qnyn.wedahirt.com Open in urlscan Pro
104.21.34.185 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://qnyn.wedahirt.com/
Submission: On April 05 via api (April 5th 2024, 2:36:56 pm UTC) from US — Scanned from US

Summary HTTP 82 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 33 IPs in 2 countries across 25 domains to perform 82 HTTP transactions. The main IP is 104.21.34.185, located in and belongs to CLOUDFLARENET, US. The main domain is qnyn.wedahirt.com.
TLS certificate: Issued by E1 on February 19th 2024. Valid for: 3 months.

This is the only time qnyn.wedahirt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	104.21.34.185 104.21.34.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	172.67.219.11 172.67.219.11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
7	3.162.3.70 3.162.3.70	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21a... 2600:9000:21a2:ae00:f:b2f5:a240:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
2 4	2606:4700:10:... 2606:4700:10::ac43:1e71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.205.2.235 23.205.2.235	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4004:c1b::71	15169 (GOOGLE) (GOOGLE)
2	3.162.3.93 3.162.3.93	16509 (AMAZON-02) (AMAZON-02)
3	3.162.8.154 3.162.8.154	16509 (AMAZON-02) (AMAZON-02)
1	34.117.62.22 34.117.62.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c19::9c	15169 (GOOGLE) (GOOGLE)
1	142.251.163.155 142.251.163.155	15169 (GOOGLE) (GOOGLE)
1	2600:9000:26a... 2600:9000:26a0:5600:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	3.162.3.55 3.162.3.55	16509 (AMAZON-02) (AMAZON-02)
2	172.64.144.166 172.64.144.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
2	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1	34.232.15.39 34.232.15.39	14618 (AMAZON-AES) (AMAZON-AES)
1	54.80.224.63 54.80.224.63	14618 (AMAZON-AES) (AMAZON-AES)
2	44.218.219.147 44.218.219.147	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.244.193.51 35.244.193.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.204.222.218 34.204.222.218	14618 (AMAZON-AES) (AMAZON-AES)
1	18.214.198.116 18.214.198.116	14618 (AMAZON-AES) (AMAZON-AES)
2	3.162.3.123 3.162.3.123	16509 (AMAZON-02) (AMAZON-02)
1	3.162.3.125 3.162.3.125	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:730... 2600:1f18:730:b130:8cf0:6828:70b4:e4a6	14618 (AMAZON-AES) (AMAZON-AES)
1	3.208.238.237 3.208.238.237	14618 (AMAZON-AES) (AMAZON-AES)
82	33

5 104.21.34.185 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

qnyn.wedahirt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.67.219.11 (United States)

ASN13335 (CLOUDFLARENET, US)

elavegan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.162.3.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-70.yul62.r.cloudfront.net

ads.adthrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21a2:ae00:f:b2f5:a240:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.flodesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:1e71 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

app.slickstream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c05f.app.slickstream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.2.235 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-2-235.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1b::71 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.162.3.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-93.yul62.r.cloudfront.net

ads.adthrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.162.8.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-8-154.yul62.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.62.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.62.117.34.bc.googleusercontent.com

raptive.solutions.cdn.optable.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26a0:5600:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.162.3.55 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-55.yul62.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.15.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-15-39.compute-1.amazonaws.com

prebid.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.80.224.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-224-63.compute-1.amazonaws.com

fid.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.218.219.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-218-219-147.compute-1.amazonaws.com

d9.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.193.51 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.204.222.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-222-218.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.214.198.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-198-116.compute-1.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.162.3.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-123.yul62.r.cloudfront.net

logger.adthrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.3.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-125.yul62.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:8cf0:6828:70b4:e4a6 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.238.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-238-237.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	elavegan.com elavegan.com — Cisco Umbrella Rank: 669085	657 KB
11	adthrive.com ads.adthrive.com — Cisco Umbrella Rank: 5880 logger.adthrive.com — Cisco Umbrella Rank: 5860	426 KB
5	wedahirt.com 1 redirects qnyn.wedahirt.com	45 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 465 mug.criteo.com — Cisco Umbrella Rank: 2943	2 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 170	4 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212 stats.g.doubleclick.net — Cisco Umbrella Rank: 96	167 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 303 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 629	79 KB
4	slickstream.com 2 redirects app.slickstream.com — Cisco Umbrella Rank: 11590 c05f.app.slickstream.com — Cisco Umbrella Rank: 73641	967 B
3	liadm.com 1 redirects idx.liadm.com — Cisco Umbrella Rank: 1640 rp.liadm.com — Cisco Umbrella Rank: 1214 rp4.liadm.com — Cisco Umbrella Rank: 5562	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	21 KB
3	gstatic.com fonts.gstatic.com	96 KB
2	33across.com 1 redirects lexicon.33across.com — Cisco Umbrella Rank: 1470	601 B
2	flashtalking.com d9.flashtalking.com — Cisco Umbrella Rank: 1754	11 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1599	150 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 354	1 KB
2	rubiconproject.com ads.rubiconproject.com — Cisco Umbrella Rank: 2129 pixel.rubiconproject.com — Cisco Umbrella Rank: 374	653 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	163 KB
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 2718	825 B
1	agkn.com fid.agkn.com — Cisco Umbrella Rank: 2734	689 B
1	rkdms.com prebid.sv.rkdms.com — Cisco Umbrella Rank: 6763	288 B
1	jwplayer.com cdn.jwplayer.com — Cisco Umbrella Rank: 2968	37 KB
1	optable.co raptive.solutions.cdn.optable.co — Cisco Umbrella Rank: 7665 raptive-auth.cloud.optable.co Failed raptive.cloud.optable.co Failed	8 KB
1	flodesk.com assets.flodesk.com — Cisco Umbrella Rank: 22222	70 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	1 KB
0	rlcdn.com Failed api.rlcdn.com Failed
82	25

	Domain	Requested by
18	elavegan.com	qnyn.wedahirt.com elavegan.com
9	ads.adthrive.com	qnyn.wedahirt.com ads.adthrive.com
5	qnyn.wedahirt.com	1 redirects qnyn.wedahirt.com
4	sb.scorecardresearch.com	2 redirects
3	securepubads.g.doubleclick.net	ads.adthrive.com securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	ads.adthrive.com c.amazon-adsystem.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
2	logger.adthrive.com	ads.adthrive.com
2	lexicon.33across.com	1 redirects
2	d9.flashtalking.com	ads.adthrive.com d9.flashtalking.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	cdn.confiant-integrations.net	ads.adthrive.com cdn.confiant-integrations.net
2	match.adsrvr.org	ads.adthrive.com
2	c05f.app.slickstream.com	qnyn.wedahirt.com
2	app.slickstream.com	2 redirects
2	www.googletagmanager.com	qnyn.wedahirt.com www.googletagmanager.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	id.crwdcntrl.net	ads.adthrive.com
1	idx.liadm.com	ads.adthrive.com
1	fid.agkn.com	ads.adthrive.com
1	prebid.sv.rkdms.com	ads.adthrive.com
1	pixel.rubiconproject.com
1	cdn.jwplayer.com	ads.adthrive.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	raptive.solutions.cdn.optable.co	ads.adthrive.com
1	ads.rubiconproject.com	ads.adthrive.com
1	assets.flodesk.com	qnyn.wedahirt.com
1	fonts.googleapis.com	qnyn.wedahirt.com
0	api.rlcdn.com Failed	ads.adthrive.com
0	raptive.cloud.optable.co Failed	raptive.solutions.cdn.optable.co
0	raptive-auth.cloud.optable.co Failed	raptive.solutions.cdn.optable.co
82	35

This site contains links to these domains. Also see Links.

Domain
view.flodesk.com
elavegan.com
meals.elavegan.com
www.instagram.com
www.pinterest.com
web.facebook.com
youtube.com
facebook.com
instagram.com
pinterest.com
www.youtube.com

Subject Issuer	Validity	Valid
wedahirt.com E1	`2024-02-19` - `2024-05-19`	3 months	crt.sh
elavegan.com GTS CA 1P5	`2024-03-01` - `2024-05-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.adthrive.com Amazon RSA 2048 M03	`2024-04-05` - `2025-05-04`	a year	crt.sh
*.flodesk.com Amazon RSA 2048 M02	`2023-06-03` - `2024-07-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-07` - `2025-04-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
raptive.solutions.cdn.optable.co GTS CA 1D4	`2024-03-05` - `2024-06-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
jwplayer.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
confiant-integrations.net GTS CA 1P5	`2024-03-16` - `2024-06-14`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
rkdms.com Amazon RSA 2048 M03	`2023-10-04` - `2024-11-01`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2023-07-19` - `2024-08-19`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-08-31` - `2024-09-28`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://qnyn.wedahirt.com/
Frame ID: 6F488591CDDB6C995D175286593751D4
Requests: 75 HTTP requests in this frame

Frame: https://qnyn.wedahirt.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: E852B5F4D16757AE4DBE86750DD2199F
Requests: 2 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/prebid/load-cookie.html?endpoint=rubicon&max_sync_count=15&source=amp&coop_sync=false&bidders=rubicon,appnexus,yieldmo,unruly,undertone,resetdigital,pubmatic,openx,improvedigital,grid,conversant,yahoossp,triplelift,kargo&args=account:9262
Frame ID: A894CA5FB8C2F90A99C8CD6B5793C71F
Requests: 1 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/300a948/html/i.html
Frame ID: FA82081D303B238A38E94946D6D650EE
Requests: 1 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/300a948/html/rnf.html
Frame ID: 0F883E1B6FD18866E868A8B82D536B0E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Contact / Work With Me - Elavegan

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

82
Requests

80 %
HTTPS

33 %
IPv6

25
Domains

35
Subdomains

33
IPs

2
Countries

1940 kB
Transfer

5136 kB
Size

54
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://view.flodesk.com/pages/611ea2e42000c36218680523
Title: Sign up

Search URL Search Domain Scan URL

URL: https://elavegan.com/de/

Search URL Search Domain Scan URL

URL: https://elavegan.com/

Search URL Search Domain Scan URL

URL: https://elavegan.com/about/
Title: About

Search URL Search Domain Scan URL

URL: https://elavegan.com/contact/
Title: Contact

Search URL Search Domain Scan URL

URL: https://elavegan.com/recipes/
Title: Recipes

Search URL Search Domain Scan URL

URL: https://elavegan.com/category/bread/
Title: Gluten-Free Bread

Search URL Search Domain Scan URL

URL: https://elavegan.com/category/smoothies-drinks/
Title: Smoothies & Drinks

Search URL Search Domain Scan URL

URL: https://elavegan.com/category/breakfast/
Title: Vegan Breakfast

Search URL Search Domain Scan URL

URL: https://elavegan.com/category/cosmetics/
Title: Vegan Cosmetics

Search URL Search Domain Scan URL

URL: https://elavegan.com/category/desserts/
Title: Vegan Desserts

Search URL Search Domain Scan URL

URL: https://elavegan.com/category/dips-sauces/
Title: Vegan Dips & Sauces

Search URL Search Domain Scan URL

URL: https://elavegan.com/category/main-dishes/
Title: Vegan Main Dishes

Search URL Search Domain Scan URL

URL: https://elavegan.com/category/buddha-bowls-salads/
Title: Vegan Salads

Search URL Search Domain Scan URL

URL: https://elavegan.com/category/sides/
Title: Vegan Side Dishes

Search URL Search Domain Scan URL

URL: https://elavegan.com/category/snack/
Title: Vegan Snacks

Search URL Search Domain Scan URL

URL: https://elavegan.com/category/soups-curries/
Title: Vegan Soups

Search URL Search Domain Scan URL

URL: https://elavegan.com/cookbooks/
Title: Cookbook

Search URL Search Domain Scan URL

URL: https://meals.elavegan.com/
Title: Meal Planner App

Search URL Search Domain Scan URL

URL: https://www.instagram.com/elavegan/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/elavegan/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://web.facebook.com/elavegan
Title: Facebook

Search URL Search Domain Scan URL

URL: https://youtube.com/c/elavegan
Title: YouTube Channel

Search URL Search Domain Scan URL

URL: https://facebook.com/elavegan
Title: Facebook

Search URL Search Domain Scan URL

URL: https://instagram.com/elavegan
Title: Instagram

Search URL Search Domain Scan URL

URL: https://pinterest.com/elavegan
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://elavegan.com/feed/
Title: RSS

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/ElaVegan
Title: YouTube

Search URL Search Domain Scan URL

URL: https://elavegan.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://elavegan.com/disclosure/
Title: Disclosure

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://app.slickstream.com/d/page-boot-data?site=TCETRM71&url=https%3A%2F%2Fqnyn.wedahirt.com%2F HTTP 302
https://c05f.app.slickstream.com/d/page-boot-data?site=TCETRM71&url=https%3A%2F%2Fqnyn.wedahirt.com%2F

Request Chain 32

https://qnyn.wedahirt.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://qnyn.wedahirt.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

Request Chain 42

https://app.slickstream.com/d/page-boot-data?site=TCETRM71&url=https%3A%2F%2Fqnyn.wedahirt.com%2F HTTP 302
https://c05f.app.slickstream.com/d/page-boot-data?site=TCETRM71&url=https%3A%2F%2Fqnyn.wedahirt.com%2F

Request Chain 59

https://sb.scorecardresearch.com/cs/6035453/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/6035453/beacon.js

Request Chain 62

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fqnyn.wedahirt.com%2F&domain=qnyn.wedahirt.com&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=O09UUnxreG1pKzB6RXovN255Mm5YNVVTRUJQWkVBbzh0MXZTelFBWERVZTJldElHVWU0NTBaL1AzeEJFeS9yNmtqTGdaZUdIUXBVcG9QUTRka1pjVlRkNm5kNktoQzRRclZOL0RHRVpiNWdMRFV6T0VySXk1bDVmZkdYYnFnYlNGYVJkOG1CQ0hZR0NIV2Nta3F2Vmw5RVpkS1kyczNBRGJWQWRDYXU2UkhyTy8raTE0MnVaV25Zam1QMHJHSmFjSmFrTGRQb3ZkTEF4eTJ1dTV0bFVQOE1Xa0NOQjRmbWNjckN6V2J6ZWpTeDlDZG1JRkJ2dkxJSzhGdVZvRzI2dzhkVmNBfA&cppv=2

Request Chain 68

https://lexicon.33across.com/v1/envelope?pid=0013300001i0fyfAAA&gdpr=0&src=pbjs&ver=8.32.0&coppa=0 HTTP 307
https://lexicon.33across.com/v1/envelope?pid=0013300001i0fyfAAA&gdpr=0&src=pbjs&ver=8.32.0&coppa=0&b=1&g=qFQ%2BP%2B6cEsJ9N3U6cuhuTpTpq72YncSDrWIOMTwp7GU%3D

Request Chain 77

https://sb.scorecardresearch.com/b?c1=2&c2=6035453&cs_fpcu=ce4da7b433ef4f2da401684e1a2a1d58&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1712327810806&ns_c=UTF-8&cs_fpid=%7B%22value%22%3A%22null%22%2C%22created%22%3A1712327810407%7D&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null&cs_ucfr=1&c7=https%3A%2F%2Fqnyn.wedahirt.com%2F&c8=Contact%20%2F%20Work%20With%20Me%20-%20Elavegan&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035453&cs_fpcu=ce4da7b433ef4f2da401684e1a2a1d58&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1712327810806&ns_c=UTF-8&cs_fpid=%7B%22value%22%3A%22null%22%2C%22created%22%3A1712327810407%7D&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null&cs_ucfr=1&c7=https%3A%2F%2Fqnyn.wedahirt.com%2F&c8=Contact%20%2F%20Work%20With%20Me%20-%20Elavegan&c9=

Request Chain 80

https://rp.liadm.com/j?dtstmp=1712327811044&se=e30&duid=b258d8488798--01htqb1qescgjrfc50cg75jvzb&tv=8.32.0&pu=https%3A%2F%2Fqnyn.wedahirt.com%2F&wpn=prebid&cd=.wedahirt.com HTTP 302
https://rp4.liadm.com/j?se=e30&duid=b258d8488798--01htqb1qescgjrfc50cg75jvzb&cd=.wedahirt.com&dtstmp=1712327811044&tv=8.32.0&wpn=prebid&pu=https%3A%2F%2Fqnyn.wedahirt.com%2F&i6=MjAwMTo1NTA6MWQwNToxOjo1

82 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
qnyn.wedahirt.com/ 144 KB
39 KB 2332ms
1455ms Document
text/html 104.21.34.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qnyn.wedahirt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.185 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce553a41c636bcfab50182fff04309b3f6f0ddd0eabaf7d47ea42cbb25f55c12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86fa45bb8a95744a-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 05 Apr 2024 14:36:48 GMT
fastcgi-cache: HIT
link: <https://elavegan.com/wp-json/>; rel="https://api.w.org/", <https://elavegan.com/wp-json/wp/v2/pages/32>; rel="alternate"; type="application/json", <https://elavegan.com/?p=32>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2Fyy5DO0MjsZKhTV4Jy7kXxDOV%2BJp7ayRzQCtMU1tjgRiXDKzBCgb7%2FMhJDAVi%2FehMB4Fp7mRh9%2FcKXjTy5pfXrT64geMYMF4JqJssdjdmb4PXVzHavKi7oG0S4aTyNsf9CBow%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 style.css
elavegan.com/wp-content/themes/foodiepro/ 39 KB
9 KB 134ms
41ms Stylesheet
text/css 172.67.219.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elavegan.com/wp-content/themes/foodiepro/style.css?ver=4.2.6

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.219.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f739e7f5e340d8eb57747a469f3e46a1b0bd6f1374617964583fd0240c1ef539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3271681
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 18 Nov 2022 22:25:42 GMT
server: cloudflare
etag: W/"63780666-9c1c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8D4maday5%2FmMq98hx7LbdskarM%2ByWe%2Bu%2F4MSWnWoSDx%2FczLII0fmhd%2FLqo0A%2FVALABY4t%2BNnnBapqcdiuXNWEKp1gRvvl7Wz76uOZTvFdDSmxcBkkf3Vteogd5K5FAk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 86fa45c5984e74a4-MIA
expires: Sun, 10 Nov 2024 06:10:24 GMT

GET
H3 200 client.css
elavegan.com/wp-content/plugins/jquery-pin-it-button-for-images/css/ 2 KB
1 KB 131ms
39ms Stylesheet
text/css 172.67.219.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elavegan.com/wp-content/plugins/jquery-pin-it-button-for-images/css/client.css?ver=3.0.6

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.219.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5bb8e9097a2f622718cd4922fe78ee9957d7710c58adb81e119a48ce9ed9791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3266561
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 29 Sep 2018 12:56:48 GMT
server: cloudflare
etag: W/"5baf7690-7a7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0VdQ6vv3PYMJ4mEqeH3Kv5G0gZ6pwHOziqLOcZTuM7M8lJ8EL%2FILdLT9Jy5ngfyYPLwOYjFRYxclt%2Be9AprZ7nLH%2Fp%2Fw%2FslyHt3asHlik42ftlFZ2bGnmOhkUnoOIL8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 86fa45c5984d74a4-MIA
expires: Wed, 30 Oct 2024 11:52:18 GMT

GET
H3 200 frontend.min.css
elavegan.com/wp-content/plugins/multilingualpress/src/modules/QuickLinks/public/css/ 406 B
670 B 132ms
40ms Stylesheet
text/css 172.67.219.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elavegan.com/wp-content/plugins/multilingualpress/src/modules/QuickLinks/public/css/frontend.min.css?ver=1705795731

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.219.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e87fae513e6e1131b3e31ee29432369213572321cd3c26a3d1d0f7e9f25163a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3266561
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 21 Jan 2024 00:08:51 GMT
server: cloudflare
etag: W/"65ac6093-196"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sqcoIdctt0KtzS1baoyOuZ6HLxGMBgu3oVzDrHvpRC3mPWvQOP3ov1vwfhayQOOLiey6ODNuiaxIpTpAgK2M8TNhKTXlSL9fTzC3t5D9aoqjN7EpQ7oau5vYYAI%2F3i8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 86fa45c5984a74a4-MIA
expires: Thu, 20 Feb 2025 08:13:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 185ms
72ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Karla:wght@400&family=PT+Sans+Narrow:wght@400&family=Raleway:wght@200;400;600;700;900&display=swap

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b72d5acf3311c4528c36f4dcf6b8b36b9b7e3d5136d899b982847da214046e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Apr 2024 14:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Apr 2024 14:36:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Apr 2024 14:36:48 GMT

GET
H3 200 style.css
elavegan.com/wp-content/plugins/simple-social-icons/css/ 1 KB
951 B 132ms
40ms Stylesheet
text/css 172.67.219.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elavegan.com/wp-content/plugins/simple-social-icons/css/style.css?ver=3.0.2

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.219.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ca663ffc7d06bb83d81ed5f74d2d361311b0bbcead435e028e6801dca3eebb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52127
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 17 Feb 2024 17:27:52 GMT
server: cloudflare
etag: W/"65d0ec98-4fb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rUcHv3Fk9NrCAmIm%2F3UTS7AyNZnqPe3TImKm9Nomalfx2C%2B2xNOI8B7NV5GyV8HV3uWptUQ5QBcb3hwRzK7KhJou0sE6GzTO%2BrGVJvqpqFf%2F9EdOW%2BiPDGBDm%2F5KbTw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 86fa45c5985474a4-MIA
expires: Thu, 13 Mar 2025 15:33:25 GMT

GET
H3 200 jquery.min.js Show response
elavegan.com/wp-includes/js/jquery/ 86 KB
31 KB 164ms
72ms Script
application/javascript 172.67.219.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elavegan.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.219.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3261141
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Nov 2023 14:14:14 GMT
server: cloudflare
etag: W/"65522f36-15601"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KdFODZgsCsvvRY1239zvs8Fm%2F5EVxT9w4plfTDd7rOTV9FWrgX%2BtCLmCvMcNnHQ7qqako%2FmoqRFcPsj1yXjzwspTgIcah79giC8H6fEY5NEWlde%2FSC4IkREO%2BElorjI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 86fa45c5985174a4-MIA
expires: Tue, 12 Nov 2024 14:14:18 GMT

GET
H3 200 jquery-migrate.min.js Show response
elavegan.com/wp-includes/js/jquery/ 13 KB
5 KB 131ms
40ms Script
application/javascript 172.67.219.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elavegan.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.219.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57870
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 24 Sep 2023 05:12:25 GMT
server: cloudflare
etag: W/"650fc539-3509"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ajzA%2BulXruWbDFHyqW6bQZB94J4GmalkHKoJ8S41dtQSHdnW0uJ1moQJidgsKP4fWjvblydfdtcmSDMya5jv2f4ooKucIVDgz0GghquXJ%2Bsx5jbE6zbnn9iTkKPjEjc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 86fa45c5985074a4-MIA
expires: Thu, 13 Mar 2025 15:33:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
96 KB 215ms
72ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YDWEQ77NH9

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

154b47c6964c62744f6ec67aaf2aa51fa08c4ee15e1fba0f39e5097ba7fa2f3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 Apr 2024 14:36:49 GMT

GET
H3 200 germany.png
elavegan.com/wp-content/uploads/2019/09/ 466 B
989 B 63ms
62ms Image
image/png 172.67.219.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elavegan.com/wp-content/uploads/2019/09/germany.png

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.219.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81dccb534668d0dabaa1072cd613a225dac50b3fbd7860b0892c801c3cf81c22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3271682
alt-svc: h3=":443"; ma=86400
content-length: 466
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Mar 2022 09:42:18 GMT
server: cloudflare
etag: "621dea7a-1d2"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7uNHHzBKKD6zG1K6yUq%2Fb5R0YKag5Jfik4rLPGad4zRSdIL4sBbJ2kmKAsAcs%2FEvstxiGetbHlH8TP3Yk5HLWrXNRymE9LpBN04PDb2stQJW0lo%2FjyyumUJYH0kO7Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86fa45c6799a74a4-MIA
expires: Sat, 30 Nov 2024 10:00:00 GMT

GET
H3 200 new-logo-elavegan.png
elavegan.com/wp-content/uploads/2019/09/ 7 KB
8 KB 62ms
62ms Image
image/png 172.67.219.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elavegan.com/wp-content/uploads/2019/09/new-logo-elavegan.png

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.219.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6118fd03d29d845d696a1d07f7571abba1815a81671d1c6843a8d25e98db64b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3261141
alt-svc: h3=":443"; ma=86400
content-length: 7256
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Mar 2022 09:42:10 GMT
server: cloudflare
etag: "621dea72-1c58"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WYi56M7p3hHafzRKTvdWwMLB%2BlUv0sWBp9NJhHiMxg07lM5VwcbC5WV7hZoaae2mprviDSlHydXZWo3wniHMoX4H4A6AW%2BmZ4cxWLX3MYWxQEj%2F60JaiDwJ8aFfRskQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86fa45c5e8ae74a4-MIA
expires: Thu, 31 Oct 2024 01:51:02 GMT

GET
H3 200 elavegan.jpg
elavegan.com/wp-content/uploads/2016/07/ 65 KB
66 KB 63ms
62ms Image
image/jpeg 172.67.219.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elavegan.com/wp-content/uploads/2016/07/elavegan.jpg

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.219.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82e882f364674f721366ff2327ad708099edb3558a59d88e47f4ada71e98a90e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36742
alt-svc: h3=":443"; ma=86400
content-length: 66899
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Mar 2022 23:11:35 GMT
server: cloudflare
etag: "621ea827-10553"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cfCVh1QZYwlRsf6aPH3N%2BcAyVy1olSSPdB5o%2F52WAztjcvXl0lW%2Bryq52ZVaImy5R4dsx0eop5hNxRH2hEYR6oPxhD7ukdtPRCcml3tRVsE5cjbarmr9jzP%2Bns2NxEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86fa45c5e8b374a4-MIA
expires: Fri, 14 Mar 2025 21:43:00 GMT

GET
H3 200 brands-Elavegan-worked-with.jpg
elavegan.com/wp-content/uploads/2020/10/ 94 KB
94 KB 36ms
36ms Image
image/jpeg 172.67.219.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elavegan.com/wp-content/uploads/2020/10/brands-Elavegan-worked-with.jpg

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.219.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfb2015c82008603d32d160206da7dd449b9b40f117e9447c073a21b0a41168f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13439
alt-svc: h3=":443"; ma=86400
content-length: 96127
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Mar 2022 05:20:05 GMT
server: cloudflare
etag: "621dad05-1777f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2F9xFAOaAr5mRGSCm6svjvYXh2q%2Bte%2F%2B57Wr7%2F0Dh6LD6tF6Lqtux2h41UFz2PkR7x7%2FTHaGF1WIz594wvZrFfl9dzmGA5oyxbrLJ1pPiOrIqDHYsv0R38vL1fgdHRw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86fa45c6595f74a4-MIA
expires: Thu, 13 Mar 2025 20:04:22 GMT

GET
H3 200 email-decode.min.js Show response
qnyn.wedahirt.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 32ms
31ms Script
application/javascript 104.21.34.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qnyn.wedahirt.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.185 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Apr 2024 10:34:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660d30bb-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AMqsZ2ruQKo62NB3SXsp52a2ao0QBW5dKGHX3Q0cxz9VWOQux49OYasuxZC6WeX8R6p606a0tD%2F5piJ0SZ2Xn5ES1r4lTRREkVQTauD57SMmdcE0KDJiUqLjgsutQBfpRpbKWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 86fa45c67a3f744a-MIA
expires: Sun, 07 Apr 2024 14:36:49 GMT

GET
H3 200 jpibfi.client.js Show response
elavegan.com/wp-content/plugins/jquery-pin-it-button-for-images/js/ 14 KB
5 KB 53ms
53ms Script
application/javascript 172.67.219.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elavegan.com/wp-content/plugins/jquery-pin-it-button-for-images/js/jpibfi.client.js?ver=3.0.6

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.219.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41ecb8fd0d1474f9c108f5c08824dbbe7d7c81494268d0849abb76e5c6217400

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3266562
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Oct 2020 10:49:58 GMT
server: cloudflare
etag: W/"5f75b456-38ac"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BUFPZKiHckV6B2xJK%2FDhSI%2BTRMZPKMoQHKkJDnRqIdpXD2%2FOEnrOEWHwDlATC5M52xGO71fHGngio6FVNGABzTaAcD1jmvKbGYSv7F4lQ%2ByWJ8BJ%2FjJxBIF4u1ZpPEQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 86fa45c6799174a4-MIA
expires: Mon, 11 Nov 2024 08:14:38 GMT

GET
H3 200 frontend.min.js Show response
elavegan.com/wp-content/plugins/multilingualpress/src/modules/QuickLinks/public/js/ 7 KB
4 KB 54ms
54ms Script
application/javascript 172.67.219.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elavegan.com/wp-content/plugins/multilingualpress/src/modules/QuickLinks/public/js/frontend.min.js?ver=1705795731

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.219.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

527d94e79326df0e2649793225a3d244df20d3838ae26d024d31c62c40bb5d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3261142
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 21 Jan 2024 00:08:51 GMT
server: cloudflare
etag: W/"65ac6093-1a7f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2cwkuvEPp%2F8%2B%2FWoOqEtfuY%2FseWErnjRDzW04f0FKtg%2BpdI8g2qs%2Bnm9kHBTITP3josdiKeCNbOvmyafzuqXP8%2BuSXj9GnhXBfa3Yu6RY4XECgnBEK7wQyXZQKdErQrI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 86fa45c6799774a4-MIA
expires: Mon, 20 Jan 2025 00:08:53 GMT

GET
H3 200 skip-links.min.js Show response
elavegan.com/wp-content/themes/genesis/lib/js/ 386 B
729 B 56ms
56ms Script
application/javascript 172.67.219.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elavegan.com/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.5.0

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.219.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3271682
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jan 2024 17:04:42 GMT
server: cloudflare
etag: W/"65b294aa-182"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GW9kCoTrZQJAYy84wZ8t2JSOLCnuOO2f9%2BD1sgS2mnJSmFT4R2845D4BoylBuyAs8kU8HBTH44rwYV7z4kchzsPP9iJA%2BUKfTR5f3tdq6YAVWz5UUqNDYWtTPvKuqKw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 86fa45c6799874a4-MIA
expires: Fri, 24 Jan 2025 17:04:44 GMT

GET
H3 200 general.js Show response
elavegan.com/wp-content/themes/foodiepro/js/ 6 KB
3 KB 56ms
56ms Script
application/javascript 172.67.219.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elavegan.com/wp-content/themes/foodiepro/js/general.js?ver=4.2.6

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.219.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1518fd7723629e87aee24c3b4a843d49b6e833c8530e5960851e28e70432eaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3266562
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 18 Nov 2022 22:24:52 GMT
server: cloudflare
etag: W/"63780634-1841"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2F9d8yeYimhwCJ3KJVpz5qgNquHDbCnPNHnxjiy27hqTDeAlBds5ZKddKxxvjk2jLI3T7ABJQA6CTex4TEKdBifn9hjwJD8xTz%2BAvRM8EEMKhBuK5HVsN2b5gsCS414%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 86fa45c6799974a4-MIA
expires: Thu, 06 Feb 2025 21:29:13 GMT

GET
H2 200 ads.min.js Show response
ads.adthrive.com/sites/5c4a0f48df7d2523f3865730/ 87 KB
24 KB 322ms
120ms Script
application/javascript 3.162.3.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/sites/5c4a0f48df7d2523f3865730/ads.min.js?referrer=https%3A%2F%2Fqnyn.wedahirt.com%2F&cb=63
Requested by: Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-70.yul62.r.cloudfront.net
Software: CloudFront /
Resource Hash: 579029729d9aa0471332dd5f6efec702eaa03c81b321d579ecb9767a123cfe00

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

adthrive-bucket: flex-19
date: Fri, 05 Apr 2024 13:54:29 GMT
content-encoding: br
via: 1.1 1bffd64b2a2fa20ecc97fd2f8e605ec4.cloudfront.net (CloudFront)
adthrive-deployment: 2024-04-04-5:acd-267:pr4440:300a948
x-amz-cf-pop: YUL62-P2
age: 2540
adthrive-commit: 300a948
x-cache: Hit from cloudfront
adthrive-gdpr: false
pragma: no-cache
server: CloudFront
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, s-maxage=28800
x-amz-cf-id: spltte1a4tR_R-sv2psk_8rBQz7bFJGdwX_CgRDp3g6WTdg263gF5A==
expires: 0

GET
H/1.1 200
OK universal.js Show response
assets.flodesk.com/ 189 KB
70 KB 305ms
80ms Script
application/javascript 2600:9000:21a2:ae00:f:b2f5:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.flodesk.com/universal.js?v=1712327809018
Requested by: Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a2:ae00:f:b2f5:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42dbfed575e091b4f2776e21d5c77589bae13c648023884c76b3a97abf6034ad

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Apr 2024 09:10:57 GMT
Content-Encoding: gzip
Via: 1.1 1ae294433a6f4b338a8136481c1a3232.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: YUL62-C1
Age: 105952
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 04 Apr 2024 09:10:54 GMT
Server: AmazonS3
ETag: W/"13f24755868bb512fba8cc569f812a67"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Amz-Cf-Id: MpTyEHt3MwaDiupnik-jQdiDsfVoqNO7Fuw5wdtGqgvCRbvUJHW6Sg==

GET symbol-defs.svg
elavegan.com/wp-content/plugins/simple-social-icons/ 0
0

GET
H3 200 search.svg
elavegan.com/wp-content/themes/foodiepro/images/ 2 KB
1 KB 51ms
51ms Image
image/svg+xml 172.67.219.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elavegan.com/wp-content/themes/foodiepro/images/search.svg

Requested by

Host: elavegan.com
URL: https://elavegan.com/wp-content/themes/foodiepro/style.css?ver=4.2.6

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.219.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1997dab216a1ae3a6865fed352a6e580a0b7d87963556fed51daed631f6dcdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://elavegan.com/wp-content/themes/foodiepro/style.css?ver=4.2.6
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3260746
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Feb 2022 12:23:37 GMT
server: cloudflare
etag: W/"620cecc9-61c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5pRHy5UyRAy%2FsOckLF3Q7ic4stMJMKamoOPF285Tz2ePVL38aSIfcrSuBR22upRomog9HCIju15339PzsacGr%2FiVysLHJ1RsG9s0RLh%2BhUK9IqPGvsiMoTs17mHkY1Q%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 86fa45c699b174a4-MIA
expires: Sat, 30 Nov 2024 06:54:49 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
47 KB 284ms
134ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Karla:wght@400&family=PT+Sans+Narrow:wght@400&family=Raleway:wght@200;400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://qnyn.wedahirt.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 21:17:36 GMT
x-content-type-options: nosniff
age: 148753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 21:17:36 GMT

GET
H2 200 BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2
fonts.gstatic.com/s/ptsansnarrow/v18/ 35 KB
36 KB 221ms
71ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Karla:wght@400&family=PT+Sans+Narrow:wght@400&family=Raleway:wght@200;400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b6275c7977f0cd7698d38c7726149bbb2a9902d33e7dd48a192a889c19f5ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://qnyn.wedahirt.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 18:22:53 GMT
x-content-type-options: nosniff
age: 72836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36344
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:05:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Apr 2025 18:22:53 GMT

GET
H2 200 qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2
fonts.gstatic.com/s/karla/v31/ 13 KB
13 KB 209ms
60ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Karla:wght@400&family=PT+Sans+Narrow:wght@400&family=Raleway:wght@200;400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73351bb42cb7827d0cd08c5d5832140700139b86eb6dd9a49047017924cb3ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://qnyn.wedahirt.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 22:29:11 GMT
x-content-type-options: nosniff
age: 144458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13184
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 15:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 22:29:11 GMT

GET
H3 200 Michaela-Vais-from-Elavegan-chopping-carrots-in-kitchen.jpg
elavegan.com/wp-content/uploads/2022/10/ 140 KB
141 KB 39ms
38ms Image
image/jpeg 172.67.219.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elavegan.com/wp-content/uploads/2022/10/Michaela-Vais-from-Elavegan-chopping-carrots-in-kitchen.jpg

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.219.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88f116ba056906ac7e8a1a0d81f00d98c25333916db6056a0223023cb81ed655

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3266199
alt-svc: h3=":443"; ma=86400
content-length: 143337
x-xss-protection: 1; mode=block
last-modified: Sat, 29 Oct 2022 20:45:50 GMT
server: cloudflare
etag: "635d90fe-22fe9"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=54SVrHgfCi8XJqta7eP1ip2o6uGCPBtguD3R88HRKuNRw6VITQYtfztzeyHOlnvha4YiU2CPUNDvqHvTQJ31j2F2A13NN4hzteNCqAcS2YUlrIzZDHG4DktiVziDefA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86fa45c72a5f74a4-MIA
expires: Mon, 11 Nov 2024 08:03:04 GMT

GET
H3 200 Simple-and-delicious-vegan-new-cover.jpg
elavegan.com/wp-content/uploads/2022/10/ 283 KB
283 KB 69ms
69ms Image
image/jpeg 172.67.219.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elavegan.com/wp-content/uploads/2022/10/Simple-and-delicious-vegan-new-cover.jpg

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.219.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7037a5d4dc383e11587917f79463bfc343f90db5176423a68e37337bb2d71c34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 135067
alt-svc: h3=":443"; ma=86400
content-length: 289682
x-xss-protection: 1; mode=block
last-modified: Sun, 30 Oct 2022 01:43:44 GMT
server: cloudflare
etag: "635dd6d0-46b92"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rMBO15lJM1zyQVCOTOdER7KLp5kFc4GSbNIyOHXUQis1m3eOMTAbtwONtrjWnwvoTw7jZCSCpThfe3%2FPD%2F4zE3LDMyoroYMLAwRwHspkR24WT02Be8Viekq8zkHA5dI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86fa45c72a6274a4-MIA
expires: Thu, 13 Mar 2025 19:21:36 GMT

GET
H2

403

page-boot-data Show response
c05f.app.slickstream.com/d/
Redirect Chain

https://app.slickstream.com/d/page-boot-data?site=TCETRM71&url=https%3A%2F%2Fqnyn.wedahirt.com%2F
https://c05f.app.slickstream.com/d/page-boot-data?site=TCETRM71&url=https%3A%2F%2Fqnyn.wedahirt.com%2F

40 B
370 B

197ms
94ms

Fetch
text/html

2606:4700:10::ac43:1e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c05f.app.slickstream.com/d/page-boot-data?site=TCETRM71&url=https%3A%2F%2Fqnyn.wedahirt.com%2F

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Server

2606:4700:10::ac43:1e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

689b73bfdbec6e41e162f52507257b5da67eb295221ef27709ba191a147fa44b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qnyn.wedahirt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Fri, 05 Apr 2024 14:36:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: BYPASS
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
access-control-max-age: 43200
access-control-allow-methods: POST, PUT, GET, OPTIONS
access-control-allow-origin: *
content-type: text/html; charset=utf-8
cache-control: public, max-age=900
x-ss-serverid: c05-app-6bb7b76cc9-lthcd
cf-ray: 86fa45cacba8370e-MIA

Redirect headers

date: Fri, 05 Apr 2024 14:36:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: MISS
x-powered-by: Express
content-length: 124
cdn-cache-control: public, max-age=3600
server: cloudflare
access-control-max-age: 43200
access-control-allow-methods: GET, HEAD, POST, PUT, OPTIONS
content-type: text/plain; charset=utf-8
location: https://c05f.app.slickstream.com/d/page-boot-data?site=TCETRM71&url=https%3A%2F%2Fqnyn.wedahirt.com%2F
access-control-allow-origin: *
cache-control: public, max-age=900
vary: Accept, Accept-Encoding
x-ss-serverid: common-app-697846cc8f-fmw9t
cf-ray: 86fa45c82dbf8de2-MIA

GET
H2 200 abd.js Show response
ads.adthrive.com/abd/ 1 KB
1 KB 297ms
151ms XHR
application/javascript 3.162.3.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/abd/abd.js
Requested by: Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-70.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73e8fdebeab4f384cac905005edbc1b1cc6c9fcbd18c111103d5066401abdded

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:50 GMT
x-amz-version-id: os8MwQFHVWjrrk14iP4Ip4gSDo8pMj4I
content-encoding: br
last-modified: Tue, 06 Sep 2022 21:10:57 GMT
server: AmazonS3
via: 1.1 212f3832d7f59d71fd3926166fcc89ae.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
etag: W/"1a1900d242621b126237113a25ab0ab3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: r3tiSf0kYM6aW9CliPFPipm9R4B80tugZlBJ2K8qiNfawO4ergmxSg==

GET
H3

200

main.js Show response
qnyn.wedahirt.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame E852
Redirect Chain

https://qnyn.wedahirt.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://qnyn.wedahirt.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

8 KB
4 KB

34ms
33ms

Script
application/javascript

104.21.34.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qnyn.wedahirt.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Server

104.21.34.185 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

131127ef9e0f911ce5bb11c32902ea1e6e023b5ef820121362ada7261d2992af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Fri, 05 Apr 2024 14:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jLX0WcFLaNoXDwHaIhvf3J0lwNmdz1L783SRhZ3o3bEosb9uK5cRp3F9ZSPIx8tW%2BVU0uxUCUKwJKeHjj3MFbGf%2BFh9HrpWKkvOhfMsCzyfHyhsSMMVMV8EXxW%2ByMEvF4bjkCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 86fa45c86d3c744a-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 05 Apr 2024 14:36:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FXBu5HTjSb%2B24tJt9CqHiddzaUTF2%2FiyQMLnidCHq37K%2FbyeuZYrMRyBfG3oZfPwaDt8YFAj42X3LWRsTjqUgH47mIMhL4eelmLM9OiZoMoqE%2BarHEFoKwljSSbiRwU2%2F0xGVw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
cache-control: max-age=300, public
cf-ray: 86fa45c7cc5a744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 load-cookie.html
ads.rubiconproject.com/prebid/ Frame A894 0
0 180ms
57ms Document
text/html 23.205.2.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/load-cookie.html?endpoint=rubicon&max_sync_count=15&source=amp&coop_sync=false&bidders=rubicon,appnexus,yieldmo,unruly,undertone,resetdigital,pubmatic,openx,improvedigital,grid,conversant,yahoossp,triplelift,kargo&args=account:9262
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5c4a0f48df7d2523f3865730/ads.min.js?referrer=https%3A%2F%2Fqnyn.wedahirt.com%2F&cb=63
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.2.235 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-2-235.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://qnyn.wedahirt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 2510
content-type: text/html; charset=UTF-8
date: Fri, 05 Apr 2024 14:36:49 GMT
expires: Fri, 05 Apr 2024 14:36:49 GMT
last-modified: Mon, 06 Feb 2023 19:36:08 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
569 B 164ms
53ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=iowij76&fmt=json
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5c4a0f48df7d2523f3865730/ads.min.js?referrer=https%3A%2F%2Fqnyn.wedahirt.com%2F&cb=63
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 08b3343b189b69d6fc3eee89a075185e213d23aa3cef683b8761483ad7a02389

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:49 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://qnyn.wedahirt.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Sun, 05 May 2024 14:36:49 GMT

GET
H2 200 marmalade Show response
ads.adthrive.com/api/v1/ 8 KB
2 KB 565ms
565ms Fetch
application/json 3.162.3.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/api/v1/marmalade?siteid=5c4a0f48df7d2523f3865730&url=https%3A%2F%2Fqnyn.wedahirt.com%2F&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5c4a0f48df7d2523f3865730/ads.min.js?referrer=https%3A%2F%2Fqnyn.wedahirt.com%2F&cb=63
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-70.yul62.r.cloudfront.net
Software: /
Resource Hash: 8e9e81cb25e51540f634b756f7d11b9afa655db5f8b4f010b11aadb017e5fe9a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:49 GMT
content-encoding: br
via: 1.1 212f3832d7f59d71fd3926166fcc89ae.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
x-amzn-trace-id: Root=1-66100c81-3b3afe8400b910316d05eda7;Parent=596b89a970c9af74;Sampled=0;lineage=e948d84a:0
x-amzn-requestid: 019183b6-00a4-4420-bba2-e3befae0d315
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=3600, s-maxage=3600
x-amz-apigw-id: VwbkRF_OIAMEG0w=
x-amz-cf-id: 9f0Ml1tRZoKJjnVu3x1Y7uxng2kphrI7lL9C4PZk3iM8SorF1oe9hg==

GET
H2 200 5c4a0f48df7d2523f3865730 Show response
ads.adthrive.com/api/v2/raptiveFloors/ 21 KB
4 KB 195ms
195ms XHR
application/json 3.162.3.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/api/v2/raptiveFloors/5c4a0f48df7d2523f3865730
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5c4a0f48df7d2523f3865730/ads.min.js?referrer=https%3A%2F%2Fqnyn.wedahirt.com%2F&cb=63
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-70.yul62.r.cloudfront.net
Software: /
Resource Hash: bdfaef7c2a5c2976bfc54cb8e2ecc85dd2ea30fbf6d684df401784162573c619

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:49 GMT
content-encoding: br
via: 1.1 212f3832d7f59d71fd3926166fcc89ae.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
x-amzn-trace-id: Root=1-66100c81-0f14319a1a6e40163c369076;Parent=30c7868d1c5678ab;Sampled=0;lineage=e7e36c41:0
x-amzn-requestid: c09f09e3-7922-4213-b1e7-caa5bb02f5b8
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-apigw-id: VwbkRGczIAMEVbQ=
x-amz-cf-id: 5PdphCT-A86Vz3tjNfrV2RM4gi5mylXIFb69eBoWYeITHV2SdL6Qug==

GET
H2 200 adthrive.min.js Show response
ads.adthrive.com/builds/core/300a948/es2018/js/ 824 KB
187 KB 84ms
83ms Script
application/javascript 3.162.3.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/builds/core/300a948/es2018/js/adthrive.min.js?deployment=2024-04-04-5:acd-267:pr4440:300a948&bucket=flex-19&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5c4a0f48df7d2523f3865730
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5c4a0f48df7d2523f3865730/ads.min.js?referrer=https%3A%2F%2Fqnyn.wedahirt.com%2F&cb=63
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-70.yul62.r.cloudfront.net
Software: CloudFront /
Resource Hash: 14b087e1809ce77ea99f8505a2ebb6bc01f72a508ef42941a432eff7bdb779a3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:00:15 GMT
content-encoding: br
via: 1.1 1bffd64b2a2fa20ecc97fd2f8e605ec4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: YUL62-P2
age: 52594
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600, s-maxage=86400
x-amz-cf-id: wvmtC_Cj26KLkLHuE8cLtonl7MYwJaF0w2e8iAxiNZF4LHVz_OmKcg==

POST
H3 200 86fa45c4026d744a Show response
qnyn.wedahirt.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame E852 0
588 B 49ms
48ms XHR
text/plain 104.21.34.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qnyn.wedahirt.com/cdn-cgi/challenge-platform/h/b/jsd/r/86fa45c4026d744a
Requested by: Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.34.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 05 Apr 2024 14:36:49 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M5ttFIkYT7QVK9Za1vN2wC%2BLoyYWcOWMlfXFfoXSfoWgKNFc4d1cSYpczqGtM3GY8zbtamPstM5MMsed%2BSuti3n9b4098xfsuA9AO7Jy5kaLXuB7Cq7niol%2BWV%2FgRG3BDVg7pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 86fa45c9dfcd744a-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
68 KB 72ms
71ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-80585808-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YDWEQ77NH9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27187ac63fc477f45ad9d9b9f2df384306aac1216d2babecf39991d07a3cb866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69085
x-xss-protection: 0
last-modified: Fri, 05 Apr 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Apr 2024 14:36:49 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
247 B 199ms
72ms Ping
text/plain 2607:f8b0:4004:c1b::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-YDWEQ77NH9&gtm=45je4430v873447907za200&_p=1712327809018&gcd=13l3l3l3l1&npa=0&dma=0&cid=199783514.1712327810&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712327809&sct=1&seg=0&dl=https%3A%2F%2Fqnyn.wedahirt.com%2F&dt=Contact%20%2F%20Work%20With%20Me%20-%20Elavegan&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=true&tfd=3216
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YDWEQ77NH9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 14:36:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qnyn.wedahirt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 55ms
52ms Script
text/javascript 2607:f8b0:4004:c1b::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-80585808-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 05 Apr 2024 14:27:33 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 556
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 05 Apr 2024 16:27:33 GMT

GET
H2

403

page-boot-data Show response
c05f.app.slickstream.com/d/
Redirect Chain

https://app.slickstream.com/d/page-boot-data?site=TCETRM71&url=https%3A%2F%2Fqnyn.wedahirt.com%2F
https://c05f.app.slickstream.com/d/page-boot-data?site=TCETRM71&url=https%3A%2F%2Fqnyn.wedahirt.com%2F

40 B
139 B

103ms
102ms

Fetch
text/html

2606:4700:10::ac43:1e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c05f.app.slickstream.com/d/page-boot-data?site=TCETRM71&url=https%3A%2F%2Fqnyn.wedahirt.com%2F

Requested by

Host: qnyn.wedahirt.com
URL: https://qnyn.wedahirt.com/

Protocol

Server

2606:4700:10::ac43:1e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

689b73bfdbec6e41e162f52507257b5da67eb295221ef27709ba191a147fa44b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qnyn.wedahirt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Fri, 05 Apr 2024 14:36:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: BYPASS
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
access-control-max-age: 43200
access-control-allow-methods: POST, PUT, GET, OPTIONS
access-control-allow-origin: *
content-type: text/html; charset=utf-8
cache-control: public, max-age=900
x-ss-serverid: c05-app-6bb7b76cc9-4glfz
cf-ray: 86fa45cb9c8e370e-MIA

Redirect headers

date: Fri, 05 Apr 2024 14:36:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 0
x-powered-by: Express
content-length: 124
cdn-cache-control: public, max-age=3600
server: cloudflare
access-control-max-age: 43200
access-control-allow-methods: GET, HEAD, POST, PUT, OPTIONS
content-type: text/plain; charset=utf-8
location: https://c05f.app.slickstream.com/d/page-boot-data?site=TCETRM71&url=https%3A%2F%2Fqnyn.wedahirt.com%2F
access-control-allow-origin: *
cache-control: public, max-age=900
vary: Accept, Accept-Encoding
x-ss-serverid: common-app-697846cc8f-fmw9t
cf-ray: 86fa45cb5a988de2-MIA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 64ms
64ms XHR
text/plain 2607:f8b0:4004:c1b::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1405281144&t=pageview&_s=1&dl=https%3A%2F%2Fqnyn.wedahirt.com%2F&ul=en-us&de=UTF-8&dt=Contact%20%2F%20Work%20With%20Me%20-%20Elavegan&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YADAAUABAAAAACAAI~&jid=1245668462&gjid=1146906043&cid=199783514.1712327810&tid=UA-80585808-1&_gid=740153887.1712327810&_r=1&gtm=457e4430z8873447907za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1420797079

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 14:36:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qnyn.wedahirt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 favicon.ico
elavegan.com/wp-content/themes/foodiepro/images/ 15 KB
2 KB 37ms
36ms Other
image/x-icon 172.67.219.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elavegan.com/wp-content/themes/foodiepro/images/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.219.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfb68bc709122cda47b089a7cbfc544f58e051eb1e6c2087031a14e1448577b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3275979
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Feb 2022 12:23:37 GMT
server: cloudflare
etag: W/"620cecc9-3aee"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/x-icon
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w3K8r98pP2QOIgVt2CROcwgqZ6qax6Rojuu2bIBTKR4x0u6rJtQqr7DUMiPQ6MTxDR8NqDrMOH8CbD4jUpH7vbT4ZToGXcl6b2v5n7fEy2XNgFKhSj%2BpJ%2FApuqVg0uM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 86fa45cbe8d674a4-MIA
expires: Sat, 30 Nov 2024 09:52:20 GMT

GET
H2 200 i.html
ads.adthrive.com/builds/core/300a948/html/ Frame FA82 0
0 237ms
67ms Document
text/html 3.162.3.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/builds/core/300a948/html/i.html
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/300a948/es2018/js/adthrive.min.js?deployment=2024-04-04-5:acd-267:pr4440:300a948&bucket=flex-19&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5c4a0f48df7d2523f3865730
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-93.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://qnyn.wedahirt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 152
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Fri, 05 Apr 2024 14:34:19 GMT
etag: W/"63c161ccf2bd2f7a6682bae21c10e5be"
last-modified: Thu, 04 Apr 2024 15:38:51 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 99442e301c9543d48067e4e142e03290.cloudfront.net (CloudFront)
x-amz-cf-id: jxgFty4K81MwFUV-DsljtZC_VcXCCQTlVfjnJJT4UqkRvk5GRHsEQg==
x-amz-cf-pop: YUL62-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: QlLC_hQxY4XaWkTnH6cKQIwgRfL.Ckbc
x-cache: Hit from cloudfront

GET
H2 200 rnf.html
ads.adthrive.com/builds/core/300a948/html/ Frame 0F88 0
0 232ms
69ms Document
text/html 3.162.3.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/builds/core/300a948/html/rnf.html
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/300a948/es2018/js/adthrive.min.js?deployment=2024-04-04-5:acd-267:pr4440:300a948&bucket=flex-19&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5c4a0f48df7d2523f3865730
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-93.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://qnyn.wedahirt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 152
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Fri, 05 Apr 2024 14:34:19 GMT
etag: W/"f57e333b040671df073132c24308b2ab"
last-modified: Thu, 04 Apr 2024 15:38:51 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 99442e301c9543d48067e4e142e03290.cloudfront.net (CloudFront)
x-amz-cf-id: Doyh1ccpHEUaCX3XP2F-2_MXbGAMjF0nn5z4T_PpVFg5xZ_6AKNxHA==
x-amz-cf-pop: YUL62-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: mBpUAce7reeclmxUKkNzvoThX4Hx_CzH
x-cache: Hit from cloudfront

GET
H2 200 prebid.min.js Show response
ads.adthrive.com/builds/core/300a948/vendor/prebid/es2018/ 691 KB
207 KB 79ms
75ms Script
text/javascript 3.162.3.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/builds/core/300a948/vendor/prebid/es2018/prebid.min.js
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/300a948/es2018/js/adthrive.min.js?deployment=2024-04-04-5:acd-267:pr4440:300a948&bucket=flex-19&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5c4a0f48df7d2523f3865730
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-70.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bfc44eee13232956957aae6b0253f58d972859ee7f23e0ac1ce278e04cf045c3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 13:55:55 GMT
x-amz-version-id: ojXDBcJbSlhxX9dEiXXifgIWlAyFEEWE
content-encoding: gzip
last-modified: Thu, 04 Apr 2024 15:38:53 GMT
server: AmazonS3
via: 1.1 1bffd64b2a2fa20ecc97fd2f8e605ec4.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
etag: W/"04bc916c72046869ea8c6f80c033e0a2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 2455
x-amz-cf-id: B2PCX19_WwPg-MsoGMkVxVkmfTX5ka_FmkER3EGhKoCyw_HQeVT9fg==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 298 KB
74 KB 253ms
80ms Script
application/javascript 3.162.8.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/300a948/es2018/js/adthrive.min.js?deployment=2024-04-04-5:acd-267:pr4440:300a948&bucket=flex-19&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5c4a0f48df7d2523f3865730
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.8.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-8-154.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f2ef1a173106efc9f1e2048ee2a1f0ecac78e166a57e83128776f565312357e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:12:53 GMT
content-encoding: gzip
via: 1.1 199fd61d7551d8868317c5b53cc7d24c.cloudfront.net (CloudFront), 1.1 39bd4dd36d89ac693c6b532053af59d6.cloudfront.net (CloudFront)
last-modified: Wed, 27 Mar 2024 15:16:16 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, YUL62-P2
age: 1438
x-amz-server-side-encryption: AES256
etag: W/"b9e5bc6ae2304c1ff623d74c6e93fe00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: RnnPrQYgmD9_1Mus8zlT1Fqp8oPFDw8kPEQW6R6OOGhhuD9TJVrq4w==

GET
H2 200 raptive-sdk.js Show response
raptive.solutions.cdn.optable.co/public-assets/ 21 KB
8 KB 158ms
31ms Script
text/javascript 34.117.62.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://raptive.solutions.cdn.optable.co/public-assets/raptive-sdk.js

Requested by

Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/300a948/es2018/js/adthrive.min.js?deployment=2024-04-04-5:acd-267:pr4440:300a948&bucket=flex-19&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5c4a0f48df7d2523f3865730

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.62.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

22.62.117.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

be7fd4d9cdb784adad3aa8885628e9827d266f6849e12dacf4d2f7726669be05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 13:43:19 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains
age: 3211
x-guploader-uploadid: ABPtcPqQbmvVj63qy4BMEuU4RXEAeonFqcAf7_qKzHK-8Ca1GlIuS7Mf99d3GcpLOJoj1Km6ih-YiVvAdQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7191
last-modified: Tue, 02 Apr 2024 16:27:22 GMT
server: UploadServer
etag: "fbac8c691405aee5baf7d2681dbc3f54"
x-goog-generation: 1712075242201316
x-goog-hash: crc32c=LCviAw==, md5=+6yMaRQFruW699JoHbw/VA==
content-type: text/javascript
cache-control: public,max-age=86400,no-transform
x-goog-stored-content-length: 7191
accept-ranges: bytes

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 250ms
122ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d49807b82df3473f7bf5aea47f2740ff0abc9106dae4c8b062078cd1759eecaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29178
x-xss-protection: 0
server: cafe
etag: 245 / 19818 / 31082464 / config-hash: 14969759367102020460
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 14:36:50 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 195ms
69ms XHR
text/plain 2607:f8b0:4004:c19::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-80585808-1&cid=199783514.1712327810&jid=1245668462&gjid=1146906043&_gid=740153887.1712327810&_u=YADAAUAAAAAAACAAI~&z=2074930155

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 05 Apr 2024 14:36:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qnyn.wedahirt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 291ms
148ms XHR
application/javascript 3.162.8.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.8.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-8-154.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:51 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 a3644f9cdea7a7e9efd1f62c9d972932.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 1YsUmvcM-gJqE673n-m_KlY8fhnI5_RUbUU28hfWhKb0RM_R1TEr1w==

GET config
raptive-auth.cloud.optable.co/s-5c4a0f48df7d2523f3865730/ 0
0

GET resolve
raptive.cloud.optable.co/s-5c4a0f48df7d2523f3865730/v1/ 0
0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/ 440 KB
138 KB 58ms
55ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js?cb=31082464

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62160f8005b05333e788cdc838dcddedf2039a7f8084ab5926d11651b4bcdd84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58950
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141128
x-xss-protection: 0
server: cafe
etag: 1320909909656752868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 04 Apr 2025 22:14:20 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 62 B
78 B 214ms
111ms XHR
application/json 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=qnyn.wedahirt.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

b150df0ef06a6ada1804d556dd818c08f1d46d5b6dd4b836bd37479321d1974d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54
x-xss-protection: 0
expires: Fri, 05 Apr 2024 14:36:50 GMT

GET
H2 200 peAbsGCO Show response
cdn.jwplayer.com/v2/playlists/ 305 KB
37 KB 1909ms
1728ms Fetch
application/json 2600:9000:26a0:5600:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/v2/playlists/peAbsGCO?max_resolution=1280
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/300a948/es2018/js/adthrive.min.js?deployment=2024-04-04-5:acd-267:pr4440:300a948&bucket=flex-19&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5c4a0f48df7d2523f3865730
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26a0:5600:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 8d57fe3f182565f5f6cc6661e0994d2df9d9c1e20dfb1d29f6c5b11179ff1d0b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:52 GMT
content-encoding: gzip
via: 1.1 60d690eb8aefecb50f44bbe348e3804a.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: YUL62-P2
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-robots-tag: noindex, indexifembedded
content-length: 37182
x-amz-cf-id: rN8QOZk65eQ7CpGXCkhbv9uu3AiJ7_sHCn5iw2Dccyp2bobKy424pw==
expires: Fri, 05 Apr 2024 14:39:52

GET
H/1.1 204
No Content token
pixel.rubiconproject.com/ 0
653 B 300ms
58ms Image
text/plain 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/token?pid=49096&us_privacy=1YNY
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 051eb3f1d15b49aebdce90f80c9cb701
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/6035453/
Redirect Chain

https://sb.scorecardresearch.com/cs/6035453/beacon.js
https://sb.scorecardresearch.com/internal-cs/6035453/beacon.js

4 KB
2 KB

71ms
70ms

Script
application/javascript

3.162.3.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/6035453/beacon.js
Protocol: H2
Server: 3.162.3.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-55.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qnyn.wedahirt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Fri, 05 Apr 2024 06:55:07 GMT
content-encoding: gzip
via: 1.1 212f3832d7f59d71fd3926166fcc89ae.cloudfront.net (CloudFront)
last-modified: Mon, 12 Feb 2024 14:58:00 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P2
age: 27704
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: IEZjkZOxEWNnX4Bq9Peu-trMtxK3klCKnnJsKo7uOV5xL4lf7majzQ==

Redirect headers

date: Fri, 05 Apr 2024 14:36:50 GMT
via: 1.1 212f3832d7f59d71fd3926166fcc89ae.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: YUL62-P2
x-cache: Miss from cloudfront
location: /internal-cs/6035453/beacon.js
content-length: 0
x-amz-cf-id: M5O5uA_wEia_gqIi9jRX3GWCYZh7V_6jmWXeOFM8yTEFunaQPGM68Q==

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/ 284 KB
57 KB 127ms
43ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/300a948/es2018/js/adthrive.min.js?deployment=2024-04-04-5:acd-267:pr4440:300a948&bucket=flex-19&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5c4a0f48df7d2523f3865730
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b5046170c8cf9396e192757180691ba4ea3b77e79ea8c578e973a139733931e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Apr 2024 14:08:39 GMT
server: cloudflare
x-amz-request-id: 834GS19KKD1389QC
age: 860
etag: W/"109e0eb85617b69863fe8188f798779c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 86fa45d01e00221a-MIA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ojHdJDySx2cLm2bvLx8eLG97nLlGp6wOWLe3Q3V6HyAyD3qQZOZ4YCD0VGgJvw5Te49ENx6uyuE=

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 164ms
52ms Preflight
application/json 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fqnyn.wedahirt.com%2F&domain=qnyn.wedahirt.com&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://qnyn.wedahirt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://qnyn.wedahirt.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 05 Apr 2024 14:36:50 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 504329
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fqnyn.wedahirt.com%2F&domain=qnyn.wedahirt.com&lsw=1
https://mug.criteo.com/sid?cpp=O09UUnxreG1pKzB6RXovN255Mm5YNVVTRUJQWkVBbzh0MXZTelFBWERVZTJldElHVWU0NTBaL1AzeEJFeS9yNmtqTGdaZUdIUXBVcG9QUTRka1pjVlRkNm5kNktoQzRRclZOL0RHRVpiNWdMRFV6T0VySXk1bDVmZkdYYn...

354 B
1001 B

151ms
51ms

XHR
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=O09UUnxreG1pKzB6RXovN255Mm5YNVVTRUJQWkVBbzh0MXZTelFBWERVZTJldElHVWU0NTBaL1AzeEJFeS9yNmtqTGdaZUdIUXBVcG9QUTRka1pjVlRkNm5kNktoQzRRclZOL0RHRVpiNWdMRFV6T0VySXk1bDVmZkdYYnFnYlNGYVJkOG1CQ0hZR0NIV2Nta3F2Vmw5RVpkS1kyczNBRGJWQWRDYXU2UkhyTy8raTE0MnVaV25Zam1QMHJHSmFjSmFrTGRQb3ZkTEF4eTJ1dTV0bFVQOE1Xa0NOQjRmbWNjckN6V2J6ZWpTeDlDZG1JRkJ2dkxJSzhGdVZvRzI2dzhkVmNBfA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e5e891eb06a161eeaeb6a86f3279292fdc0298828e9f6bae509239b1e436a5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qnyn.wedahirt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 14:36:50 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 951879
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 05 Apr 2024 14:36:50 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
access-control-allow-origin: https://qnyn.wedahirt.com
location: https://mug.criteo.com/sid?cpp=O09UUnxreG1pKzB6RXovN255Mm5YNVVTRUJQWkVBbzh0MXZTelFBWERVZTJldElHVWU0NTBaL1AzeEJFeS9yNmtqTGdaZUdIUXBVcG9QUTRka1pjVlRkNm5kNktoQzRRclZOL0RHRVpiNWdMRFV6T0VySXk1bDVmZkdYYnFnYlNGYVJkOG1CQ0hZR0NIV2Nta3F2Vmw5RVpkS1kyczNBRGJWQWRDYXU2UkhyTy8raTE0MnVaV25Zam1QMHJHSmFjSmFrTGRQb3ZkTEF4eTJ1dTV0bFVQOE1Xa0NOQjRmbWNjckN6V2J6ZWpTeDlDZG1JRkJ2dkxJSzhGdVZvRzI2dzhkVmNBfA&cppv=2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 506894
content-length: 0
expires: 0

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 / Show response
prebid.sv.rkdms.com/identity/ 15 B
288 B 221ms
78ms XHR
application/json 34.232.15.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.sv.rkdms.com/identity/?sv_domain=wedahirt.com&sv_pubid=9262&ssp_ids=534404531
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/300a948/vendor/prebid/es2018/prebid.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.15.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-15-39.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 4b82e5c4363493733c9b4923a0de07058c40ce15e093727e4db91f106f31d754

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://qnyn.wedahirt.com
date: Fri, 05 Apr 2024 14:36:50 GMT
access-control-allow-credentials: true
server: awselb/2.0
content-length: 15
vary: Accept-Encoding
content-type: application/json

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
566 B 68ms
49ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=iowij76&fmt=json
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/300a948/vendor/prebid/es2018/prebid.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: f9e4fc03c40413a48076e9068524a8d62ecc91233803d033f26bd79b43ac44c2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Apr 2024 14:36:50 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://qnyn.wedahirt.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Sun, 05 May 2024 14:36:50 GMT

GET
H2 200 f Show response
fid.agkn.com/ 151 B
689 B 198ms
57ms XHR
application/javascript 54.80.224.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fid.agkn.com/f?apiKey=2215608639&r=https%3A%2F%2Fqnyn.wedahirt.com%2F&r=https%3A%2F%2Felavegan.com%2Fcontact%2F
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/300a948/vendor/prebid/es2018/prebid.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.224.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-224-63.compute-1.amazonaws.com
Software: AAWebServer /
Resource Hash: 2558f2b4e82c9f06e30faf2991c26b050c71392c312efcc34aa33cbdf3e877ef

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 14:36:50 GMT
server: AAWebServer
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: application/javascript;charset=iso-8859-1
access-control-allow-origin: https://qnyn.wedahirt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 151
expires: 0

GET
H2 200 d9core Show response
d9.flashtalking.com/ 11 KB
11 KB 183ms
54ms Script
application/javascript 44.218.219.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/d9core
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/300a948/vendor/prebid/es2018/prebid.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.218.219.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-218-219-147.compute-1.amazonaws.com
Software: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: 086081478b01082009deba687ac6f775550a05a83a4d2102997f33c8ccc53909

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:50 GMT
server: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
etag: 5bc31bf7d4a298e1bef9d35fce222bfc
access-control-allow-methods: GET,POST,SERVER
p3p: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: d9.flashtalking.com
content-type: application/javascript;charset=utf-8
cache-control: private, must-revalidate, proxy-revalidate, max-age=172800
access-control-allow-credentials: true

GET
H2

200

envelope Show response
lexicon.33across.com/v1/
Redirect Chain

https://lexicon.33across.com/v1/envelope?pid=0013300001i0fyfAAA&gdpr=0&src=pbjs&ver=8.32.0&coppa=0
https://lexicon.33across.com/v1/envelope?pid=0013300001i0fyfAAA&gdpr=0&src=pbjs&ver=8.32.0&coppa=0&b=1&g=qFQ%2BP%2B6cEsJ9N3U6cuhuTpTpq72YncSDrWIOMTwp7GU%3D

42 B
138 B

67ms
66ms

XHR
application/json

35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0013300001i0fyfAAA&gdpr=0&src=pbjs&ver=8.32.0&coppa=0&b=1&g=qFQ%2BP%2B6cEsJ9N3U6cuhuTpTpq72YncSDrWIOMTwp7GU%3D
Protocol: H2
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qnyn.wedahirt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Fri, 05 Apr 2024 14:36:50 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://qnyn.wedahirt.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Fri, 05 Apr 2024 14:36:50 GMT
via: 1.1 google
referrer-policy: unsafe-url
vary: origin
access-control-allow-origin: https://qnyn.wedahirt.com
location: https://lexicon.33across.com/v1/envelope?pid=0013300001i0fyfAAA&gdpr=0&src=pbjs&ver=8.32.0&coppa=0&b=1&g=qFQ%2BP%2B6cEsJ9N3U6cuhuTpTpq72YncSDrWIOMTwp7GU%3D
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 any Show response
idx.liadm.com/idex/unknown/ 336 B
747 B 213ms
77ms XHR
application/json 34.204.222.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/unknown/any?duid=b258d8488798--01htqb1qescgjrfc50cg75jvzb&cd=.wedahirt.com&resolve=nonId&resolve=uid2&resolve=medianet&resolve=bidswitch&resolve=magnite&resolve=index&resolve=pubmatic&resolve=sovrn&resolve=openx&resolve=thetradedesk

Requested by

Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/300a948/vendor/prebid/es2018/prebid.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.222.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-222-218.compute-1.amazonaws.com

Software

Resource Hash

32a5408f7b51c8ca9563671f91d19ecedfcf6bbd56d378183f850be8d41676b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Apr 2024 14:36:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 14
content-type: application/json
access-control-allow-origin: https://qnyn.wedahirt.com
cache-control: max-age=86399, private
access-control-allow-credentials: true
trace-id: 26b593127144a0f2
content-length: 336
expires: Sat, 06 Apr 2024 14:36:50 GMT

GET
H2 200 id Show response
id.crwdcntrl.net/ 75 B
825 B 208ms
63ms XHR
application/json 18.214.198.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?c=17297
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/300a948/vendor/prebid/es2018/prebid.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.198.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-198-116.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ab44298813dea1bd79e89597246fee98361865341d9b71f876dbc8af50eb445c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 14:36:50 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://qnyn.wedahirt.com
cache-control: no-cache
x-server: 10.40.11.174
access-control-allow-credentials: true
content-length: 75
expires: 0

GET
H2 200 error Show response
logger.adthrive.com/ 21 B
464 B 337ms
151ms XHR
application/json 3.162.3.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.adthrive.com/error?siteId=5c4a0f48df7d2523f3865730&siteName=ElaVegan&bucket=flex-19&branch=300a948&deployment=2024-04-04-5%3Aacd-267%3Apr4440%3A300a948&message=VideoManagerComponent%3A%3AisVideoAllowedOnPage&pageurl=https%3A%2F%2Fqnyn.wedahirt.com%2F&body=%5B%7B%22name%22%3A%22Error%22%2C%22message%22%3A%22DBP%3A%20Disabled%20by%20publisher%20via%20video%20plugin%22%2C%22stack%22%3A%22Error%3A%20DBP%3A%20Disabled%20by%20publisher%20via%20video%20plugin%5Cn%20%20%20%20at%20xp._isVideoAllowedOnPage%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F300a948%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2024-04-04-5%3Aacd-267%3Apr4440%3A300a948%26bucket%3Dflex-19%26deliveryFeatures%3DrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5c4a0f48df7d2523f3865730%3A1277%3A214)%5Cn%20%20%20%20at%20xp._shouldRunAutoplayPlayers%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F300a948%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2024-04-04-5%3Aacd-267%3Apr4440%3A300a948%26bucket%3Dflex-19%26deliveryFeatures%3DrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5c4a0f48df7d2523f3865730%3A1253%3A542)%5Cn%20%20%20%20at%20xp._initializePlayers%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F300a948%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2024-04-04-5%3Aacd-267%3Apr4440%3A300a948%26bucket%3Dflex-19%26deliveryFeatures%3DrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5c4a0f48df7d2523f3865730%3A1269%3A259)%5Cn%20%20%20%20at%20xp.init%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F300a948%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2024-04-04-5%3Aacd-267%3Apr4440%3A300a948%26bucket%3Dflex-19%26deliveryFeatures%3DrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5c4a0f48df7d2523f3865730%3A1266%3A373)%5Cn%20%20%20%20at%20xp.%3Canonymous%3E%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F300a948%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2024-04-04-5%3Aacd-267%3Apr4440%3A300a948%26bucket%3Dflex-19%26deliveryFeatures%3DrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5c4a0f48df7d2523f3865730%3A99%3A486)%5Cn%20%20%20%20at%20https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F300a948%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2024-04-04-5%3Aacd-267%3Apr4440%3A300a948%26bucket%3Dflex-19%26deliveryFeatures%3DrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5c4a0f48df7d2523f3865730%3A1423%3A383%5Cn%20%20%20%20at%20Array.forEach%20(%3Canonymous%3E)%5Cn%20%20%20%20at%20Nk.init%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F300a948%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2024-04-04-5%3Aacd-267%3Apr4440%3A300a948%26bucket%3Dflex-19%26deliveryFeatures%3DrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5c4a0f48df7d2523f3865730%3A1423%3A342)%5Cn%20%20%20%20at%20Nk.%3Canonymous%3E%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F300a948%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2024-04-04-5%3Aacd-267%3Apr4440%3A300a948%26bucket%3Dflex-19%26deliveryFeatures%3DrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5c4a0f48df7d2523f3865730%3A99%3A486)%5Cn%20%20%20%20at%20Te.init%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F300a948%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2024-04-04-5%3Aacd-267%3Apr4440%3A300a948%26bucket%3Dflex-19%26deliveryFeatures%3DrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5c4a0f48df7d2523f3865730%3A1444%3A96)%22%7D%2C%7B%22abgroup%22%3A%7B%22amzn%22%3A%22on%22%2C%22wvtls%22%3A%22off%4075%22%2C%22rog_2%22%3A%22on%40100%22%2C%22mto%22%3A%223%4025%22%2C%22flrml1%22%3A%22fbrap%4098%22%2C%22fto%22%3A%223%4025%22%2C%22roghem_2%22%3A%22on%4050%22%2C%22allbho%22%3A%5B%22off%400%22%5D%2C%22loglev%22%3A%22off%4099%22%2C%22hbho%22%3A%5B%2233across%4025%22%2C%22improvedigital%4015%22%2C%22resetdigital%40100%22%2C%22sharethrough%4090%22%2C%22adform%4095%22%5D%2C%22optd%22%3A%22on%4080%22%2C%22idho%22%3A%5B%22connectId%22%2C%22FTrackId%22%5D%2C%22pbs2s%22%3A%5B%2233across%40100%22%2C%22conversant%40100%22%2C%22grid%4099%22%2C%22improve_ss%40100%22%2C%22pubm_ss%40100%22%2C%22resetdigital%40100%22%2C%22under_ss%40100%22%2C%22unruly%40100%22%2C%22yieldmo%40100%22%2C%22adform%40100%22%2C%22aidem_ss%40100%22%2C%22gridnat%40100%22%5D%2C%22adt2%22%3A%22500%4085%22%2C%22s2sparam%22%3A%22on%4099%22%2C%22multirefaucd%22%3A%2220sf1%4040%22%2C%22multirefaucv%22%3A%22off%4034%22%2C%22coldr%22%3A%22both%40100%22%2C%22krgodr%22%3A%22client%4098%22%2C%22opnxdr%22%3A%22both%4098%22%2C%22magnitedr%22%3A%22both%4098%22%2C%22tripleliftdr%22%3A%22both%4098%22%2C%22yahoodr1%22%3A%22both%4098%22%2C%22multis2s%22%3A%221%4033%22%2C%22ito_df%22%3A%222300%4015%22%2C%223pho%22%3A%22none%4095%22%2C%22vbho%22%3A%5B%22gumgum%4050%22%2C%22resetdigital%40100%22%2C%22roundel%4015%22%2C%2233across%40100%22%2C%22adform%4095%22%5D%2C%22optv%22%3A%22on%4080%22%2C%22cbt%22%3A%224s%4075%22%2C%22vasttoisv%22%3A%2215s%4060%22%2C%22vasttoosv%22%3A%223s%4080%22%2C%22proto%22%3A%22all%4055%22%2C%22pbm%22%3A%22on%22%2C%22addur%22%3A%22off%4097%22%2C%22adlifecyc%22%3A%22off%4090%22%2C%22reqTo%22%3A%2215%4060%22%2C%22osp%22%3A%222%40100%22%2C%22dofre%22%3A%22off%4099%22%2C%22csp%22%3A%22on%40100%22%2C%22vmaxdur%22%3A%2230%4098%22%2C%22jwpv%22%3A%228.30.0%4099%22%2C%22smhd100%22%3A%22off%22%2C%22dcsll_ss2%22%3A%227.30%4050%22%2C%22intcfg%22%3A%22on%4090%22%2C%22aed1%22%3A%22on%40100%22%2C%22ainv2%22%3A%221000%40100%22%2C%22scre%22%3A%22on%22%2C%22pbsflr1%22%3A%22off%4095%22%2C%22csync_lim%22%3A%225%4025%22%2C%22s2sto%22%3A%221250%4040%22%2C%22jwb%22%3A%22on%4095%22%2C%22fldg%22%3A%22off%4095%22%2C%22s2store%22%3A%222000%405%22%2C%22rrpbs%22%3A%22west%4050%22%2C%22rpbsp%22%3A%22on%40100%22%2C%22multiserverauc%22%3A%2220s%4090%22%2C%22rpbsdr%22%3A%224%4020%22%2C%22rmos1%22%3A%22off%4099%22%2C%22socon%22%3A%220%4033%22%2C%22ntvrat%22%3A%22169%4072%22%2C%22rmpu%22%3A%22on%4050%22%2C%22rtbf%22%3A%22on%40100%22%2C%22dco%22%3A%22relaxed%40100%22%2C%22dajto%22%3A%22on%40100%22%2C%22opli%22%3A%22off%4050%22%2C%22vpred_1%22%3A%220.9%4096%22%2C%22crtvmon%22%3A%22off%4090%22%2C%22ssptrm%22%3A%22off%40100%22%2C%22oxli%22%3A%22on%4097%22%2C%22tlli%22%3A%22off%40100%22%2C%22lito%22%3A%220%4025%22%2C%22pba%22%3A%22none%4099%22%2C%22amzn_hold_disp%22%3A%22off%4050%22%2C%22addens%22%3A%22off%4075%22%2C%22bmetrics%22%3A%22on%4099%22%2C%22spa%22%3A%22off%400%22%2C%22fcp%22%3A%22topLeft%40100%22%2C%22confiant1%22%3A%22off%4090%22%2C%22scae%22%3A%22on%22%2C%22rrc%22%3A%22on%22%2C%22refsoflr%22%3A%220%4080%22%2C%22sesflrso%22%3A%220.1%4020%22%2C%22ssff%22%3A%22on%40100%22%2C%22essa%22%3A%22on%40100%22%2C%22jtte%22%3A%22on%40100%22%2C%22logcls%22%3A%22off%4090%22%2C%22mgncrbn%22%3A%22off%4075%22%2C%22nlsentrckr%22%3A%22off%40100%22%2C%22rebuildslot%22%3A%22on%4095%22%2C%22sre%22%3A%22off%40100%22%2C%22prm%22%3A%22on%40100%22%2C%22dovh%22%3A%22off%4099%22%2C%22upl%22%3A%22on%4025%22%2C%22datapriv%22%3A%22off%4090%22%2C%22vcsu%22%3A%22on%40100%22%2C%22ssau%22%3A%22off%40100%22%2C%22pale%22%3A%22off%4099%22%2C%22dssc2%22%3A%225%4016%22%2C%22inp%22%3A%22on%40100%22%7D%2C%22pubab%22%3A%7B%7D%2C%22sess%22%3A%2201HTQB1Q9JJK26FCETERX33P8M%22%2C%22pvk%22%3A%2201HTQB1PMJ6N3MH445DACXC9FF%22%2C%22hbho%22%3A%5B%2233across%22%2C%22improvedigital%22%2C%22resetdigital%22%2C%22sharethrough%22%2C%22adform%22%5D%2C%22vbho%22%3A%5B%22gumgum%22%2C%22resetdigital%22%2C%22roundel%22%2C%2233across%22%2C%22adform%22%5D%2C%22spa%22%3Afalse%2C%22lmdv%22%3A%221.67.0%22%2C%22clsBranch%22%3A%223cadfd1%22%2C%22clsBucket%22%3A%22prod%22%7D%5D
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/300a948/es2018/js/adthrive.min.js?deployment=2024-04-04-5:acd-267:pr4440:300a948&bucket=flex-19&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5c4a0f48df7d2523f3865730
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-123.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:51 GMT
via: 1.1 bccdd9eb44a87c0c46b5374545a79a04.cloudfront.net (CloudFront)
last-modified: Thu, 12 Nov 2020 16:17:57 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P2
etag: "711ef07ada64abbd94e9099392aa8d74"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
content-length: 21
x-amz-cf-id: lTWrjt3VCZI4FKD625o9AcIddUXN-OodzRncd9ufZsQ706-X0_kc_g==

GET
H2 200 ads.min.css
ads.adthrive.com/sites/5c4a0f48df7d2523f3865730/ 935 B
1 KB 73ms
73ms Stylesheet
text/css 3.162.3.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/sites/5c4a0f48df7d2523f3865730/ads.min.css
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/300a948/es2018/js/adthrive.min.js?deployment=2024-04-04-5:acd-267:pr4440:300a948&bucket=flex-19&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5c4a0f48df7d2523f3865730
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-70.yul62.r.cloudfront.net
Software: CloudFront /
Resource Hash: 8200eb53b0e2352b9c69352a4814d80b815ebf478c809703bb0749f49db73f1f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 16:20:30 GMT
via: 1.1 1bffd64b2a2fa20ecc97fd2f8e605ec4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: YUL62-P2
age: 80180
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=3600, s-maxage=86400
content-length: 935
x-amz-cf-id: 4pwv8OcB-WMGgDocXupbuAKd_XpQcS6yFbinhM9pJxvuh8jz5PkM2g==

GET
H2 200 4fbba76f-7987-4fa2-9733-c27eb3a2170b Show response
config.aps.amazon-adsystem.com/configs/ 563 B
829 B 231ms
73ms Script
application/javascript 3.162.3.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-125.yul62.r.cloudfront.net
Software: CloudFront /
Resource Hash: a8ffbeb9d1a186b20d139ad911064c9964f7487af70bb0c9ffe42238a3d6eae0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:16:58 GMT
via: 1.1 141b2a0bfdcf3225afbe04affb901120.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: YUL62-P2
age: 1192
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: LqtFDy50lB5su5IWH56jP9rgv6HqLwOSOY5jk0-ysIih3y1PmOEfWg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 500 B
852 B 93ms
93ms XHR
application/json 3.162.8.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fqnyn.wedahirt.com&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.8.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-8-154.yul62.r.cloudfront.net
Software: Server /
Resource Hash: f452ae95fbcd3d99bf0951675e5ee7f8810b25b9f0cc271edfe48c58c505ab9d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:50 GMT
via: 1.1 39bd4dd36d89ac693c6b532053af59d6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: YUL62-P2
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://qnyn.wedahirt.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 500
x-amz-cf-id: N8-gwGcxanWluxhwcleyhj3tHtrtCuLpIM8d69UN3sC6FxapyIz0qQ==

GET
H2 200 error Show response
logger.adthrive.com/ 21 B
467 B 303ms
151ms XHR
application/json 3.162.3.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.adthrive.com/error?siteId=5c4a0f48df7d2523f3865730&siteName=ElaVegan&bucket=flex-19&branch=300a948&deployment=2024-04-04-5%3Aacd-267%3Apr4440%3A300a948&message=OptableBootstrap%3A%3Aload%20Failed%20to%20bootstrap%20Optable%20SDK&pageurl=https%3A%2F%2Fqnyn.wedahirt.com%2F&body=%5B%7B%22name%22%3A%22TypeError%22%2C%22message%22%3A%22Failed%20to%20fetch%22%2C%22stack%22%3A%22TypeError%3A%20Failed%20to%20fetch%5Cn%20%20%20%20at%20l%20(https%3A%2F%2Fraptive.solutions.cdn.optable.co%2Fpublic-assets%2Fraptive-sdk.js%3A2%3A17855)%5Cn%20%20%20%20at%20window.optable.instance.resolve%20(https%3A%2F%2Fraptive.solutions.cdn.optable.co%2Fpublic-assets%2Fraptive-sdk.js%3A2%3A21409)%5Cn%20%20%20%20at%20https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F300a948%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2024-04-04-5%3Aacd-267%3Apr4440%3A300a948%26bucket%3Dflex-19%26deliveryFeatures%3DrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5c4a0f48df7d2523f3865730%3A167%3A394%5Cn%20%20%20%20at%20dm.addToQueue%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F300a948%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2024-04-04-5%3Aacd-267%3Apr4440%3A300a948%26bucket%3Dflex-19%26deliveryFeatures%3DrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5c4a0f48df7d2523f3865730%3A166%3A106)%5Cn%20%20%20%20at%20https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F300a948%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2024-04-04-5%3Aacd-267%3Apr4440%3A300a948%26bucket%3Dflex-19%26deliveryFeatures%3DrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5c4a0f48df7d2523f3865730%3A167%3A123%5Cn%20%20%20%20at%20new%20Promise%20(%3Canonymous%3E)%5Cn%20%20%20%20at%20dm.resolveThirdPartyClusters%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F300a948%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2024-04-04-5%3Aacd-267%3Apr4440%3A300a948%26bucket%3Dflex-19%26deliveryFeatures%3DrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5c4a0f48df7d2523f3865730%3A167%3A98)%5Cn%20%20%20%20at%20yd._handleResolvingOptable%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F300a948%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2024-04-04-5%3Aacd-267%3Apr4440%3A300a948%26bucket%3Dflex-19%26deliveryFeatures%3DrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5c4a0f48df7d2523f3865730%3A175%3A117)%5Cn%20%20%20%20at%20yd._start%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F300a948%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2024-04-04-5%3Aacd-267%3Apr4440%3A300a948%26bucket%3Dflex-19%26deliveryFeatures%3DrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5c4a0f48df7d2523f3865730%3A174%3A410)%5Cn%20%20%20%20at%20yd.load%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F300a948%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2024-04-04-5%3Aacd-267%3Apr4440%3A300a948%26bucket%3Dflex-19%26deliveryFeatures%3DrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5c4a0f48df7d2523f3865730%3A172%3A427)%22%7D%2C%7B%22abgroup%22%3A%7B%22amzn%22%3A%22on%22%2C%22wvtls%22%3A%22off%4075%22%2C%22rog_2%22%3A%22on%40100%22%2C%22mto%22%3A%223%4025%22%2C%22flrml1%22%3A%22fbrap%4098%22%2C%22fto%22%3A%223%4025%22%2C%22roghem_2%22%3A%22on%4050%22%2C%22allbho%22%3A%5B%22off%400%22%5D%2C%22loglev%22%3A%22off%4099%22%2C%22hbho%22%3A%5B%2233across%4025%22%2C%22improvedigital%4015%22%2C%22resetdigital%40100%22%2C%22sharethrough%4090%22%2C%22adform%4095%22%5D%2C%22optd%22%3A%22on%4080%22%2C%22idho%22%3A%5B%22connectId%22%2C%22FTrackId%22%5D%2C%22pbs2s%22%3A%5B%2233across%40100%22%2C%22conversant%40100%22%2C%22grid%4099%22%2C%22improve_ss%40100%22%2C%22pubm_ss%40100%22%2C%22resetdigital%40100%22%2C%22under_ss%40100%22%2C%22unruly%40100%22%2C%22yieldmo%40100%22%2C%22adform%40100%22%2C%22aidem_ss%40100%22%2C%22gridnat%40100%22%5D%2C%22adt2%22%3A%22500%4085%22%2C%22s2sparam%22%3A%22on%4099%22%2C%22multirefaucd%22%3A%2220sf1%4040%22%2C%22multirefaucv%22%3A%22off%4034%22%2C%22coldr%22%3A%22both%40100%22%2C%22krgodr%22%3A%22client%4098%22%2C%22opnxdr%22%3A%22both%4098%22%2C%22magnitedr%22%3A%22both%4098%22%2C%22tripleliftdr%22%3A%22both%4098%22%2C%22yahoodr1%22%3A%22both%4098%22%2C%22multis2s%22%3A%221%4033%22%2C%22ito_df%22%3A%222300%4015%22%2C%223pho%22%3A%22none%4095%22%2C%22vbho%22%3A%5B%22gumgum%4050%22%2C%22resetdigital%40100%22%2C%22roundel%4015%22%2C%2233across%40100%22%2C%22adform%4095%22%5D%2C%22optv%22%3A%22on%4080%22%2C%22cbt%22%3A%224s%4075%22%2C%22vasttoisv%22%3A%2215s%4060%22%2C%22vasttoosv%22%3A%223s%4080%22%2C%22proto%22%3A%22all%4055%22%2C%22pbm%22%3A%22on%22%2C%22addur%22%3A%22off%4097%22%2C%22adlifecyc%22%3A%22off%4090%22%2C%22reqTo%22%3A%2215%4060%22%2C%22osp%22%3A%222%40100%22%2C%22dofre%22%3A%22off%4099%22%2C%22csp%22%3A%22on%40100%22%2C%22vmaxdur%22%3A%2230%4098%22%2C%22jwpv%22%3A%228.30.0%4099%22%2C%22smhd100%22%3A%22off%22%2C%22dcsll_ss2%22%3A%227.30%4050%22%2C%22intcfg%22%3A%22on%4090%22%2C%22aed1%22%3A%22on%40100%22%2C%22ainv2%22%3A%221000%40100%22%2C%22scre%22%3A%22on%22%2C%22pbsflr1%22%3A%22off%4095%22%2C%22csync_lim%22%3A%225%4025%22%2C%22s2sto%22%3A%221250%4040%22%2C%22jwb%22%3A%22on%4095%22%2C%22fldg%22%3A%22off%4095%22%2C%22s2store%22%3A%222000%405%22%2C%22rrpbs%22%3A%22west%4050%22%2C%22rpbsp%22%3A%22on%40100%22%2C%22multiserverauc%22%3A%2220s%4090%22%2C%22rpbsdr%22%3A%224%4020%22%2C%22rmos1%22%3A%22off%4099%22%2C%22socon%22%3A%220%4033%22%2C%22ntvrat%22%3A%22169%4072%22%2C%22rmpu%22%3A%22on%4050%22%2C%22rtbf%22%3A%22on%40100%22%2C%22dco%22%3A%22relaxed%40100%22%2C%22dajto%22%3A%22on%40100%22%2C%22opli%22%3A%22off%4050%22%2C%22vpred_1%22%3A%220.9%4096%22%2C%22crtvmon%22%3A%22off%4090%22%2C%22ssptrm%22%3A%22off%40100%22%2C%22oxli%22%3A%22on%4097%22%2C%22tlli%22%3A%22off%40100%22%2C%22lito%22%3A%220%4025%22%2C%22pba%22%3A%22none%4099%22%2C%22amzn_hold_disp%22%3A%22off%4050%22%2C%22addens%22%3A%22off%4075%22%2C%22bmetrics%22%3A%22on%4099%22%2C%22spa%22%3A%22off%400%22%2C%22fcp%22%3A%22topLeft%40100%22%2C%22confiant1%22%3A%22off%4090%22%2C%22scae%22%3A%22on%22%2C%22rrc%22%3A%22on%22%2C%22refsoflr%22%3A%220%4080%22%2C%22sesflrso%22%3A%220.1%4020%22%2C%22ssff%22%3A%22on%40100%22%2C%22essa%22%3A%22on%40100%22%2C%22jtte%22%3A%22on%40100%22%2C%22logcls%22%3A%22off%4090%22%2C%22mgncrbn%22%3A%22off%4075%22%2C%22nlsentrckr%22%3A%22off%40100%22%2C%22rebuildslot%22%3A%22on%4095%22%2C%22sre%22%3A%22off%40100%22%2C%22prm%22%3A%22on%40100%22%2C%22dovh%22%3A%22off%4099%22%2C%22upl%22%3A%22on%4025%22%2C%22datapriv%22%3A%22off%4090%22%2C%22vcsu%22%3A%22on%40100%22%2C%22ssau%22%3A%22off%40100%22%2C%22pale%22%3A%22off%4099%22%2C%22dssc2%22%3A%225%4016%22%2C%22inp%22%3A%22on%40100%22%2C%22aos%22%3A%22off%4099%22%7D%2C%22pubab%22%3A%7B%7D%2C%22sess%22%3A%2201HTQB1Q9JJK26FCETERX33P8M%22%2C%22pvk%22%3A%2201HTQB1PMJ6N3MH445DACXC9FF%22%2C%22hbho%22%3A%5B%2233across%22%2C%22improvedigital%22%2C%22resetdigital%22%2C%22sharethrough%22%2C%22adform%22%5D%2C%22vbho%22%3A%5B%22gumgum%22%2C%22resetdigital%22%2C%22roundel%22%2C%2233across%22%2C%22adform%22%5D%2C%22spa%22%3Afalse%2C%22lmdv%22%3A%221.67.0%22%2C%22clsBranch%22%3A%223cadfd1%22%2C%22clsBucket%22%3A%22prod%22%7D%5D
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/300a948/es2018/js/adthrive.min.js?deployment=2024-04-04-5:acd-267:pr4440:300a948&bucket=flex-19&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5c4a0f48df7d2523f3865730
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-123.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:51 GMT
via: 1.1 bccdd9eb44a87c0c46b5374545a79a04.cloudfront.net (CloudFront)
last-modified: Thu, 12 Nov 2020 16:17:57 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P2
etag: "711ef07ada64abbd94e9099392aa8d74"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
content-length: 21
x-amz-cf-id: RcsbbwGzkVdCnh-7asElbVJwmGvYUoI7bPWF-r9NlAkM3lw90FdGbA==

POST
H2 200 lgc Show response
d9.flashtalking.com/ 103 B
543 B 100ms
99ms XHR
application/json 44.218.219.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/lgc
Requested by: Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.218.219.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-218-219-147.compute-1.amazonaws.com
Software: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: 5a318bc39ff98890d1f5f7f76d475e849cc0fdd08167e10f982fb540e348ddd7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 05 Apr 2024 14:36:50 GMT
server: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
access-control-allow-methods: GET,POST,SERVER
p3p: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: https://qnyn.wedahirt.com
content-type: application/json;charset=ISO-8859-1
access-control-allow-credentials: true
content-length: 103

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035453&cs_fpcu=ce4da7b433ef4f2da401684e1a2a1d58&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1712327810806&ns_c=UTF-8&cs_fpid=%7B%22value%22%3A%22null%22%2C%22cr...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035453&cs_fpcu=ce4da7b433ef4f2da401684e1a2a1d58&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1712327810806&ns_c=UTF-8&cs_fpid=%7B%22value%22%3A%22null%22%2C%22c...

0
225 B

83ms
82ms

Image
text/plain

3.162.3.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035453&cs_fpcu=ce4da7b433ef4f2da401684e1a2a1d58&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1712327810806&ns_c=UTF-8&cs_fpid=%7B%22value%22%3A%22null%22%2C%22created%22%3A1712327810407%7D&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null&cs_ucfr=1&c7=https%3A%2F%2Fqnyn.wedahirt.com%2F&c8=Contact%20%2F%20Work%20With%20Me%20-%20Elavegan&c9=
Protocol: H2
Server: 3.162.3.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-55.yul62.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qnyn.wedahirt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Fri, 05 Apr 2024 14:36:50 GMT
via: 1.1 212f3832d7f59d71fd3926166fcc89ae.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: YUL62-P2
x-amz-cf-id: Xa7GULL93kHHFrcqSpZc_XdIt44hEvX-fnBS75G-Icti4M3VgohOOQ==
x-cache: Miss from cloudfront

Redirect headers

date: Fri, 05 Apr 2024 14:36:50 GMT
via: 1.1 212f3832d7f59d71fd3926166fcc89ae.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: YUL62-P2
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=6035453&cs_fpcu=ce4da7b433ef4f2da401684e1a2a1d58&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1712327810806&ns_c=UTF-8&cs_fpid=%7B%22value%22%3A%22null%22%2C%22created%22%3A1712327810407%7D&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null&cs_ucfr=1&c7=https%3A%2F%2Fqnyn.wedahirt.com%2F&c8=Contact%20%2F%20Work%20With%20Me%20-%20Elavegan&c9=
content-length: 0
x-amz-cf-id: QOWS-gB-0CsLuc0mEimOzbyYZRMSykf5AGzpTyg_Bf1o5umefNqdoQ==

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202402121010/ 300 KB
93 KB 50ms
50ms Script
application/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202402121010/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83fb5073665d9434da512303204b7628f0e5905071c54bb50f0d46bf807b1963

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://qnyn.wedahirt.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 14:36:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Feb 2024 15:11:18 GMT
server: cloudflare
x-amz-request-id: CPJNWZGPNK0EY4JC
age: 154932
etag: W/"3d93a0af15b12fc9dbbc93edd96a2b7f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 86fa45d1afd9221a-MIA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Rjq5E+ySReXcE751NbJ5QeelTQCJf7/lipMRV5n+U1ZS+jvMgyNht5qTx77kNt9Sf+pLXWby4Z0=

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 165ms
55ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 05 Apr 2024 14:36:50 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 232704
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1712327811044&se=e30&duid=b258d8488798--01htqb1qescgjrfc50cg75jvzb&tv=8.32.0&pu=https%3A%2F%2Fqnyn.wedahirt.com%2F&wpn=prebid&cd=.wedahirt.com
https://rp4.liadm.com/j?se=e30&duid=b258d8488798--01htqb1qescgjrfc50cg75jvzb&cd=.wedahirt.com&dtstmp=1712327811044&tv=8.32.0&wpn=prebid&pu=https%3A%2F%2Fqnyn.wedahirt.com%2F&i6=MjAwMTo1NTA6MWQwNTox...

13 B
318 B

188ms
54ms

XHR
application/json

3.208.238.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?se=e30&duid=b258d8488798--01htqb1qescgjrfc50cg75jvzb&cd=.wedahirt.com&dtstmp=1712327811044&tv=8.32.0&wpn=prebid&pu=https%3A%2F%2Fqnyn.wedahirt.com%2F&i6=MjAwMTo1NTA6MWQwNToxOjo1
Protocol: H2
Server: 3.208.238.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-238-237.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qnyn.wedahirt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Fri, 05 Apr 2024 14:36:51 GMT
x-pixel-event-id: bcd7723e-f1fb-4bd7-ac7e-b46d9fb44dfc
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?se=e30&duid=b258d8488798--01htqb1qescgjrfc50cg75jvzb&cd=.wedahirt.com&dtstmp=1712327811044&tv=8.32.0&wpn=prebid&pu=https%3A%2F%2Fqnyn.wedahirt.com%2F&i6=MjAwMTo1NTA6MWQwNToxOjo1
access-control-allow-origin: https://qnyn.wedahirt.com
date: Fri, 05 Apr 2024 14:36:51 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: elavegan.com
URL: https://elavegan.com/wp-content/plugins/simple-social-icons/symbol-defs.svg

Domain: elavegan.com
URL: https://elavegan.com/wp-content/plugins/simple-social-icons/symbol-defs.svg

Domain: elavegan.com
URL: https://elavegan.com/wp-content/plugins/simple-social-icons/symbol-defs.svg

Domain: elavegan.com
URL: https://elavegan.com/wp-content/plugins/simple-social-icons/symbol-defs.svg

Domain: elavegan.com
URL: https://elavegan.com/wp-content/plugins/simple-social-icons/symbol-defs.svg

Domain: raptive-auth.cloud.optable.co
URL: https://raptive-auth.cloud.optable.co/s-5c4a0f48df7d2523f3865730/config?cookies=no&passport=&osdk=web-v0.18.12

Domain: raptive.cloud.optable.co
URL: https://raptive.cloud.optable.co/s-5c4a0f48df7d2523f3865730/v1/resolve?id=__ip__

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=111

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/j	1970-01-21 05:14:47	Name: lidid Value: 25cca4b1-3d2a-4644-aaf8-9e300f4a8db6
.adsrvr.org/	1970-01-21 04:24:23	Name: TDID Value: f69eca75-9010-426f-a600-be4d5e8f4cb8
.wedahirt.com/	1970-01-21 05:14:47	Name: _ga_YDWEQ77NH9 Value: GS1.1.1712327809.1.0.1712327809.0.0.0
qnyn.wedahirt.com/	1970-01-20 19:38:48	Name: __adblocker Value: false
.wedahirt.com/	1970-01-21 04:24:23	Name: cf_clearance Value: EknSatoAup9e2_bu6eHd45UNpIaZSN_F_tDpCPhldjQ-1712327809-1.0.1.1-Hnkj7nfuybt_Nq9zZ6nyzVGnvHvBmeBumgMi8x2evBszP0uT7ol5nKeD8J.rKJI9DYavu_u2NsWCLezlNe66gg
.wedahirt.com/	1970-01-21 05:14:47	Name: _ga Value: GA1.2.199783514.1712327810
.wedahirt.com/	1970-01-20 19:40:14	Name: _gid Value: GA1.2.740153887.1712327810
.wedahirt.com/	1970-01-20 19:38:47	Name: _gat_gtag_UA_80585808_1 Value: 1
.adnxs.com/	1970-01-21 05:14:47	Name: receive-cookie-deprecation Value: 1
ads.adthrive.com/	1970-01-21 05:14:47	Name: mcmpfreqrec Value: [{"rf_code":"MMOM_2021_f2r7_A","recency":7,"frequency":2,"partners":["ix","gam"],"counter":1,"isMatched":false,"created":"2024-04-05T14:36:50.280Z","modified":"2024-04-05T14:36:50.280Z"}]
qnyn.wedahirt.com/	1970-01-21 05:14:47	Name: usprivacy Value: 1YNY
.wedahirt.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .wedahirt.com
.wedahirt.com/	1970-01-21 05:14:47	Name: _lc2_fpi Value: b258d8488798--01htqb1qescgjrfc50cg75jvzb
.wedahirt.com/	1970-01-21 05:14:47	Name: _lc2_fpi_meta Value: %7B%22w%22%3A1712327810521%7D
qnyn.wedahirt.com/	1970-01-20 19:38:51	Name: _lr_retry_request Value: true
qnyn.wedahirt.com/	1970-01-20 20:21:59	Name: _lr_env_src_ats Value: false
.dotomi.com/	1970-01-20 19:38:47	Name: DotomiTest Value: 1a6c5b859b3006f5
.33across.com/	1970-01-21 04:24:23	Name: check Value: true
.rubiconproject.com/	1970-01-21 04:24:23	Name: khaos Value: LUMRRMOI-4-29HS
.agkn.com/	1970-01-21 04:24:23	Name: ab Value: 0001%3Aqqkv3RfUGPP0frVzrb7vD2qpKUXegYJv
.liadm.com/	1970-01-21 05:14:47	Name: lidid Value: 25cca4b1-3d2a-4644-aaf8-9e300f4a8db6
.rkdms.com/	1970-01-21 04:24:23	Name: sessionid Value: h-99b4329ebde94ff291480ccfc1091fa6_t-1712327810
.crwdcntrl.net/	1970-01-21 02:07:34	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 02:07:34	Name: _cc_id Value: deb696141b15cb75bbc88c2253a9ae66
.crwdcntrl.net/	1970-01-21 02:07:35	Name: _cc_cc Value: "ACZ4XmNQSElNMrM0MzQxTDI0TU4yN01KSrawSDYyMjVOtExMNTNjAII0AZ4mEA0FAFNcChY%3D"
.crwdcntrl.net/	1970-01-21 02:07:35	Name: _cc_aud Value: "ABR4XmNgYGBIE%2BBpAlJQAAAMnAEF"
.wedahirt.com/	1970-01-20 19:40:14	Name: panoramaId_expiry Value: 1712414210728
.wedahirt.com/	1970-01-21 02:07:35	Name: _cc_id Value: deb696141b15cb75bbc88c2253a9ae66
qnyn.wedahirt.com/	1970-01-21 05:00:23	Name: _scor_uid Value: ce4da7b433ef4f2da401684e1a2a1d58
.flashtalking.com/	1970-01-21 04:24:23	Name: _D9J Value: 6810410d570842e9a52133e9e6f10f48
.scorecardresearch.com/	1970-01-21 05:14:47	Name: UID Value: 12Bee3c2fd0f506e7506ca81712327810
.scorecardresearch.com/	1970-01-20 20:21:59	Name: PID Value: 1B3ee3c2fcf4206e7506e5b1712327810
.scorecardresearch.com/	1970-01-20 20:21:59	Name: XID Value: 12Bee3c2fd0f506e7506ca81712327810
.resetdigital.co/	1970-01-20 21:48:23	Name: ckbk Value: 0000013924BED671
.criteo.com/	1970-01-21 05:00:23	Name: partitioned_bundle Value: ZpXwqF9SQmJ6ZXhXNG1wbDFQUjVQREMlMkJJd3dlS0RwRmtFOTlHOCUyRnFVcjFIZlVPY2VVcjBVRnNuckRvZzVpdUlmRDVFYXROTnlJWmoxciUyRlU5MmNmSkFwTzl4aUxSa3NQaDhGWnJGSm1zMjFpNW1EWiUyRiUyRnAwQmxJbEl3Z2VsbXpoUnhGQ0ltTTk3Y1klMkZCS1ZYMmlKQklxUGdhekElM0QlM0Q
.3lift.com/	1970-01-20 21:48:23	Name: tluidp Value: 1830314973999912086686
.3lift.com/	1970-01-20 21:48:23	Name: tluid Value: 1830314973999912086686
.openx.net/	1970-01-21 04:24:23	Name: i Value: 8478477b-0d6d-4276-96c9-92a868f76d47%7C1712327811
.pubmatic.com/	1970-01-20 19:40:14	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 21:48:23	Name: SyncRTB3 Value: 1713484800%3A220
.pubmatic.com/	1970-01-21 04:24:23	Name: KADUSERCOOKIE Value: FFEB3855-3232-497B-91C6-662DDEA8EE7B
.doubleclick.net/	1970-01-21 05:14:47	Name: IDE Value: AHWqTUll6ewPSULLq6KSGKFHtl0i87V4dg1uxo9UpY5yVFG5ztI-KGOL34d_OAV2ILo
.pubmatic.com/	1970-01-20 19:40:14	Name: pi Value: 159706:3
.pubmatic.com/	1970-01-20 21:48:23	Name: chkChromeAb67Sec Value: 2
.kargo.com/	1970-01-21 04:24:23	Name: ktcid Value: 4902302c-fff3-093c-51e5-1f9410cca491
.yieldmo.com/	1970-01-21 04:24:23	Name: yieldmo_id Value: VcIpNs9ocp9I7hb1qPuP%7C1712275200000%7C0
.rubiconproject.com/	1970-01-21 04:24:23	Name: audit Value: 1\|AhOt/OjCQmLMC+mozqgQ1vwaJYsTdkaLkNFVBE65qfA8fCYmOTvXg2+XoqPvmygXXrSGu7ngc+BCbuL7wqM7W7V2J6hLuyBsArD8VOIeRwFwMo4KZcwObHAsoA3GEnQ/AjcKuXlusy6UaEKsIQw5dw==
.rubiconproject.com/	1970-01-20 21:48:23	Name: receive-cookie-deprecation Value: 1
.bidswitch.net/	1970-01-21 04:24:23	Name: tuuid Value: 7a4c9400-0ae5-4f34-8fc5-a681b0852315
.bidswitch.net/	1970-01-21 04:24:23	Name: c Value: 1712327813
.bidswitch.net/	1970-01-21 04:24:23	Name: tuuid_lu Value: 1712327813
.yahoo.com/	1970-01-21 04:24:45	Name: A3 Value: d=AQABBIUMEGYCEJcEQZB1NeAvmRDKXAiAGvQFEgEBAQFeEWYZZtxH0iMA_eMAAA&S=AQAAAsnpt3ew0GKu-xa8-yN3JIM
.analytics.yahoo.com/	1970-01-21 04:24:23	Name: IDSYNC Value: 1929~2hp2
.prebid-server.rubiconproject.com/	1970-01-20 19:58:57	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJ5YWhvb0FkcyI6eyJ1aWQiOiJ5LXRpbjhraEpFMnVFdlg1ZnV0ZFp4cWdtRXRaR3Z3SFNyfkEiLCJleHBpcmVzIjoiMjAyNC0wNC0xOVQxNDozNjo1My44MzU1OTc4MTJaIn0sInVucnVseSI6eyJ1aWQiOiJPUFRPVVQiLCJleHBpcmVzIjoiMjAyNC0wNC0xOVQxNDozNjo1MC44NzQ4ODA0NDRaIn0sImdyaWQiOnsidWlkIjoiN2E0Yzk0MDAtMGFlNS00ZjM0LThmYzUtYTY4MWIwODUyMzE1IiwiZXhwaXJlcyI6IjIwMjQtMDQtMTlUMTQ6MzY6NTMuNTQwOTA0NDAyWiJ9LCJwdWJtYXRpYyI6eyJ1aWQiOiJGRkVCMzg1NS0zMjMyLTQ5N0ItOTFDNi02NjJEREVBOEVFN0IiLCJleHBpcmVzIjoiMjAyNC0wNC0xOVQxNDozNjo1Mi4zNzI4MjA0MDFaIn0sInRyaXBsZWxpZnQiOnsidWlkIjoiMTgzMDMxNDk3Mzk5OTkxMjA4NjY4NiIsImV4cGlyZXMiOiIyMDI0LTA0LTE5VDE0OjM2OjUxLjM5MDIwMDYzM1oifSwicnViaWNvbiI6eyJ1aWQiOiJMVU1SUk1PSS00LTI5SFMiLCJleHBpcmVzIjoiMjAyNC0wNC0xOVQxNDozNjo1My4wMTM5MDQ0MjdaIn0sImNvbnZlcnNhbnQiOnsidWlkIjoiQUFBQmNqZ3V1MDdXMkFOWkxHY1ZBQUFBQUFBIiwiZXhwaXJlcyI6IjIwMjQtMDQtMTlUMTQ6MzY6NTAuNjQ5NzM0OTYyWiJ9LCJyZXNldGRpZ2l0YWwiOnsidWlkIjoiMDAwMDAxMzkyNEJFRDY3MSIsImV4cGlyZXMiOiIyMDI0LTA0LTE5VDE0OjM2OjUxLjEyMzYxMjI0M1oifSwib3BlbngiOnsidWlkIjoiNmUwYWY3ZWQtMWQ3NS00ZTY4LWE3OTMtOWE1NThkOGI5YzM3IiwiZXhwaXJlcyI6IjIwMjQtMDQtMTlUMTQ6MzY6NTEuNjM5NjE2MjY0WiJ9LCJ5aWVsZG1vIjp7InVpZCI6IlZjSXBOczlvY3A5STdoYjFxUHVQIiwiZXhwaXJlcyI6IjIwMjQtMDQtMTlUMTQ6MzY6NTIuNzk4MjQxMjM0WiJ9fX0=

128 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://qnyn.wedahirt.com/(Line 501) Message: Unsafe attempt to load URL https://elavegan.com/wp-content/plugins/simple-social-icons/symbol-defs.svg from frame with URL https://qnyn.wedahirt.com/. Domains, protocols and ports must match.
security	error	URL: https://qnyn.wedahirt.com/(Line 501) Message: Unsafe attempt to load URL https://elavegan.com/wp-content/plugins/simple-social-icons/symbol-defs.svg from frame with URL https://qnyn.wedahirt.com/. Domains, protocols and ports must match.
security	error	URL: https://qnyn.wedahirt.com/(Line 501) Message: Unsafe attempt to load URL https://elavegan.com/wp-content/plugins/simple-social-icons/symbol-defs.svg from frame with URL https://qnyn.wedahirt.com/. Domains, protocols and ports must match.
security	error	URL: https://qnyn.wedahirt.com/(Line 501) Message: Unsafe attempt to load URL https://elavegan.com/wp-content/plugins/simple-social-icons/symbol-defs.svg from frame with URL https://qnyn.wedahirt.com/. Domains, protocols and ports must match.
security	error	URL: https://qnyn.wedahirt.com/(Line 501) Message: Unsafe attempt to load URL https://elavegan.com/wp-content/plugins/simple-social-icons/symbol-defs.svg from frame with URL https://qnyn.wedahirt.com/. Domains, protocols and ports must match.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://c05f.app.slickstream.com/d/page-boot-data?site=TCETRM71&url=https%3A%2F%2Fqnyn.wedahirt.com%2F Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://c05f.app.slickstream.com/d/page-boot-data?site=TCETRM71&url=https%3A%2F%2Fqnyn.wedahirt.com%2F Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://qnyn.wedahirt.com/ Message: Access to fetch at 'https://raptive.cloud.optable.co/s-5c4a0f48df7d2523f3865730/v1/resolve?id=__ip__' from origin 'https://qnyn.wedahirt.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://raptive.cloud.optable.co/s-5c4a0f48df7d2523f3865730/v1/resolve?id=__ip__ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://qnyn.wedahirt.com/ Message: Access to fetch at 'https://raptive-auth.cloud.optable.co/s-5c4a0f48df7d2523f3865730/config?cookies=no&passport=&osdk=web-v0.18.12' from origin 'https://qnyn.wedahirt.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://raptive-auth.cloud.optable.co/s-5c4a0f48df7d2523f3865730/config?cookies=no&passport=&osdk=web-v0.18.12 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://qnyn.wedahirt.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=111' from origin 'https://qnyn.wedahirt.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=111 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qnyn.wedahirt.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.adthrive.com
ads.rubiconproject.com
api.rlcdn.com
app.slickstream.com
assets.flodesk.com
c.amazon-adsystem.com
c05f.app.slickstream.com
cdn.confiant-integrations.net
cdn.jwplayer.com
config.aps.amazon-adsystem.com
d9.flashtalking.com
elavegan.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
id.crwdcntrl.net
idx.liadm.com
lexicon.33across.com
logger.adthrive.com
match.adsrvr.org
mug.criteo.com
pixel.rubiconproject.com
prebid.sv.rkdms.com
qnyn.wedahirt.com
raptive-auth.cloud.optable.co
raptive.cloud.optable.co
raptive.solutions.cdn.optable.co
rp.liadm.com
rp4.liadm.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
api.rlcdn.com
elavegan.com
raptive-auth.cloud.optable.co
raptive.cloud.optable.co
104.21.34.185
142.251.163.155
172.64.144.166
172.67.219.11
18.214.198.116
23.205.2.235
2600:1f18:730:b130:8cf0:6828:70b4:e4a6
2600:9000:21a2:ae00:f:b2f5:a240:93a1
2600:9000:26a0:5600:1:a3fa:7cc0:93a1
2606:4700:10::ac43:1e71
2607:f8b0:4004:c08::61
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c19::9c
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::71
2607:f8b0:4004:c1b::9d
2620:100:a001::c
3.162.3.123
3.162.3.125
3.162.3.55
3.162.3.70
3.162.3.93
3.162.8.154
3.208.238.237
34.117.62.22
34.204.222.218
34.232.15.39
35.244.193.51
35.71.131.137
44.218.219.147
54.80.224.63
74.119.119.139
8.43.72.97
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
086081478b01082009deba687ac6f775550a05a83a4d2102997f33c8ccc53909
08b3343b189b69d6fc3eee89a075185e213d23aa3cef683b8761483ad7a02389
131127ef9e0f911ce5bb11c32902ea1e6e023b5ef820121362ada7261d2992af
14b087e1809ce77ea99f8505a2ebb6bc01f72a508ef42941a432eff7bdb779a3
154b47c6964c62744f6ec67aaf2aa51fa08c4ee15e1fba0f39e5097ba7fa2f3e
2558f2b4e82c9f06e30faf2991c26b050c71392c312efcc34aa33cbdf3e877ef
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27187ac63fc477f45ad9d9b9f2df384306aac1216d2babecf39991d07a3cb866
2b72d5acf3311c4528c36f4dcf6b8b36b9b7e3d5136d899b982847da214046e8
2f2ef1a173106efc9f1e2048ee2a1f0ecac78e166a57e83128776f565312357e
32a5408f7b51c8ca9563671f91d19ecedfcf6bbd56d378183f850be8d41676b4
41ecb8fd0d1474f9c108f5c08824dbbe7d7c81494268d0849abb76e5c6217400
42dbfed575e091b4f2776e21d5c77589bae13c648023884c76b3a97abf6034ad
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
4b6275c7977f0cd7698d38c7726149bbb2a9902d33e7dd48a192a889c19f5ab6
4b82e5c4363493733c9b4923a0de07058c40ce15e093727e4db91f106f31d754
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
527d94e79326df0e2649793225a3d244df20d3838ae26d024d31c62c40bb5d4f
579029729d9aa0471332dd5f6efec702eaa03c81b321d579ecb9767a123cfe00
5a318bc39ff98890d1f5f7f76d475e849cc0fdd08167e10f982fb540e348ddd7
5b5046170c8cf9396e192757180691ba4ea3b77e79ea8c578e973a139733931e
6118fd03d29d845d696a1d07f7571abba1815a81671d1c6843a8d25e98db64b3
62160f8005b05333e788cdc838dcddedf2039a7f8084ab5926d11651b4bcdd84
689b73bfdbec6e41e162f52507257b5da67eb295221ef27709ba191a147fa44b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca663ffc7d06bb83d81ed5f74d2d361311b0bbcead435e028e6801dca3eebb0
7037a5d4dc383e11587917f79463bfc343f90db5176423a68e37337bb2d71c34
73351bb42cb7827d0cd08c5d5832140700139b86eb6dd9a49047017924cb3ed0
73e8fdebeab4f384cac905005edbc1b1cc6c9fcbd18c111103d5066401abdded
81dccb534668d0dabaa1072cd613a225dac50b3fbd7860b0892c801c3cf81c22
8200eb53b0e2352b9c69352a4814d80b815ebf478c809703bb0749f49db73f1f
82e882f364674f721366ff2327ad708099edb3558a59d88e47f4ada71e98a90e
83fb5073665d9434da512303204b7628f0e5905071c54bb50f0d46bf807b1963
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
88f116ba056906ac7e8a1a0d81f00d98c25333916db6056a0223023cb81ed655
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8d57fe3f182565f5f6cc6661e0994d2df9d9c1e20dfb1d29f6c5b11179ff1d0b
8e9e81cb25e51540f634b756f7d11b9afa655db5f8b4f010b11aadb017e5fe9a
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde
a8ffbeb9d1a186b20d139ad911064c9964f7487af70bb0c9ffe42238a3d6eae0
ab44298813dea1bd79e89597246fee98361865341d9b71f876dbc8af50eb445c
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
b150df0ef06a6ada1804d556dd818c08f1d46d5b6dd4b836bd37479321d1974d
b1997dab216a1ae3a6865fed352a6e580a0b7d87963556fed51daed631f6dcdf
bdfaef7c2a5c2976bfc54cb8e2ecc85dd2ea30fbf6d684df401784162573c619
be7fd4d9cdb784adad3aa8885628e9827d266f6849e12dacf4d2f7726669be05
bfc44eee13232956957aae6b0253f58d972859ee7f23e0ac1ce278e04cf045c3
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce553a41c636bcfab50182fff04309b3f6f0ddd0eabaf7d47ea42cbb25f55c12
cfb2015c82008603d32d160206da7dd449b9b40f117e9447c073a21b0a41168f
d49807b82df3473f7bf5aea47f2740ff0abc9106dae4c8b062078cd1759eecaa
d5bb8e9097a2f622718cd4922fe78ee9957d7710c58adb81e119a48ce9ed9791
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfb68bc709122cda47b089a7cbfc544f58e051eb1e6c2087031a14e1448577b8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e891eb06a161eeaeb6a86f3279292fdc0298828e9f6bae509239b1e436a5a4
e87fae513e6e1131b3e31ee29432369213572321cd3c26a3d1d0f7e9f25163a8
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f1518fd7723629e87aee24c3b4a843d49b6e833c8530e5960851e28e70432eaf
f452ae95fbcd3d99bf0951675e5ee7f8810b25b9f0cc271edfe48c58c505ab9d
f739e7f5e340d8eb57747a469f3e46a1b0bd6f1374617964583fd0240c1ef539
f9e4fc03c40413a48076e9068524a8d62ecc91233803d033f26bd79b43ac44c2

qnyn.wedahirt.com Open in urlscan Pro 104.21.34.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

82 Requests

80 %HTTPS

33 %IPv6

25 Domains

35 Subdomains

33 IPs

2 Countries

1940 kBTransfer

5136 kBSize

54 Cookies

30 Outgoing links

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

qnyn.wedahirt.com Open in urlscan Pro
104.21.34.185 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

80 %
HTTPS

33 %
IPv6

25
Domains

35
Subdomains

33
IPs

2
Countries

1940 kB
Transfer

5136 kB
Size

54
Cookies

82 HTTP transactions
0 data transactions