zoa7Mt6Q9IYmuYOkUT54j2DbZcTmSB+PdFXUvO1Npzv+73uuwhOoJ0ZFsXULLkWHzgtDMLjdLUdbYWu0URHxu7quczfRnm09Pm9juhwBBm5qsQvM5tzyMjG0ON7RYwTJAbjxEIzLZKa4dk8bhkDV0XXjw/s/yM+46pSbDXXpBhCQGleypWruTqb5aEFIRoRCRMOTEBTqDZKU5cMVTe4hFJ7tnkmNZTtz5YCRMZ0WXA==
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt0HZRUZWfOgx0qIf5NGr8Q8WbCrTlkuDKR3OktVOpDwv9SSiUXyP4Wwn1rWxbuVEZ+xAvac7RQXIhpnWrCM9eNbX7S8/cWR7OXNSf+hE=
we-ha.com/	1970-01-20 01:43:53	Name: ezux_lpl_64734 Value: 1616297787662\|9799c98c-0f75-4a82-7011-2a1ad933af2a\|false
.we-ha.com/	1970-01-20 02:19:53	Name: __gads Value: ID=3c9c91eaaaa4242e-22d8c837d5ba0014:T=1616297784:S=ALNI_MZX5b1N5Y7HDXCdv5g7xIadh_J6Gw
we-ha.com/	1969-12-31 23:59:59	Name: ezouspva Value: 4
.we-ha.com/	1970-01-20 10:29:29	Name: _ga Value: GA1.2.240545047.1616297784
we-ha.com/	1970-01-20 02:20:00	Name: cto_bundle Value: GfxV619sUFlNczVCMmU2c3pLUXAxampXTyUyRkNIT3lSVnJlMXd3JTJGbUxGTVAlMkJkeUFUMWR3d1cxRFl2dFNZJTJCMHB5UllYJTJGZG5sdUU3RUlTYmgwNEhrRDBabjJsYnNjZEN5byUyQk1IV0VEdyUyQmE5NVM1d1FPWFdEcXZFMU9XWkNuZSUyQmxLR3NoVVE
.youtube.com/	1970-01-19 21:17:29	Name: VISITOR_INFO1_LIVE Value: M8yJbSQzATQ
we-ha.com/	1970-01-20 02:20:00	Name: cto_bidid Value: xqu0-F9VRUhWQk1oZkR0eFNVNFN1dFpKc0JFeFA5blB0UnI2ZmticE9BTE82Tk1aUkVGa08xQTdVNWdlTG9FdEcyM1c5RXpDQ2EyJTJGTmJnOHRUNm5WVXhMJTJGNlElM0QlM0Q
.we-ha.com/	1970-01-19 16:58:24	Name: ezoab_64734 Value: mod91-c
.we-ha.com/	1970-01-19 16:59:44	Name: ezepvv Value: 1
.we-ha.com/	1970-01-20 10:29:29	Name: ezosuigeneris Value: 5b6c4578406097ed80ba820f5d688cb8
.doubleclick.net/	1970-01-19 16:58:21	Name: DSID Value: NO_DATA
.we-ha.com/	1970-01-19 16:58:17	Name: _gat_gtag_UA_52800146_1 Value: 1
.doubleclick.net/	1970-01-20 02:19:53	Name: IDE Value: AHWqTUm1M8Vdq4UcwW7Jn6iAVEP_6OiFPbjpJ7ewf9zoy09FsLMy3ft9S2jGJzq-TD0
.we-ha.com/	1970-01-19 16:59:44	Name: _gid Value: GA1.2.1691686440.1616297784
.rubiconproject.com/	1970-01-20 01:43:53	Name: khaos Value: KMILYWCN-1I-5GA3
we-ha.com/	1970-01-22 06:17:29	Name: ezohw Value: w%3D1600%2Ch%3D1200
we-ha.com/	1970-01-19 17:41:29	Name: _pbjs_userid_consent_data Value: 3524755945110770
.we-ha.com/	1970-01-19 16:58:19	Name: ezovuuid_64734 Value: 55b67536-418c-4bbf-611d-a5f2b375af81
.we-ha.com/	1970-01-19 17:01:10	Name: active_template::64734 Value: pub_site.1616297781
.we-ha.com/	1970-01-19 16:58:24	Name: ezoref_64734 Value:
.we-ha.com/	1970-01-20 02:22:46	Name: __qca Value: P0-1558335510-1616297785114
.we-ha.com/	1970-01-19 16:58:19	Name: ezoadgid_64734 Value: -1
we-ha.com/	1970-01-22 06:17:29	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
.we-ha.com/	1970-01-19 16:58:19	Name: lp_64734 Value: https://www.we-ha.com/
we-ha.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 0
.rubiconproject.com/	1970-01-19 16:59:56	Name: vis14 Value: 351284^1
.we-ha.com/	1970-01-20 01:43:53	Name: ezCMPCCS Value: true
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: yGEorAFpy-0
.we-ha.com/	1970-01-19 17:01:10	Name: ezovuuidtime_64734 Value: 1616297783
.we-ha.com/	1970-01-19 16:58:19	Name: ezovid_64734 Value: 761730053
.we-ha.com/	1970-01-19 16:58:19	Name: ezopvc_64734 Value: 2
.we-ha.com/	1970-01-19 17:41:29	Name: __cfduid Value: dc0f3555843f42e0b96d2c5aa585c01291616297780

28 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: ParkAve: [object Proxy] %%PARKAVE_PLACEMENT_ID%% https://ad.broadstreetads.com/click/340485/c270302/z65379?destination=
console-api	log	(Line 1) Message: ParkAve: [object Object] %%PARKAVE_PLACEMENT_ID%% https://ad.broadstreetads.com/click/342527/c271682/z64516?destination=
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: ParkAve: [object Object] %%PARKAVE_PLACEMENT_ID%% https://ad.broadstreetads.com/click/342541/c271689/z64518?destination=
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: ParkAve: [object Object] %%PARKAVE_PLACEMENT_ID%% https://ad.broadstreetads.com/click/342549/c271695/z65697?destination=
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0
console-api	log	(Line 1) Message: cw false 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3c2ede30570d352c8828d577c7b954bf.safeframe.googlesyndication.com
a3377.casalemedia.com
abs.twimg.com
ad.broadstreetads.com
ads.yahoo.com
adservice.google.com
adservice.google.pl
ap.lijit.com
bh.contextweb.com
bid.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
cdn-0.we-ha.com
cdn.broadstreetads.com
cdn.plyr.io
cdn.syndication.twimg.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
d867x8xq12ag.cloudfront.net
dashboard.presspatron.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.ezoic.net
go.ezodn.com
go.ezoic.net
googleads.g.doubleclick.net
gum.criteo.com
i.ytimg.com
id.rlcdn.com
id5-sync.com
maps.google.com
maps.googleapis.com
match.adsrvr.org
mug.criteo.com
p.typekit.net
pagead2.googlesyndication.com
pbs.twimg.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
player.vimeo.com
r5---sn-4g5ednsz.googlevideo.com
rules.quantcount.com
s1.adform.net
secure.quantserve.com
securepubads.g.doubleclick.net
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
syndication.twitter.com
tag.simpli.fi
tags.w55c.net
token.rubiconproject.com
ton.twimg.com
tpc.googlesyndication.com
track.adform.net
translate.google.com
translate.googleapis.com
use.typekit.net
we-ha.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.we-ha.com
www.youtube.com
yt3.ggpht.com
104.108.50.124
104.244.42.72
13.226.158.204
142.250.185.130
142.250.186.162
143.204.209.103
151.101.114.49
151.101.12.217
169.50.137.176
172.217.11.163
178.250.0.157
178.250.2.131
18.156.95.187
18.157.138.23
185.29.135.190
198.148.27.133
198.148.27.139
213.19.162.41
23.21.72.59
2600:1480:3000:e5::
2600:9000:2156:e00:1b:11ff:f600:21
2600:9000:2182:5400:2:cb38:840:93a1
2600:9000:2182:c200:6:44e3:f8c0:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:20::681a:9c6
2606:4700:3035::ac43:9f49
2606:4700::6810:125e
2606:4700:e4::ac40:a708
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:80:800::7000
2a00:1450:4001:6c::a
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:801::2016
2a00:1450:4001:802::2004
2a00:1450:4001:802::200a
2a00:1450:4001:802::200e
2a00:1450:4001:803::2004
2a00:1450:4001:809::2006
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a00:1450:400c:c0a::9d
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00::210:ba2a
2a02:26f0:7100:295::19fd
2a03:2880:f02d:12:face:b00c:0:3
2a04:4e42:400::442
35.244.174.68
37.157.6.235
37.157.6.251
51.89.20.87
52.48.167.250
69.173.144.139
72.251.249.14
85.91.45.191
0001e893552b1e9805eaf2cfe9b6867ddb916e2213083d8d1513aa3e2ee2dd78
017391c754d6de958ad85204899eabbfefd00860f4fa62b0f18f2e79f5a2c5ef
02007cb9ea5401983a0a4a34d08c1a57c75484d0852194291e124c94b848d474
04e107d701fdd6867cb72ba7ceaf313bd068ae7959ec429cab8449d96c30beff
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06ec94eb534a146fc89a718d9809b489a0bc5039797d686953aa756418230e9f
071f986aef5ad255076061f3ac9b67d09fbb99ff3b183f22a1776e6994db3096
07f4db1c6416666918ceea7a517a19afbc8029eca68f873af01b9e47d91a9b0c
08375cebca0d36f2fa3ec9e027a974146af7161553e4319a418d4cee6b38bed7
0897670b44e138788dc10282dd404ad0135d9dee6b6cfd1c44dc9904c974ad0e
08f20df6f870bf202747b0fe12c82240a6a78e3746f743cdaea2038329528151
093c00de730e1211b86557660153d29441be093deb77542b9986234b0d1616d0
09a4d2d6380726f353fe5a057861c66e57591c3533fbe6e2ef73e3aa4f649020
0ab1b638777a35c313824ca2caa5412d609e88e6a8ae6fa872eb3485c34f0d5f
0b1255ab7ddc2567276a015ff806a0353acb9a36772692643e6ffc18479eca01
0b30cd93097a382cdabbcd066d8002c86b4e31011fbd62596f7b2b902bb00dc4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9a8a3f27fa969797b4fbec0716dcacd5aaa38202277691d7baf41a540963fd
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c4a2716ed876d8650586d61a701c6466cc01388e0f85519378c39deaf4af6f9
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500
0f1ff0e37504005a53741c2eb023b68d70a6242425ce31385eeb2ca1606eb124
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0
11fc3f4ae99586ae01aec05dcf1954dc95024f8d63776d220a3b0187873e6eb0
125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
13ea3da1216b54358a7a63c7dff7aa7863d3e3e2f4cafb1be55d3f737966b115
14ba77daf12a912785c29be79d91177e89c98c88a2a505236b490e7a7ac5b4a1
15c9a085b8aa474acc67cd9a831b1ec10c5f29a95b071acde47718076b5a92f0
15dca577793baa92fc2c501718d67c58852fa63382a7dc76a504b59c701c5795
165aca928f43329bdb3cf5e102dd792932bd6be4588f3f0755ce941702632d48
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030
17b34a8b7d32c6b6f30d8613218f99955900911ae21aff19b326b4f78ab308d2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
191dbba54729aa43f2c5c2f118971963758d7f0df2cc2f28f91b86a03dee83ec
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1b36b0e80596052cad894aef8dfb877ae2a168ae24300e1b4698427f502cd354
1b68431bd479f66f60cca8fef9520547c0f28390680174d8b36c5591085e8393
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c4375d0f2bd647317df984d3a7695761091bdad36e0c810d5256c3b6bdbeb26
1c58e449e99a90b63ee782cc8573809e2c9cb5f9c106c3be748ac764fc9a8a1f
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ddb0c2a7ca5d75e5dd1652b5010d55a7d6b40516612fd143b2f4c8cf617fd9e
1e3a740078730900261d5b840606332e05f05294558b54db3fcd5b48b58f9665
1f5351c5b875d043b795632804b8494326c29b9cf494a9dfc99c69a2266e2c38
21f0630c3f9058cdb707980ff363cf87e1099fded9aefbd10176cfaf24a3993c
2542e20dbe75f1cdf23e212b8d25ce6107e1f604b50aaf71d46494d47ef431a9
256ba0c0020e5fca3ae0d957613ff5a0ebbc0b392a552a1bf1b2d9ea1eb1d290
260631120e38908780090a2c774b13900801fa1133f9accff8b630ace589dfff
269fbddd1c9cff35e80b905b6080ecf7f4ecf4bd00e2098136a81cf16b67662f
27be86b9c8a5b510f0371a493dbf8cfc21a20627f74b9fb6fe9e3a02f7cdaaf4
2927ea6c7ebeb0e82b4b904e66ce945bba500ab76de5dffff47b0fd15bbfc5f0
2baafe413ff83183d15440dc173726d8b4b68a56f3ecf3dbb8a34ff4e0528065
2bd6819b1c555f23ea16b4f55f88830137abe2c81b4836032f8d4b74cd29568a
2c33bcb6e3eeca62ec378dca9900029288e7c9ff35fb5014229161b7068e44ed
3011478c8ca531be7eeeb1b7c245f888bf0535ba052352fb19d2ce3d2f4918ba
30623cb92e19974899beed670bc25a6ce153d582e90ef5396936f434a6e223ca
32325245023daef823fa545ba29fa3eb352aebf5292940e86d676b1b7308ac7e
32d8f7902ea87c13080c52612a089eaf1d8d3813692e56641a1165bd30e9fb6a
33adf7f6fe4829acc8800b6097d1c14c88c01cd0076afbf33c5274ab45612a95
33f9a22cb9f6689bb38368a86c2853cb77a12eff65dac20906819bef240f11ca
3477e8fe3b7becd59943c9497c9a6cdcb7768f59f5c0bba0bcf981c923b25c6b
34ca5f64f8387c4262476ab5f3c84672870abbb74216be07d49b865f50ad6df1
3540d68ec93454b1e7771b7403ef13cf9fdb58ac7e2ebbe21d4d49b4a486d27d
37b945e5fe609563e83b37edcbfe3d18aac072a55fc8962978afdf597a3c4aa8
3891eb15ebd94a344d4a8810cd3df21a6e8fbe6aafb8f4b338aecde0a4181d6c
3ab08db19a330452c31f9ab1bfdac4cfbd374d968d567b0a142e41eb96d0642b
3b9e929c088640a2d7cbe915d5a6a88f2120b52a86e8f007c0a27fcf500994ed
3c7bc301741da4b8f19010ab70ae35e24e20a6ea5368c4d01dc947f99d7b9cb0
3c7f9d632143e7fd5f49b011cdaa76111b5756fbb2c4575ce81e45bc4b1431bf
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fc2845d22c09928ba9dae73f657a21ede05bed89a42efafe1028bcbe4ee499b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
411b7a56b95b24e518944679fed6c4c754367f6d800eeaa28823cdd38252e346
41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538
42ada955a3439a56e0e20ac96515012ca6188cecf36123041cda6a23662b87c2
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
430a41c06d6c4a0bb3e9bcbcfe63a24b20e86b4ce4825d68e88ec89d58654fcc
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
454f996fe98125d2604ea07ba8eca9321bacc5ded39694815304b053c66877ed
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
465ac1100c04c309855b9bdefb4b1b774976c78bbf76983d42fc933b5a8133fc
46aa30c49c9a3412ee62acd05d634c3af6afd75b7eddba757622ff7ae48d1c20
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47594379f240db363bf29a7f18c2080111791cd642c78d9fcb1bcad072a005a2
47919f60fc7a596bce5d5601e18bbb7421d38413fe34253dc6a953a8f5b4e92a
481efc85af3c96ec2be4887b67e42b44be89ab3ad0d546de1a5114cf51608d65
495a8fb19c28d964ed92006926a359acc1a3d20fc7ff4da8e421ed6777270df2
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b2e3c033185bdc684f34ad004b66226f5575a394bc56373104bd12191e43ce3
4cb65f0193046277ae32cfd7bf701954132627b35ba0b727c66239f3c566d359
4cf8945c9fc8ca1a1dfb7583ddbb6d4d6f531e36f2728a2b5e8c4b7c21f3bf52
4e091569f0d1617e5debc009f669a4a0c05f48b5da84f100f2294c72e5963df2
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
4f3d44464550faae5daa4a090d801ef80ffb455b2c82e9a41b2864b1b5edc7c2
4fa9edbcc0695d4a38486ac2cccd4506320a5acac2de84afd1f5afa3609505c6
507b07e721cc3b7e46d1325013e6fdac0e79a80911dd9e0d356d6ecde446e45f
51a9853cb988abf5539899832bac6eddcc9b4ad2337bdcc004acb5a86d8e66d6
5551daca5bc026c36d12df28fc40ba1cd26b5d583bb4bb52ce0235cd6e445ebf
5578a62b81f315375d072cfe506fc13813e844f94c910bdb15ce20e1fc3ef50a
566612f2147e70df8950d58c81e097350128d6d830761e536bbc542158b7c5c3
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
574c9ae7dc577b34a4ab0739d2f7d0c7c1d1fd1ed492ab36135c933cd5266ccd
5890ac04c645cf074a3cb9a5624413c3eeb0819e550be6a0a86ded26a9cabd46
5a1d422cb705b52765181c424a647ddc8ee4822324e5390a38ee2bd81874468e
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5d18afc24b05b6675227d97a5979cb1d6841a7e7512d7bac6057e09aa9c8f4a3
5d27f134183c89d8d55a489ee12045085583e70426ce7b6730da3fe8a7c6d471
5de7ccd49faa6e2e97aa2adddb7d4fd1e903a16fdcaa0b7e051c66c309f13316
5e85b90af73577d1f0fafa29b6a508e72cb604944d64b1fbf5486592cc30d537
5ec77885d594de375a475f6550e3a82c075cbe2dfd7785a5e3bc2c0a09b56c2b
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
61b1267ab289ffe34db8e6690686427c7e8e609a755634d4829f75edecec3e24
62a72bc2b18abb37fafbec7f5e102a7041a6e91764c6719cfb81570df95857b6
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
633411252cd3723532e0cb3c8c4214863de95cb26997c7ff3273aaf8f55d0d2a
64be3875a16cd57d662be94d9401706fe6425b88d9eb158a4d095167d0f2547c
6623b30176c7498d7845120dccbbfda47e1217a4d23cc0883e4931d88d7575c0
66dc4311c5b4d078743b612d7374eea20fec33adae7c05a1420665d7a5b79f1e
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
686df60545fbf0a0d59457fc410d3f997b5c904afdedb6d1b67a48984d6a2cda
68de03efb815248d3957f2428cb4183d8c5dfd0200bb9224ab91c6b831761f02
6aba59f64ae1a4b966b763547478bc20b5fed806874a3d7bb42e096c8631d8c5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bfb25a4cb86239a669ab6f9bcd05063cc217339e72c62a8b4cc352bd3be993e
6e09b20a8735288cfedcb96e0bd35b4aaa7239ac4ff188c1cb147cd582dc4c1a
6e81677e261fe8f2067d1347323fb63fe7ffbf438b260c6d30526bbea639813a
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f80cc5138c2d568b853f790f8184bc1e896f6eca58b9c388b7f933f53254397
701af3d0d1ed537fa3772e43b9d35d1434a471e8ddccbc6dd3bce83dc664bffa
70298515009aed507a7b1948f0862d1fde7a460dd6ad5ec4b73fd32ba0620792
702d92ec43f159795e0beaeb9bbff0bc4f7b087fdab8345dec512f37545e73cf
7092f057c778c5a55ea8d085aa64e764e61ec81ffa96695f86f4de0817022eb4
7097923459fa8a0082ea45c9eae1acd5ea24f0d93c35f5e6f3b85c4a90dbbc17
715df9b6d44dfbbbe55afb1118369ce2a487ffe32b3be84c95b24e775766c317
7226125b41a3e7b0105ec39d73e43e1532adada242713137f86d0b0eab121be3
7309301cdb611307d3f4b78af1a7ffd366b4c947c1d1d668e289587695583016
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
73aea6737cb5f5da45737dfb6333bc50a441be2f3b1174b43cdd56d8f62f5b29
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
745d50cf1761da8a89f78c3850fffd336a2af9852178fa32477384204b0818de
75a57b80ec0d0a2764909eb9a24f2f6867d632c004d2bb005bab4a154fc29a9e
75d70fa8b40a5f817ab1561af2426298650667f3716ed71c9447f5726a41a6fe
7721fd3d6c83498ab72888b116f14ad7befb0e80f8f7d958367c6d37a5ba5f38
781faabb7b5482fdef236df829f2ad6c9cfc29abf33b5f91afd8a736c2133911
789d14de76d2026f99e6e6c0142f721e0798b416ca46866704c159fc49f3167c
795544080a956df03f34169837d29748925798e1a19d45d69d1a7b7fa3a3169a
7a55882f7f75e83e795982bfb16037a39b04e6502460f89ddd67cc6f9b133ba7
7ad582812f30bccc1425611adead2395ca65d59bfe6a6add62fa61b9ee773986
7af1b7efdb21e0c8a7c06ee23dc44e8653f1ce2d1b16dcf30ce2716a4ae8a147
7b8774ee42aac08bc5a2e690896b80dc20953e86dc152dc5b344b589df74273e
7d1c2bd48f69d6c508fe740e70e22f8bff1836d9b6bf685027a37769cdc9d8b3
7d4e0a8a6e64a00fcb94350dd2a7d2aff4388b4558fce3aaf4d410da8418bba8
7d9ecd93bd4403e071ee07bcc76ebb8a9195876fd48b6dded99b176b0043760d
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e044fbf2d7768be035844d400b046ecf7ca37be9ac86428fec6229d4c37b5f5
7e8158695e0e4cf90e8ee1ac3fd76572a677909d6969df84086026841e84b1fe
802bf0bae0a965bc1ae56cefe2b7b1883864fbeec22a8f335758686e4057343b
80c3bd17e3c0486c71816a9a8a8f019dd66259837fa2eff0edad01b64dbc13da
80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec
81273973ec1a5bff71b06e158f1324c5117e4e615262ce0dbe07af8c1f66f1b0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
858bdf131497ccb816def72d6da59a2109a80af02f90f63ff17af22ca759b000
8620810d6a6dae5c803bcc4c9d89a97697ef0dd8607c34c83fb88c256bd974fb
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b
87d8c3ad6f15b4243ca085a39e02c039b0ee92dee5f50af0eac66e938374dedb
884beb273113b9a4d78cd870db76a934827031b07a1c29c11424fee8f960b40c
894b32d01ee8d93ee4bd93658f1bc70bf746fe5155ca8025db65637ab7aaf95e
8953c8aca97c9688901ff2fca274e032abe846dbc4d5f7c5efe98e7862971f63
896ebee04cbf2f476cf6863eca12755b6039bd2551f3c81fe9a80e0927ab6a21
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8d0c3cbb514094c98860c6f43d28502541eaa1defe9a6755ba47e538b85a3b4c
8fb875f7abba2dc519e441feace34bab14ffd26ce7847fc7a15b182c1a2cab97
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
905ca07a8b18fc179377a9614afe37b7a55b29936333708c6d03d8b33def4919
92aebe8d4a5b47ac8cd33ffd00c6a26d4c6dbbbf07758168d368b73ea4454429
92fa08189e988c84b008debdb4e2003f76e8fd3e12cc82791d3961c84c64ab5b
9308e083ed897b261e247183de63122e16c91c4f6ba5ee070b0f85efc2dba4bc
9339d068e390a3fda35c9f022484e3eb91ed77b211d9d38e9541afb37bbb2624
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3
96e1d3969a7b3af0e660b2fb99e8237a1194506a0320de168afc76cc4732ff22
9728a9afa26ace92869289d448d02f2198b703ce45b74cfce6c01990079970e2
984692fe71f2c6648bba11d6c87130859c49c875a8e58d73cd1ebb27733f5659
997e1fbf8331c9f3af1ff0ace8c73754cbfce4c143c785b7bc44dbcead23576e
99e704b4c2bd0f85a4f8f8ddad7c7f5c22c01cb957c4693a4423d50e39a246d5
9a5fdf9f420acddfc2488e75a45df2a6249f46f2c066abfc9d52ddc21c1ba13c
9bb78f632f67780c00b07e1164aec256155ae77de114a65df8dd39f8088cd83c
9c1caec53575a82731b2e26274402b90de80fe1caa7af469eed4182c0a4890e4
9eb62df8403907fa9d61ec6e1496223868df325e678973c25b816f539c4ae34d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1241d422e3c93fbc8362a7661e9e64034c708c3759790e3f8d683fb8bf0c346
a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e
a266cc8fc0125e22c618b0d8a3e71faafdefc173c083684920e1bfa45ac72c8c
a3a446486b7e55dd742c0d43485889808cff02175f1356659e4826ae63f37336
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5257446059159c15c2c0753a75c3a3fcd3f4b5359e09768e0320b3fea42a61b
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a5f9cc64f0ce871f7867efdb8a08ddf70a9da30bccb0f2aea6993683a790a0cf
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a768b4f039582b8c0127f6001b53d452a27e7ed8819a7dc7102a475e1d20e654
a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e
a8666418ba045a9cadcadaa1f14102dd591327028c3a0db22c0f6c53cf815005
a87a9ff38ca962bd333b2526f9b07ac660fea96cea412bedac7b973f15d7d7d2
a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138
a9051623a6e96b71a5b719f5d794885df5ea9e38397d158d0228950204ba2a7a
a9481eb0fe4b9c27c47a6672bd2624eb28b0e585ac8ab21e46f98b90311fc9ba
a9fd4c27b89699ecc8c00ff3b511daf3aaa7fd6301e73d523bbf744b1beb9ad4
aa198afdcb3201e1846aa38e2addbf981471c1bc3819073b2c930478a1ed8a47
aa9484079eb2c455a1603ada298c9a8a16ae566c996d6740cfd0cfcc3337a788
af65ea4d834ebcac11c2d43c1602c4d009b35c10a6c39ef7a52c038ae1602668
b05ad85ddb81b69abb598425343899477a2f77da44f29b2ceff27b35ffa5f63c
b09c81639563df42843b2dac18518f0e63d20d30aef90d398b777fbd00301349
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b2b1c7a31cc4b7084dec314b3ffc35fe93fc8c6794e4eff829801eb11348bf69
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc
b81b79444598329e52cc164dbeba38cdeba9f30bed195bf487b0f34bf86e4420
b9781ebf8db2893c7f4d27ba7cf9cac65b9b4c6cafb77240d73488bcfd9cac50
bdd56e9032c8d4b3b48b20b3afa6121d7d0f092ad60e0f365fc3d2f762cd9707
be800fcd68e13a994dec5e4499b5908c17dca2ce1cc04608c97b33bd8898ee4b
c0496017a38339a0b77090a30a305602c92fc5aa3a656fce16a1014a20e41cd7
c1d753363d611bed4c8c1dfa440d94947659bf92590246d7e92863e082b7996f
c1e640c9ac32f50988c2a271e285327476e419587b45d1575e65c6503f80892b
c1e80a0ad44fae025c66a872421b5852e211177ce5c776d61ffaf1c161363400
c300a07f26bddcd798cba8355cff631f1b7d76b1461d8cd527d8fd555ff832b5
c343a53d4e6f0de0b02657b2210095985fbb7af64e0c99e518523d2ac05c580b
c37b43eaf07d7c5f2b236487baf27296f88997427a946fae6f6ea6020635eb12
c3d3586babc62988439752142e3308ebfc51526c1e6158debd9cd16e9196556c
c51faf2c17aaed003e3e307cfaa9e3a681e723f56e701e56247517df029f102e
c61682d13795a3453e636c6a07a30bf746e90bef6fdf8a41bfb339c7a710e6a9
c80203c7eae413cecc09a4ed0974e31a8538060cddd5bc1f1a5bfa53db672c9e
c819e7bf7a2d264467c9b73445badce4b3ce0eebbd10478eae542ad6b13ecc89
c84ea903b1833a97bb0e508404cded491e4f2c2b7042d193137cc25fcbce4297
c88f5a0e32e1da9288e75f83cbaf74eb63ca8e4ec6dc717b3b37a6eec4d010d1
c90963212e9d1b3ffa5adc953922127de245adb798725e27d1cf86bed4fa8045
c9f68c8a97219227fe93e2edd9689a66fb99f2828f6550971223fcb7a33c93f4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca527118279831529d3a768369965a04d938bcc86840f706da64905e1e6de965
ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c
ca58113c3d71e879e5b3fbf77479b2ad66ba24a890e4b6adfc23529bd829fe69
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
cac3d153ecba17e05629098e2a7c73a932a503b0aede5212d94fccb76109963c
cbbda5fac6618da4be9f03098dc394e81f435c51622e306605849c2ac2942fd3
cceb5c0b72939306b588da4cc7271ed9927ba0a68cb5557cf9942b3c482b2cbc
cd07faac73716c2239872319c4d3b76478c2efb0006fdb030f9a761e1e033138
cd9d9c971b2dba9eae260467d11c4ae45b4652322cc8fd6236370c28dfb45c56
ce29ffa3db63e5806bb77c15fcfa69e27faec50fb6e8925faaec30dafa867f3a
ce6942ec592c11d550222760213d3f2264126023c31e78ccae08e011a96791e4
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cf8beecc107ef5f405a8204ec79b611f4596be4b25912a376233797e7f3649c7
d039567bd95fbc4b0a90ee1ca82ddb9f33469bb6845f6cc696f1ed9915701748
d044362b15b514ca1cd2c994866dc89a7f6fc47a4bb49d97f0bb7055e99cb712
d111d3d5c11903f36e4da0a9e4af24d97a25db95d7cf38959e770af4288e036c
d2d25f60cde8acdc8c83933e6a200ce953a01c88cfab60c68c43492b135d7679
d320c446bfdf5a76221c838693159057841e83f1cf7a19143dc079b3cda5fe8a
d3faa93de73bb47449af34d1c6e1c086623bdc09c504534bef8c1aa94fd17c1e
d4d61f8ba9765cf4ad5871320848860d0bbce9731b34e86685437f8b59a92f88
d613dbc85c4565d62942dc40b700e38164a011dfb0ee12c84c8fa79bb0fc168a
d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7b2e254faba6aa2418a134cd0c200ca23924fc9a50d41d4c958f7193edbb1bc
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7f4199f39a1cc905c04ea4e9a58cb37b58eb8ad399bf07c840d42e7192e9834
d86330e2fda13c48e4ab06301807f807c6d8a0320d923dd1bbabed365abd212f
d867b238eec0d2b2348acf95b4a01bfa9d6eb05c3f1dfa0d6b9f614363c43021
d963b063c443a6b0c66c575b9515acecf16f683b94fb968523a786d66f07e463
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd8594860ffe42ef067c17eb5aa32db23e8a6d93e1bd8f88fa417f4f1fe7e8c3
dde62bb2649004442ef3c2c13e6a0aa55fc11dfb46936eaac860f1fe1e6fb759
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
dec31225bd09f22ce1c3c57e39c0c3da1d248d63881133f96bb36d5ef394be35
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
dee36a0979c3a1c0e665aa3404648872e34616dd1a9d0b6d9dbab7e5ad92ff46
df62ae9a136c50d3e2a68b320004d7e5f5ede893b9d1dc2e43ea577118a25ca7
df7afcdd85f021eaec01c2a66245a7aa7569cd5b701afc426253a3f7a23b33a6
df9af92beb448a62113341e6b78bef21ed9ab8a4aab752c30b5baab02a31afe9
e0fcbc539ab32251ef05a79c7752fabd0a1cf4e9cbe54acc3dd777d465b234b2
e184d0a8fb2b43dedc26481af679e1c202865d062bc0a1fa38ddef42233458d3
e188f1c10b878ff607bd02020b9beb2ceab428ad80314b8d9f924d597354c3ec
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e2038f9c6f7842b862cffdac5417ce555954cfb9518bc02a4f28cb581d49d40d
e284b82f255e270c06e42c27568ec6a6109adae8de328facd76172d089ec4f58
e3502a2faed4ded55d53500dfda190546d663b9a589e272471e2ace864b90919
e357de84da2a22b78136ecf0e22dddf877831b36f7a4ac80e3c050115dff5077
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f021b1b3b4788c0ac52e9abc90b46549fa7a3092fc33805ea85e7fa20ce606
e5d2e8e0b1dd76543d0c937cf231ef52f32200edb0e2f743b1b5d63e7f9774e4
e6a1794f768d6ce4c496deaf2a074dc13bb7b517811211dff8bea74699bbb0a2
e6fb5b0c5544db02230defe74154065963f988bd056c35fdaa88ca647e9f2f2d
e929559770114a7f44eb4c34954509debe3407847f0f26365e5cf99882fad2e3
e965b21d6a23293b47f5deb510a49b0675f74ee2eeb6dc86c101c33ff921461c
e98a4eaa87878c23468648dab95993b5364dabffd5d3fd09b875243e7d4e9c7c
e98bb5ba6b8a29138185a9499ca921530b412ffef24ae655e5cd2a7bbd4c8cc5
e9bd816bd7cb2dc0ba14583fc98c6312e56f8320b70f6f06bda1197bf3246a37
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
edfda9f65fd4d1e7610ad6aec2dc7909cb3e319c9184b9a07ef5903e14b2dffb
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef51cb08db5a6bf8867b6bcb164af435614b87b358765d8adb49aa734bf6191f
f0e876557b18f3103f57f783a5fbcf889c056566f70555ff879105884369c70f
f1d5e88760f14ee046869157c45095f1673b3f66e8e971260cf357d45640cb4c
f2bd3bd4b9f50063ad8bb70b5673ffb31f84a27a23e3868ad7629e2e84c4c2b3
f2f51e105db359afc79b03e131d2c7834d591f67b5793c702aeaa2858528219b
f59ec302ed00a6311bae7276bff76ffd918ca4cc692fa8109dadb786a241a165
f69dfe383fe0ef66df2c8de098fda546a826801c150ec22e7e09b8020b221dae
f6b620ea28a59387c296b8a61bea55141395efa9e6325a389e444f66200cfcb9
f6ee24757e8fae279c45990c234acb5de25453e2cee1f9daa2039b1ac119ce82
f9639f1d23fd79e8bb217a779d5a8bcc7b9acbf3a6e1ca46582e43591ba0819a
f974274d90bcefad41457672ff87e60f946719adc350e3c4e60efc50b6f0aa05
f9853e63b42fee49bc33be87daa12882504d4e9303df720266d6e91aa2414495
fa1e37fb42ef10a968dced86d8b7dc5810de3a29ac7257f5b190dc6869028a14
fb14ce21715a2bed8889e3ab23d29a2c30807ea0fe2d6048923d7f187f52f70d
fb73a0b752f4bf1de44b8d218240c4d8b18e8ce678a5083ba18cc8900b63661e
fd78f51affedcaa173cd1f15fca8f1fbecdbaafa7020cec2ae0fe3befbed5ea1

we-ha.com Open in urlscan Pro 2606:4700:3035::ac43:9f49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

427 Requests

100 %HTTPS

64 %IPv6

44 Domains

74 Subdomains

73 IPs

9 Countries

16354 kBTransfer

22199 kBSize

36 Cookies

33 Outgoing links

Page URL History

Redirected requests

427 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

we-ha.com Open in urlscan Pro
2606:4700:3035::ac43:9f49 Public Scan

Screenshot
Live screenshot

Full Image

427
Requests

100 %
HTTPS

64 %
IPv6

44
Domains

74
Subdomains

73
IPs

9
Countries

16354 kB
Transfer

22199 kB
Size

36
Cookies

427 HTTP transactions
15 data transactions