Submitted URL: http://tuhishair.com/blog/g3h/
Effective URL: https://tuhishair.com/blog/g3h/
Submission: On November 30 via manual from CL

Summary

This website contacted 13 IPs in 3 countries across 11 domains to perform 56 HTTP transactions. The main IP is 2606:4700:3031::6812:3882, located in United States and belongs to CLOUDFLARENET, US. The main domain is tuhishair.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 19th 2020. Valid for: a year.
This is the only time tuhishair.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
35 tuhishair.com 1 redirects tuhishair.com
4 pagead2.googlesyndication.com tuhishair.com
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com tuhishair.com
1 fls-na.amazon-adsystem.com tuhishair.com
1 ws-na.amazon-adsystem.com z-na.amazon-adsystem.com
1 aax-us-east.amazon-adsystem.com z-na.amazon-adsystem.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 z-na.amazon-adsystem.com tuhishair.com
1 fonts.googleapis.com tuhishair.com
56 16

This site contains links to these domains. Also see Links.

Domain
www.tuhishair.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-19 -
2021-10-18
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
z-na.amazon-adsystem.com
Amazon
2020-01-09 -
2021-02-09
a year crt.sh
*.gstatic.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.googleadservices.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.google.de
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.google.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
aax-us-east.amazon-adsystem.com
Amazon
2020-06-15 -
2021-06-15
a year crt.sh
ws-na.assoc-amazon.com
Amazon
2020-04-10 -
2021-03-16
a year crt.sh
fls-na.amazon-adsystem.com
Amazon
2019-12-31 -
2020-12-24
a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh

This page contains 5 frames:

Primary Page: https://tuhishair.com/blog/g3h/
Frame ID: C3215EF578F5E0B115CB73FB45291819
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html
Frame ID: 79C3BCD3EFAB87129BA72CB81CC13AC9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4303069395748361&output=html&h=280&slotname=4419032400&adk=1161283941&adf=2772626519&pi=t.ma~as.4419032400&w=1200&fwrn=4&fwrnh=100&lmt=1606744770&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftuhishair.com%2Fblog%2Fg3h%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606744770046&bpp=15&bdt=1231&idt=78&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7373101706219&frm=20&pv=2&ga_vid=913483323.1606744770&ga_sid=1606744770&ga_hid=30826722&ga_fc=0&iag=0&icsg=2357903&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=43817830607907&pem=785&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=Ps9CvQRnhq&p=https%3A//tuhishair.com&dtd=104
Frame ID: 181D5C81D1CD50E9D70D9F17D9C33C36
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4303069395748361&output=html&adk=1812271804&adf=3025194257&lmt=1606744770&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Ftuhishair.com%2Fblog%2Fg3h%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606744770534&bpp=1&bdt=1719&idt=1&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92286cfac3aa7c63-22a261a87da60002%3AT%3D1606744770%3ART%3D1606744770%3AS%3DALNI_MaWRRTP1__O4EJCSIZ4CqxqtpFI7w&prev_fmts=1200x280&nras=1&correlator=7373101706219&frm=20&pv=1&ga_vid=913483323.1606744770&ga_sid=1606744770&ga_hid=30826722&ga_fc=0&iag=0&icsg=588387713023&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=43817830607907&pem=785&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=8
Frame ID: 60B3DE191D1138940879B9E38E0A6AA1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: CDE3B086E10BF0583BBB0793CD4364EE
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://tuhishair.com/blog/g3h/ HTTP 301
    https://tuhishair.com/blog/g3h/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

56
Requests

100 %
HTTPS

62 %
IPv6

11
Domains

16
Subdomains

13
IPs

3
Countries

522 kB
Transfer

1363 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tuhishair.com/blog/g3h/ HTTP 301
    https://tuhishair.com/blog/g3h/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
tuhishair.com/blog/g3h/
Redirect Chain
  • http://tuhishair.com/blog/g3h/
  • https://tuhishair.com/blog/g3h/
50 KB
12 KB
Document
General
Full URL
https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e742b6710497438a385bff1ca64869286b4ed3a00f1feb6d47d30b17e9807c1d

Request headers

:method
GET
:authority
tuhishair.com
:scheme
https
:path
/blog/g3h/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:28 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dacc39b60e58383db53844104f3561d9b1606744768; expires=Wed, 30-Dec-20 13:59:28 GMT; path=/; domain=.tuhishair.com; HttpOnly; SameSite=Lax; Secure
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
link
<https://tuhishair.com/wp-json/>; rel="https://api.w.org/"
cf-cache-status
DYNAMIC
cf-request-id
06bb0c971b00002c4241376000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e70MIL2ZiCU5Tud%2F3qx%2Fcp38f2LT77WBuTixysNTIn6vqs8gNU1NMddrRycQL%2B62keOiOIDghX5E3OLMsWF6D01uot8N9yXjjE5L0Z6%2BxD0p1a%2BStOzHnQK1"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5fa516d1cfeb2c42-FRA
content-encoding
br

Redirect headers

Date
Mon, 30 Nov 2020 13:59:28 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Mon, 30 Nov 2020 14:59:28 GMT
Location
https://tuhishair.com/blog/g3h/
cf-request-id
06bb0c96e8000017528d2e5000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MBmoV3%2FN7H1zub2RcTpzaTCtULidlR%2BywBXuRz2FqESonTfzsIETeai3Mdgv%2BvOFH9rxqk8C6Y2zgtWXoml24jHnwbE7GRBZFbS5Hyqv7vvRMniMQxUgYJeK"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5fa516d17a241752-FRA
rhicons.woff2
tuhishair.com/wp-content/themes/rehub-theme/fonts/
24 KB
24 KB
Font
General
Full URL
https://tuhishair.com/wp-content/themes/rehub-theme/fonts/rhicons.woff2?leryx9
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66eb7a1aa8809b9701c42fa4c879f7bc97c9b7ee5c33e9654c6c19e2d04de7eb

Request headers

Origin
https://tuhishair.com
Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:29 GMT
cf-cache-status
MISS
last-modified
Sat, 05 Sep 2020 19:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fMBiUGhErojoXdOOMQ6QkvTkyl3u7jwA8EALVXUebnEizJQxKf10IJNdf8Qr3ROizlWS2yaG8eP1AAX1FljN4ubXa06m1fkJB77hBYZ%2B8qK%2BZtmwPQqQDPn5"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fa516d5285f2c42-FRA
content-length
24168
cf-request-id
06bb0c993600002c42bf31f000000001
style.min.css
tuhishair.com/wp-includes/css/dist/block-library/
53 KB
7 KB
Stylesheet
General
Full URL
https://tuhishair.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 28 Aug 2020 03:30:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9VL3uFapxtNqmlgT%2Fu1gQdfeIblZOKXaJWgBXcJrTAAUE4qgXYDBor2%2BTzCKjQSBSv6t6qY8qTkEsk0I8KEGmiJV1GMqjlFbE44NtcJDOFnJR%2FRvPKOQTDD0"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5fa516d528602c42-FRA
cf-request-id
06bb0c993600002c427d987000000001
styles.css
tuhishair.com/wp-content/plugins/better-click-to-tweet/assets/css/
2 KB
792 B
Stylesheet
General
Full URL
https://tuhishair.com/wp-content/plugins/better-click-to-tweet/assets/css/styles.css?ver=3.0
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac588a22069fd96f7979ef0eb66728f0c45d9594c49bea515afe79d229591cdd

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 10 Aug 2020 08:42:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gb9ruHoD0%2F7ojyXiloWEWwOIsJX8vQ5ow3J8QYA%2F%2FbXXG7dPVRp25Wn%2BYKeQ4u8qAGMXtwU9ZnsS%2BxP8jCHJgFh%2B0Dhr%2BcF%2FzSwSgbsKY5Y8HXkI92m6Yca%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5fa516d528612c42-FRA
cf-request-id
06bb0c993600002c42420db000000001
css
fonts.googleapis.com/
2 KB
645 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans&subset=latin%2Ccyrillic-ext&ver=5.5.3
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 Nov 2020 13:55:07 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Mon, 30 Nov 2020 13:59:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 30 Nov 2020 13:59:28 GMT
style.css
tuhishair.com/wp-content/plugins/table-maker/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://tuhishair.com/wp-content/plugins/table-maker/css/style.css?ver=1.9.1
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d78b7e2a95556cd06c060df2f85c20a6d879aa37fb25f5bac962001dce0ceb7a

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 10 Jun 2018 05:19:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6SP0dVTTNPNAN%2Fd%2FxgBHnD5r6ADBNSGO%2BL3gGybhQs9ev3lL66uatWWX5NvXfNASPOmhBQfX1KV2inxZmIK8tKpV1Bt2qntzO9uKqqIY0agJe163APhWHYe%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5fa516d528622c42-FRA
cf-request-id
06bb0c993700002c429317e000000001
style.css
tuhishair.com/wp-content/themes/rehub-theme/
277 KB
54 KB
Stylesheet
General
Full URL
https://tuhishair.com/wp-content/themes/rehub-theme/style.css?ver=5.5.3
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19160c79ee64623f2960281f7ba83aa7c31fb203fb5bdab1b0c4c449008db1e3

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 17 Oct 2020 04:27:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cSN0xttuaZdty3%2BMaAuwSkifY0%2Fw8yirjsX7WOmTj%2FzRZz%2FnK%2FAdQ2OALAfBVXc5%2BR4Sg3wC2AWnVyGtGMgA1O4YEJYjU15puktTLBx4uVOUVVKg%2F%2Fwd3uQf"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5fa516d528642c42-FRA
cf-request-id
06bb0c993700002c423eb7a000000001
style.css
tuhishair.com/wp-content/themes/rehub-blankchild/
7 KB
2 KB
Stylesheet
General
Full URL
https://tuhishair.com/wp-content/themes/rehub-blankchild/style.css?ver=12.9.6
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dba633c1727089dd55e79e8e3eedaf637d2ed2517424450fb9ba8222fb602522

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 21 Mar 2020 13:25:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c5jcHx2gfe4KPSCHGW4dc3NJREdNoqICqsqDAGjgiNZ4EG70SolLzqLhgZoxvTd91gc2BmRMy9YU6MI0oYOd5gR8sf7WxvnQ2Rtwu7Io2Cjxn82wrYs6eOpj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5fa516d528652c42-FRA
cf-request-id
06bb0c993700002c4260974000000001
responsive.css
tuhishair.com/wp-content/themes/rehub-theme/css/
14 KB
4 KB
Stylesheet
General
Full URL
https://tuhishair.com/wp-content/themes/rehub-theme/css/responsive.css?ver=12.9.6
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cea485dfc0215657974d9cf5776f2f2b902bb334b1cfec2f2971f967f8d80a5

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 03:01:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O5Ro6OL36rui3CfBCQhhWrVgkwv%2BEhO2VyKNWZmu71Tm3n8pZMFW3QAEgVWcrph7lu696azLpkV%2FPuM2cJoKGjkpbc73kl8LGARhcy3w9KSoDMJ6fSDZtaFW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5fa516d528682c42-FRA
cf-request-id
06bb0c993700002c42ab026000000001
iconstyle.css
tuhishair.com/wp-content/themes/rehub-theme/
9 KB
2 KB
Stylesheet
General
Full URL
https://tuhishair.com/wp-content/themes/rehub-theme/iconstyle.css?ver=12.9.6
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bd698c19e8fd8fe5c267c9f2c332d43e418decf8574c9ea24b33a9ba040f8eb

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 19 Aug 2020 05:26:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PIHLkwJvJHdwsYqaigFz2s52O5evtWWfNrNo0tif%2F6oS40Hq3GBWjcTUbo360wzCT3hKLlRA%2BEvHuaz6TeADtEN0ppU%2Bb4ZDkB%2BVJZScR0YYr1ul8qRwby0%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5fa516d528692c42-FRA
cf-request-id
06bb0c993800002c4248278000000001
frontend.min.js
tuhishair.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/
9 KB
3 KB
Script
General
Full URL
https://tuhishair.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.12.3
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 19 Oct 2020 17:52:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=18XwmW3zAAGybI22TYLXe31lfkHQJLSohG%2Ffi9cheN3eFFV5LoKZaSrgraQ44g4OkZMcjPPzSeppRwx4Sl9ouYrlp%2FVyDU5R9kvlpcdCVIEHcqU6ItMa%2F3mg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5fa516d5286e2c42-FRA
cf-request-id
06bb0c993800002c42b9229000000001
jquery.js
tuhishair.com/wp-includes/js/jquery/
95 KB
32 KB
Script
General
Full URL
https://tuhishair.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 17 May 2019 13:55:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RXp%2Bv%2FZSkXZ49JFn27RpJurTpk05904b3ZKxa7vtWKXWH8NaDefI7iYT7G7WvakaSwwPbJgbxi7ksHlTS%2BriAaS26B%2F9sljW7ViHlLtkMrK%2BJrQ%2B4GfWGc1P"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5fa516d5286f2c42-FRA
cf-request-id
06bb0c993800002c4282263000000001
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
608
date
Mon, 30 Nov 2020 13:49:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Mon, 30 Nov 2020 15:49:21 GMT
wp-emoji-release.min.js
tuhishair.com/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://tuhishair.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 16 Jun 2020 03:34:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sV0XC3S1H8EibjA0q0k%2BBqSJz6bh7LGOZRAoPK%2FLQ0btKe7jxIlJnZJ1Ww2SDZoN55CjFp6wUFV1SZalwAUsTyhv311kESDOzjd6JpOmHWTOZADOu3MlAEo5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5fa516dc59782c42-FRA
cf-request-id
06bb0c9db600002c429717a000000001
Tuhis-Hair-Logo.png
tuhishair.com/wp-content/uploads/2018/12/
2 KB
2 KB
Image
General
Full URL
https://tuhishair.com/wp-content/uploads/2018/12/Tuhis-Hair-Logo.png
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c93717c1b73e15805a5ebb825a0f83c3cf32d384ea7deff1e813fdbe0825bba7

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
cf-cache-status
MISS
last-modified
Sat, 29 Dec 2018 14:02:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k3lVZDFM5OKtaTFvRWAnmhrWjfYq96p5uyVnDRvOXZq3QbLS9GInmFwOzJKN9pOi78n7oRYlVHUMZdF9ALBvKT8qHEFwbymhfdUbojUd99fgiEDrSCCptMTf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fa516dc59792c42-FRA
content-length
2236
cf-request-id
06bb0c9db700002c4241014000000001
Tuhis-Hair-menu-logo.png
tuhishair.com/wp-content/uploads/2018/12/
1 KB
1 KB
Image
General
Full URL
https://tuhishair.com/wp-content/uploads/2018/12/Tuhis-Hair-menu-logo.png
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17383f361d4ba6f05f5c07e7e9728f8224708507b25a4cb67620ca0e96c7e96b

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
cf-cache-status
MISS
last-modified
Sat, 29 Dec 2018 14:06:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FblnSJXwPxgP%2FkyaIvL0%2F6BcWygNyZBC62u%2BEu7zRsqsZ4snYxvO0ji0sbEtHRsKj3LLFPeciBQMnfZMXIIhhfpQKixEG2Pcb3mDr%2BkluHbC7ZB895wxQ8An"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fa516dc597b2c42-FRA
content-length
1027
cf-request-id
06bb0c9db700002c42aa32b000000001
noimage_123_90.png
tuhishair.com/wp-content/themes/rehub-theme/images/default/
350 B
779 B
Image
General
Full URL
https://tuhishair.com/wp-content/themes/rehub-theme/images/default/noimage_123_90.png
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1901fd31625ccc357711d4e7c1458d032acd1ed6482304b66db5388f37f074c9

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
cf-cache-status
MISS
last-modified
Fri, 06 Mar 2020 22:15:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Tv%2BgKYSj7AC71wCwxp2XOf8oQu%2FMV11PQlqyHfS5S3kLrPyEeq8gJF3heXGeTsOvopkYfQuTf4kMuUfjLRsmKsTSYQ4lxk8Ra3oKbx4OJHtQRAzRtKfQa%2FqZ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fa516dc597c2c42-FRA
content-length
350
cf-request-id
06bb0c9db800002c42bb054000000001
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
129 KB
44 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66de80f5c91d14f0c4d222a82eea52a01ab8d8e907f3df2e08a7c4bc1d4ec33d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
45286
x-xss-protection
0
server
cafe
etag
14933426052519692593
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 30 Nov 2020 13:59:29 GMT
onejs
z-na.amazon-adsystem.com/widgets/
22 KB
8 KB
Script
General
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=6666dc40-c4ee-4388-9595-7853e9c331bd
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.101.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-101-72.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
60580bde9e0a32feef550ca47e15262917da9a074369ae0212be0f23a080db25

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
Public
date
Mon, 30 Nov 2020 13:59:30 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
content-length
7289
via
1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
x-amz-cf-id
z4Uxf9WvfvKADQ4MNRA4yezegMpAO8_fAPfbRXcTC6u1Fa3xU0ISIA==
expires
Mon, 30 Nov 2020 14:04:30 GMT
inview.js
tuhishair.com/wp-content/themes/rehub-theme/js/
1 KB
1004 B
Script
General
Full URL
https://tuhishair.com/wp-content/themes/rehub-theme/js/inview.js?ver=1.0
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fb896d59ab96b495498601fb1a0b126b53057ac7583e9ad13b319a3e532a943

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 25 Dec 2019 23:05:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hMPK7DLqM8INCOBIqPgYYNSscF8lGHwfSqcWDQI%2FNVX56CrthCe4JRevPPBmwnE9V6V1IXYbAF7UAzmBm05eBRNxwYRmGG6jCKiD1GWZi01UFObV1TUD%2FMpI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5fa516dacd462c42-FRA
cf-request-id
06bb0c9cc000002c42bb03b000000001
pgwmodal.js
tuhishair.com/wp-content/themes/rehub-theme/js/
4 KB
2 KB
Script
General
Full URL
https://tuhishair.com/wp-content/themes/rehub-theme/js/pgwmodal.js?ver=2.0
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf15e80eb4cf24133f6d6e76bdffd4bf24f773da5dfaa8e556b8ab50a2958e0d

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 16 Aug 2020 00:17:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5XMhB3ZJFv%2BLysvKhPgbRb5eLApCapK%2FiLYmsE8kfRkF97x%2FAB%2FOmutfFC%2FAhvHMiDX5GCx5PQ1sL%2F5c5gvN%2BFXZtXRO%2F04wvwQ3SxqeVdkRq364ZxJdLVrs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5fa516dc39242c42-FRA
cf-request-id
06bb0c9da600002c428a1c8000000001
unveil.js
tuhishair.com/wp-content/themes/rehub-theme/js/
7 KB
3 KB
Script
General
Full URL
https://tuhishair.com/wp-content/themes/rehub-theme/js/unveil.js?ver=5.2.1
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
249f3056b3c4d96ec62da6090bfd34ef5c9e6dcdff3e451c68abfab90e9f2c6c

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 30 Jun 2020 05:10:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ay5P36VyRSDURZUtx7SKnA6sjguVkjjBxIKNEm4%2B2qMsFmo301lSWjDqhebmDt2qmTIx1jiakHEqIEwc%2F%2BQy6O1tEcbxcj0fhNPASPvJBUEwVgllBNKSc3Kh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5fa516dc59682c42-FRA
cf-request-id
06bb0c9db500002c42c392b000000001
hoverintent.js
tuhishair.com/wp-content/themes/rehub-theme/js/
2 KB
1 KB
Script
General
Full URL
https://tuhishair.com/wp-content/themes/rehub-theme/js/hoverintent.js?ver=1.9
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aa0ade0cef3950e0fc00be272fe21ae4cb9914e711ef6245129026a14b4b044

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 25 Dec 2019 23:05:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ngWREmgzOXhQ9DgHou7F%2FWK%2F4ckM7PUH1eyyYbJ6i%2FptlllUTiuCrCOHryl64YktcoK66YqUS6EuAyMxcGwq8edYme6jieiuxZdVPdRZoG1YWyszTgihbfMB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5fa516dc59692c42-FRA
cf-request-id
06bb0c9db500002c4278bbd000000001
niceselect.js
tuhishair.com/wp-content/themes/rehub-theme/js/
3 KB
1 KB
Script
General
Full URL
https://tuhishair.com/wp-content/themes/rehub-theme/js/niceselect.js?ver=1.0
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d96bc0f6c19228776d0dbf7955e6f9c5400b115512bbdeb85c5a4838b8fca911

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 25 Dec 2019 23:05:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OuKcT8s4ZLB6ngvzcX%2BH5QuSyPE4ch9rWcUxhUam3bXnClWe0SWuK1KWyVq1omVLGAKC7F%2FqAfNwnb7SgqrX4xJSBA6RVJLp5W4Ixz47StVj3R7KbWR5AwFN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5fa516dc596b2c42-FRA
cf-request-id
06bb0c9db500002c426b239000000001
countdown.js
tuhishair.com/wp-content/themes/rehub-theme/js/
4 KB
1 KB
Script
General
Full URL
https://tuhishair.com/wp-content/themes/rehub-theme/js/countdown.js?ver=1.1
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
994d0de6d99babae820ef2766c74f3af3d0d54d06dfdaab0fa56ea4cdb2b2a34

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 27 Sep 2020 02:12:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B1XscMQF8L6cFe1lsrNrENEyF%2FzGbAk90j6ns6SJc29qvKZdWpG7tdQ%2F6shZF5wF54TQdQc3nL43SWik37DoMax0jtNjtvfo7FE7LhGZXqi6sjfDtf%2B4481D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5fa516dc596e2c42-FRA
cf-request-id
06bb0c9db500002c42ab08d000000001
custom.js
tuhishair.com/wp-content/themes/rehub-theme/js/
105 KB
19 KB
Script
General
Full URL
https://tuhishair.com/wp-content/themes/rehub-theme/js/custom.js?ver=12.9.6
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
420da7659a081e65a054706cacc3a35bb19252cf50f845671e09a9066ac50ba9

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 27 Sep 2020 08:08:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XqUcR4aRPGTFr7ND0STMlofNxYCSFrqrpUhUqkkHENO4YwnXCA4PPMu9Zc8j8Be1hhqivbimudIsKqm%2BT93sPZtwPZ2LIVSDeFFN2Fug%2B7fi%2FMXjO1GVcEsy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5fa516dc596f2c42-FRA
cf-request-id
06bb0c9db600002c423d2ed000000001
jquery.sticky.js
tuhishair.com/wp-content/themes/rehub-theme/js/
11 KB
3 KB
Script
General
Full URL
https://tuhishair.com/wp-content/themes/rehub-theme/js/jquery.sticky.js?ver=1.0.5
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44bd7a654d97c00bbda4740196a9e0bf1a5e47c878c0ecec36515b18965d1f29

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 25 Dec 2019 23:05:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MP0fHHMTr9n4lpNZbK7punoRTlnMNxyw97w8J56htXR5qay4dqrc64mrAaJoo7CniTwWK0OZwdvnsQTr6bVb9wqVfQ0FaY7P7i%2BALcY6DbxykSrq4Mjc35fu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5fa516dc59732c42-FRA
cf-request-id
06bb0c9db600002c428e2d0000000001
wp-embed.min.js
tuhishair.com/wp-includes/js/
1 KB
952 B
Script
General
Full URL
https://tuhishair.com/wp-includes/js/wp-embed.min.js?ver=5.5.3
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 26 Oct 2019 09:47:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c6N0hyW83ScBJMcSItu34z7iqbnrUn2%2FOoNLqwXxR%2BAYI%2BLlAdlCMBdXvbLSiXyiYujFcD6xpuDd8%2FjDOKTERGq3C8JqOWsPIPh0urKmoLelCBHBEQHeIM5e"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5fa516dc59742c42-FRA
cf-request-id
06bb0c9db600002c423ebed000000001
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&subset=latin%2Ccyrillic-ext&ver=5.5.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://tuhishair.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans&subset=latin%2Ccyrillic-ext&ver=5.5.3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 24 Nov 2020 11:20:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
527932
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Wed, 24 Nov 2021 11:20:37 GMT
collect
stats.g.doubleclick.net/j/
1 B
83 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-104172852-1&cid=913483323.1606744770&jid=1424523576&gjid=1014394322&_gid=1199428779.1606744770&_u=YGBAgUABCAAAAE~&z=552374673
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 30 Nov 2020 13:59:30 GMT
content-type
text/plain
access-control-allow-origin
https://tuhishair.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
120 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=30826722&t=pageview&_s=1&dl=https%3A%2F%2Ftuhishair.com%2Fblog%2Fg3h%2F&dp=%2F404.html%3Fpage%3D%2Fblog%2Fg3h%2F%26from%3D&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Tuhis%20Hair&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABC~&jid=1424523576&gjid=1014394322&cid=913483323.1606744770&tid=UA-104172852-1&_gid=1199428779.1606744770&did=dZGIzZG&z=116324228
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Nov 2020 19:23:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
66958
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/
231 KB
87 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88601
x-xss-protection
0
server
cafe
etag
4353532171737760018
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Nov 2020 13:59:30 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/ Frame 79C3
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201112/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tuhishair.com/blog/g3h/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://tuhishair.com/blog/g3h/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 30 Nov 2020 00:54:52 GMT
expires
Mon, 14 Dec 2020 00:54:52 GMT
content-type
text/html; charset=UTF-8
etag
5228831996244654541
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4745
x-xss-protection
0
age
47078
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/
203 B
260 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=tuhishair.com&callback=_gfp_s_&client=ca-pub-4303069395748361
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
63a5202a15222e461068b2c94b23e0e9c9652e81080fa1082c8aff63d5c29589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
109 B
169 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=tuhishair.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 30 Nov 2020 13:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
169 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tuhishair.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 30 Nov 2020 13:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 181D
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4303069395748361&output=html&h=280&slotname=4419032400&adk=1161283941&adf=2772626519&pi=t.ma~as.4419032400&w=1200&fwrn=4&fwrnh=100&lmt=1606744770&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftuhishair.com%2Fblog%2Fg3h%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606744770046&bpp=15&bdt=1231&idt=78&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7373101706219&frm=20&pv=2&ga_vid=913483323.1606744770&ga_sid=1606744770&ga_hid=30826722&ga_fc=0&iag=0&icsg=2357903&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=43817830607907&pem=785&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=Ps9CvQRnhq&p=https%3A//tuhishair.com&dtd=104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4303069395748361&output=html&h=280&slotname=4419032400&adk=1161283941&adf=2772626519&pi=t.ma~as.4419032400&w=1200&fwrn=4&fwrnh=100&lmt=1606744770&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftuhishair.com%2Fblog%2Fg3h%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606744770046&bpp=15&bdt=1231&idt=78&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7373101706219&frm=20&pv=2&ga_vid=913483323.1606744770&ga_sid=1606744770&ga_hid=30826722&ga_fc=0&iag=0&icsg=2357903&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1327&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=43817830607907&pem=785&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=Ps9CvQRnhq&p=https%3A//tuhishair.com&dtd=104
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tuhishair.com/blog/g3h/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://tuhishair.com/blog/g3h/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 30 Nov 2020 13:59:30 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 30-Nov-2020 14:14:30 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 30 Nov 2020 13:59:30 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1605702985553312"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28207
x-xss-protection
0
expires
Mon, 30 Nov 2020 13:59:30 GMT
4c2-1wjiaj4gn1uud7fr0toumkmb2i5im1qkrg400x2jwkj8.jpg
tuhishair.com/wp-content/uploads/thumbs_dir/
13 KB
13 KB
Image
General
Full URL
https://tuhishair.com/wp-content/uploads/thumbs_dir/4c2-1wjiaj4gn1uud7fr0toumkmb2i5im1qkrg400x2jwkj8.jpg
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee1a3416f68a8cd7aaf658fc3056e2bb4d8c6cc695654706d9bd8626626f94d

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Oct 2020 08:40:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n1pniUNKDOPEsr7jPHXuRygOxjLGYBt8ou3gnAiH74EoQBSbxQPD4zrwaFy7r8BAM0zb%2BRkQtpf8q8Mpc7gmUcmCHi8g74sFDQ5YtvlhPk1XAOr%2FSznKWQfG"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fa516dec9302c42-FRA
content-length
13170
cf-request-id
06bb0c9f3900002c423d326000000001
Best-Clip-in-Extensions-for-African-American-Hair-1whvysm092z4ovx6rbrwu24ee9zj5w6hbpt6n3vcxwj8.jpg
tuhishair.com/wp-content/uploads/thumbs_dir/
10 KB
10 KB
Image
General
Full URL
https://tuhishair.com/wp-content/uploads/thumbs_dir/Best-Clip-in-Extensions-for-African-American-Hair-1whvysm092z4ovx6rbrwu24ee9zj5w6hbpt6n3vcxwj8.jpg
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fd067d280fd43d3bfa7b25f4d4dd7e8bcc2f04b5528935d279905ff1a4032a8

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Oct 2020 08:40:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FMtHcIjSs6dbjkJOWzo9cmye6w2bIjjQETM0EolHqjX%2BRkVnRHWYfDyL6Mpjw2icju8WmYk%2FIybROepDFjhCz9T2YFAAa9%2B4vmM8pzpgoQo4ONSOgUDNkegu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fa516dec9322c42-FRA
content-length
9955
cf-request-id
06bb0c9f3a00002c42bf3a3000000001
best-hair-color-for-African-American-gray-hair-1whkgvtxdlz338sqh2zx8n45nxg8w1nr15sp91s87awk.jpg
tuhishair.com/wp-content/uploads/thumbs_dir/
12 KB
12 KB
Image
General
Full URL
https://tuhishair.com/wp-content/uploads/thumbs_dir/best-hair-color-for-African-American-gray-hair-1whkgvtxdlz338sqh2zx8n45nxg8w1nr15sp91s87awk.jpg
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0e5ada0b2a53fccf3e4b9dfa11bbfda913268d055246adadad094749ec8f8ad

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Oct 2020 08:40:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=En1iUnIxWQC25qCVB9lOwyN7wCPqziUUfE76eLYeScp%2Fr1IAmn4CVu27VfwejSekUbKhy6KmsyXWuB1TYDC%2FMQ3wqE22%2F3cH2VnY0i5qWxxfWLMxEjcm2Wx6"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fa516dec9332c42-FRA
content-length
11853
cf-request-id
06bb0c9f3d00002c4293228000000001
4c5-1wfl3ev3crswg2h3v7k1n74ujl06q2ujkj6kicb81m9g.jpg
tuhishair.com/wp-content/uploads/thumbs_dir/
15 KB
15 KB
Image
General
Full URL
https://tuhishair.com/wp-content/uploads/thumbs_dir/4c5-1wfl3ev3crswg2h3v7k1n74ujl06q2ujkj6kicb81m9g.jpg
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e96e8e7f2f90e4cac9112a23479d298bf3a1ab5492ff807520b61251f8bb0d03

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Oct 2020 08:40:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jPclMFXScpD6RRYTsXN1ol7C29LxaSSPI2MzTkiwXOzv3zB%2B%2FIpOMx6itRe3MPBiDbYxTUIxFE8G3JTYXY4p0Ec41UhA0i9PeDdRzqsCZvAyFeBJOowIqihj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fa516dec9422c42-FRA
content-length
15453
cf-request-id
06bb0c9f3e00002c427b233000000001
4c1-1wffijjl8773pwis39c1sv1l4zgnuq9tfct24llm899w.jpg
tuhishair.com/wp-content/uploads/thumbs_dir/
13 KB
14 KB
Image
General
Full URL
https://tuhishair.com/wp-content/uploads/thumbs_dir/4c1-1wffijjl8773pwis39c1sv1l4zgnuq9tfct24llm899w.jpg
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
988025244e8ec3e871ad4d4e172f7d2191a2b9f8c5ced9137b736ae69b0aff69

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Oct 2020 08:40:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T%2BpGxN5FXcDEwWwrcKdCQZrKDScoUipewaA368k8CmpDFAvJSTkQYrxUyQbDkeKQL%2BHMpIQdUuw9RnvObZmMIqfKjdORDRzClbEYZgRRSZAPXnJQUNzm31Nd"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fa516dec9442c42-FRA
content-length
13549
cf-request-id
06bb0c9f3e00002c42aa358000000001
4c7-1wfa323ar7gp0b8um9euvaj593vlbybq9tzfz6ek9kac.jpg
tuhishair.com/wp-content/uploads/thumbs_dir/
16 KB
16 KB
Image
General
Full URL
https://tuhishair.com/wp-content/uploads/thumbs_dir/4c7-1wfa323ar7gp0b8um9euvaj593vlbybq9tzfz6ek9kac.jpg
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
595d34b744f60703b30792764223e82703a086fd6dbfe0aec9ee22fbdf740bc1

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Oct 2020 08:40:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k8n2hujNKXX0VdERktH%2B5kvVpSDNI%2FlYwKOn%2FJz5JUfhfgqS3LhLtIEwAhJRLJkPc681RisnKC1%2Bca3BMlOTQISq7u9osUkbqCGC5W7zqv5E%2BI3Afjgk0iVv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fa516dec9502c42-FRA
content-length
16424
cf-request-id
06bb0c9f4100002c429fbff000000001
Best-Shampoo-For-4C-Natural-Hair-1we356kwe8raz0gvwvyo5yfvuy7p1zfj6lwudyze2n04.jpg
tuhishair.com/wp-content/uploads/thumbs_dir/
10 KB
11 KB
Image
General
Full URL
https://tuhishair.com/wp-content/uploads/thumbs_dir/Best-Shampoo-For-4C-Natural-Hair-1we356kwe8raz0gvwvyo5yfvuy7p1zfj6lwudyze2n04.jpg
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b1563bab8bc30d80ab023af09432563eb8d4cd4cb8d2b2617806311398343a

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Oct 2020 08:40:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=By2AtWzv8rEOIqqjw1zXUxKcWSzRdmjE8k5%2B6DiCRuFNBfAnWolphliTVVx1F2xEDpIFZ%2FURnvf0c%2FHEEm9%2Btma7SLvcUZ0jk%2FTu6ECokQcHIy0JvrTBALLE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fa516dec9542c42-FRA
content-length
10512
cf-request-id
06bb0c9f4200002c4252aa9000000001
Best-Hair-for-Box-Braid-1wdz6gumjv7h1fmu4idfu8dglifsubxjnpudxjuxjrhw.jpg
tuhishair.com/wp-content/uploads/thumbs_dir/
12 KB
13 KB
Image
General
Full URL
https://tuhishair.com/wp-content/uploads/thumbs_dir/Best-Hair-for-Box-Braid-1wdz6gumjv7h1fmu4idfu8dglifsubxjnpudxjuxjrhw.jpg
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b28b954cdcf82aa729be1eafe9a376c287531aec4d69848c939c019c5d4c59e4

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Oct 2020 08:40:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O8mVXwBqWVmMdDWCQjvxUcQ7Z3%2B3nFZcvb7gOWZcTQbjqpIi3rHj%2BjeFsbM2UDTrBIjQR1B6v0tjPCt0rLt0W7qBVipngRuiLganY16tLLVR1dqkDrusZIoz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fa516dec9572c42-FRA
content-length
12720
cf-request-id
06bb0c9f4200002c4293229000000001
herbal-shampoo-for-hair-loss-and-dandruff-1wco13tn75kmpmtqqia0ahsj29i9ayoln5df6572ql10.jpg
tuhishair.com/wp-content/uploads/thumbs_dir/
10 KB
10 KB
Image
General
Full URL
https://tuhishair.com/wp-content/uploads/thumbs_dir/herbal-shampoo-for-hair-loss-and-dandruff-1wco13tn75kmpmtqqia0ahsj29i9ayoln5df6572ql10.jpg
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad9ea6b30c7d93e8229aaa4feac7fe8277fc03ce68690de67bf87b797f48d7c

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:30 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Oct 2020 08:40:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OaEzhhwAZrYsgMj3p753XYg9paHXLTNp3%2FXhzdOWnhFqt9vnGeh3Yj72E%2FmVzN6ffi4SjaEDdotujCuXr0alm6FuqZdPGbAbutgIjGpWjudAvYNDkPndoSUU"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fa516dec95a2c42-FRA
content-length
10357
cf-request-id
06bb0c9f4200002c4249abe000000001
getad
aax-us-east.amazon-adsystem.com/x/
50 B
381 B
Script
General
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22div_name%22%3A%22amzn-assoc-ad-6666dc40-c4ee-4388-9595-7853e9c331bd%22%2C%22tracking_id%22%3A%22sewinglist-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22CH%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22sewinglist-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Ftuhishair.com%2Fblog%2Fg3h%2F&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=6666dc40-c4ee-4388-9595-7853e9c331bd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.150 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 13:59:30 GMT
Server
Server
Connection
keep-alive
Content-Length
50
Vary
User-Agent
Content-Type
text/javascript;charset=UTF-8
ads
googleads.g.doubleclick.net/pagead/ Frame 60B3
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4303069395748361&output=html&adk=1812271804&adf=3025194257&lmt=1606744770&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Ftuhishair.com%2Fblog%2Fg3h%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606744770534&bpp=1&bdt=1719&idt=1&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92286cfac3aa7c63-22a261a87da60002%3AT%3D1606744770%3ART%3D1606744770%3AS%3DALNI_MaWRRTP1__O4EJCSIZ4CqxqtpFI7w&prev_fmts=1200x280&nras=1&correlator=7373101706219&frm=20&pv=1&ga_vid=913483323.1606744770&ga_sid=1606744770&ga_hid=30826722&ga_fc=0&iag=0&icsg=588387713023&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=43817830607907&pem=785&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4303069395748361&output=html&adk=1812271804&adf=3025194257&lmt=1606744770&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Ftuhishair.com%2Fblog%2Fg3h%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606744770534&bpp=1&bdt=1719&idt=1&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92286cfac3aa7c63-22a261a87da60002%3AT%3D1606744770%3ART%3D1606744770%3AS%3DALNI_MaWRRTP1__O4EJCSIZ4CqxqtpFI7w&prev_fmts=1200x280&nras=1&correlator=7373101706219&frm=20&pv=1&ga_vid=913483323.1606744770&ga_sid=1606744770&ga_hid=30826722&ga_fc=0&iag=0&icsg=588387713023&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=43817830607907&pem=785&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tuhishair.com/blog/g3h/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://tuhishair.com/blog/g3h/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 30 Nov 2020 13:59:30 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
IDE=AHWqTUlFovtY_A9U8oL_fw2ovkhQMp1HjrOdwyQBndooxN0zXlQVa8s91ci7uczU; expires=Sat, 25-Dec-2021 13:59:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 30 Nov 2020 13:59:30 GMT
cache-control
private
q
ws-na.amazon-adsystem.com/widgets/
39 B
516 B
Script
General
Full URL
https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&MarketPlace=US&Operation=GetAdHtml&OneJS=1&slotNum=0&overwrite=false&div_name=amzn-assoc-ad-6666dc40-c4ee-4388-9595-7853e9c331bd&tracking_id=sewinglist-20&ad_type=one_tag&marketplace=amazon&enable_geo_redirection=true&enable_auto_tagging=false&region=US&placement=adunit&viewerCountry=CH&aaxPunt=true&jsonp=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=6666dc40-c4ee-4388-9595-7853e9c331bd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.230.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
d40884a88813d26d40a65175e9984b2aef2194177d43235cc0acd6ad31f9b0f5

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Nov 2020 13:59:31 GMT
Server
Server
Vary
User-Agent
p3p
policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
Access-Control-Allow-Origin
*
charset
UTF-8
Cache-Control
must-revalidate
Connection
close
Content-Type
application/javascript;charset=UTF-8
Content-Length
39
Expires
-1
cm_:onejs_load_evt@v=2207,onejs_exec_time@v=2,aax_load_time@v=428,aax_load_time_one_tag@v=428,aax_punt@v=1,aax_punt_one_tag@v=1
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/
0
146 B
Image
General
Full URL
https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=2207,onejs_exec_time@v=2,aax_load_time@v=428,aax_load_time_one_tag@v=428,aax_punt@v=1,aax_punt_one_tag@v=1?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=5d88ebdc-f04a-4f12-a3ce-6f3e922824c6&session=c4fd8168-3cce-45a3-a455-975295ef2078
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
52.94.237.66 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 13:59:30 GMT
x-amzn-RequestId
c775dc7d-cc0f-490c-8737-bedfab813bf9
Content-Type
text/plain
22-1wb9fke8e4dha6wll27s7qku9hsb30p93jszjn4n0df8.jpg
tuhishair.com/wp-content/uploads/thumbs_dir/
13 KB
13 KB
Image
General
Full URL
https://tuhishair.com/wp-content/uploads/thumbs_dir/22-1wb9fke8e4dha6wll27s7qku9hsb30p93jszjn4n0df8.jpg
Requested by
Host: tuhishair.com
URL: https://tuhishair.com/blog/g3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3882 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7198b1687ed82639483373631098aa23b799eb98f75c905e74b85fe7183dc69

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:31 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Oct 2020 08:40:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wtZSOWIXYaKXvJvEn9NPlHNK8Uiw0ShSixkrjqQozfyAflQKSKHFlAQzaKZFEq7JZyUN7%2FJAgZdB3jqzxe1NrvT0s4DrvbmduzO7o59PIPOVqco6gTONuZeA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5fa516e2ecd72c42-FRA
content-length
13074
cf-request-id
06bb0ca1d600002c4257141000000001
sodar
pagead2.googlesyndication.com/getconfig/
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201112&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d000e5f0460bd8e621ef210fe24ce7fcaa810913cb828759e9da8f41e7616d69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 30 Nov 2020 13:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6490
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
16 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 13:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Mon, 30 Nov 2020 13:59:31 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame CDE3
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tuhishair.com/blog/g3h/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://tuhishair.com/blog/g3h/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4867
date
Mon, 30 Nov 2020 13:47:17 GMT
expires
Tue, 30 Nov 2021 13:47:17 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
734
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/
0
111 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201112&jk=43817830607907&bg=!trWltZXNAAUoamvQKFj0AyQ_FGTsqAIAAACHUgAAABRoAQcKAdIXREDrEU5ms7Qk4tFfgu_t3-w2HPf9fSzJ5Aga7IqypxxGs_Mhg-IUtCuggExFAleqX5SRtILNr69yWbV1R-5dn_fJKaTtr9CiURDDqUN3cA95L3ZVCPNXGGdbQ1IAPVSweVZMPZBNhQJREeo5WzNzqcPDZHdNF41DTs4qrVckdyLOnDtZG5X2v-8mY-xuE1fYsadthXIJRhn4xNph4-UAfk--FnKzM-t76D4ct92TDHGD5v4mMhPpSxlzyHuFgbF-vqYPH5knsQKGU6Qv1fuD35oPe_mYNtRunZtzTPmeJ9fKJuiXLNMWu4CbpCDIs94ZoWCiINZtbLxDYB1NatsNMcp1gsMblmwaV-Z4ueFrHAhsnABea0o5a9IhJg_1Fafh0NKwOy72Rti2Pe4Mcy5GlFrE_Fzzk-hTeT2WVO8P5-rYwUm-VkdenFHRmbBFMpGS6MvGOhAFrsOiewLVDQnFhDiwPlFhRZ2lBCY2k56E891yhtDVB2Hh_j0egddQDAHJ-o89sJJ1xzHWA8m0SfGyrZEDrRvIx43sjQ81MNn0HRDJczO5tju5qkaeOxNW85PAkaL7q41Nq3OoJrC5ngo0EWJsaxtN_AmEegFyNPcZAfKDmQG2fWbxwvozhHL5yjhSvWneiDKehXhlEDWk1rzwd6P64Lv2I_feurJR09N_EOlyIBtoSzbL9LjxlAElBejrnlIy6G2O5hFaH-PZW5pAcJ8L3H4Wmb85Sf7eEPEXkcJT_58II6X3Lnet2vzdtT66PtDcScfOh_YREAE4waVCX1x_Ece3SLmVEdZXJFJR3ECiMk6-_KvNZ10i5TpzVYBaAfLpJYD6HjdLLqGR2fqXPo9Df86s4kZGCwxUhR-qiNFTIy98pP_-kZ1-c41ruCNtMGRLRE3Tqq8yeuqT0zFSKv9OdaXXNTkqe_PNt0Hw_qHkAtY1ijczXFf0CmuMIA_dINqQvPvsS3Jghp83_ofZb8TMMmU4mmtP6j_XsBrZGLID_PyIeV7XZF-yQ2hHaH27TJMtprAz0oGULhOs69k-NsAXuDKbYP4oLJm4vbEUQDwu72938FECge8aGNKYr85PZ3SaYNPGsv_NO4Ieh7NC-xErvXOj07X9qYdnyigl086pv7y1ftYzCzUcx48vw3iw8MqNjGgfqFHMEG3fYDTH1Edsxj8c23ZTUikRZLXk4aWzWCAwx8cAwOGd
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tuhishair.com/blog/g3h/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Nov 2020 13:59:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| mi_version boolean| mi_track_user string| mi_no_track_reason string| disableStr function| __gaTrackerIsOptedOut function| __gaTrackerOptout function| gaOptout object| gaDevIds string| GoogleAnalyticsObject function| __gaTracker object| _wpemojiSettings object| monsterinsights_frontend function| MonsterInsights object| MonsterInsightsObject undefined| $ function| jQuery object| adsbygoogle object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| jQuery11240963771760828086 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| twemoji object| wp object| lazySizes object| translation function| amazon_assoc_ir_f_call_associates_ads function| amazon_assoc_ir_f_call function| amzn_assoc_ad_spec_type object| amzn_assoc_ad_spec object| amzn_assoc_ad_async_spec object| adUnitDeliveryNetwork object| slotCounter function| cmManager object| amzn_assoc_cm boolean| amzn_assoc_enable_abs object| amzn_assoc_internal_params function| assocUtilsMaker object| amzn_assoc_utils object| amzn_assoc_ad function| amzn_assoc_jsonp_callback_adunit_0 function| amzn_assoc_client_cb_0 function| table_charts function| isVisibleOnScroll function| reshowNav function| rehideNav object| re_ajax_cache object| re_ajax_search boolean| NavOverlayRemoved function| revMenuStyle undefined| postheight object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUlFovtY_A9U8oL_fw2ovkhQMp1HjrOdwyQBndooxN0zXlQVa8s91ci7uczU
.tuhishair.com/ Name: _gat
Value: 1
.tuhishair.com/ Name: _gid
Value: GA1.2.1199428779.1606744770
.tuhishair.com/ Name: __gads
Value: ID=92286cfac3aa7c63-22a261a87da60002:T=1606744770:RT=1606744770:S=ALNI_MaWRRTP1__O4EJCSIZ4CqxqtpFI7w
.tuhishair.com/ Name: _ga
Value: GA1.2.913483323.1606744770
.tuhishair.com/ Name: __cfduid
Value: dacc39b60e58383db53844104f3561d9b1606744768

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-us-east.amazon-adsystem.com
adservice.google.com
adservice.google.de
fls-na.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tuhishair.com
ws-na.amazon-adsystem.com
www.google-analytics.com
www.googletagservices.com
z-na.amazon-adsystem.com
13.224.101.72
172.217.18.162
2606:4700:3031::6812:3882
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2003
2a00:1450:4001:815::2001
2a00:1450:4001:820::200a
2a00:1450:400c:c0c::9b
52.46.143.150
52.94.230.46
52.94.237.66
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
17383f361d4ba6f05f5c07e7e9728f8224708507b25a4cb67620ca0e96c7e96b
1901fd31625ccc357711d4e7c1458d032acd1ed6482304b66db5388f37f074c9
19160c79ee64623f2960281f7ba83aa7c31fb203fb5bdab1b0c4c449008db1e3
1cea485dfc0215657974d9cf5776f2f2b902bb334b1cfec2f2971f967f8d80a5
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
249f3056b3c4d96ec62da6090bfd34ef5c9e6dcdff3e451c68abfab90e9f2c6c
2bd698c19e8fd8fe5c267c9f2c332d43e418decf8574c9ea24b33a9ba040f8eb
2fb896d59ab96b495498601fb1a0b126b53057ac7583e9ad13b319a3e532a943
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
3fd067d280fd43d3bfa7b25f4d4dd7e8bcc2f04b5528935d279905ff1a4032a8
41b1563bab8bc30d80ab023af09432563eb8d4cd4cb8d2b2617806311398343a
420da7659a081e65a054706cacc3a35bb19252cf50f845671e09a9066ac50ba9
44bd7a654d97c00bbda4740196a9e0bf1a5e47c878c0ecec36515b18965d1f29
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
595d34b744f60703b30792764223e82703a086fd6dbfe0aec9ee22fbdf740bc1
60580bde9e0a32feef550ca47e15262917da9a074369ae0212be0f23a080db25
63a5202a15222e461068b2c94b23e0e9c9652e81080fa1082c8aff63d5c29589
63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
66de80f5c91d14f0c4d222a82eea52a01ab8d8e907f3df2e08a7c4bc1d4ec33d
66eb7a1aa8809b9701c42fa4c879f7bc97c9b7ee5c33e9654c6c19e2d04de7eb
6aa0ade0cef3950e0fc00be272fe21ae4cb9914e711ef6245129026a14b4b044
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
988025244e8ec3e871ad4d4e172f7d2191a2b9f8c5ced9137b736ae69b0aff69
994d0de6d99babae820ef2766c74f3af3d0d54d06dfdaab0fa56ea4cdb2b2a34
9ee1a3416f68a8cd7aaf658fc3056e2bb4d8c6cc695654706d9bd8626626f94d
a0e5ada0b2a53fccf3e4b9dfa11bbfda913268d055246adadad094749ec8f8ad
ac588a22069fd96f7979ef0eb66728f0c45d9594c49bea515afe79d229591cdd
ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48
b28b954cdcf82aa729be1eafe9a376c287531aec4d69848c939c019c5d4c59e4
bad9ea6b30c7d93e8229aaa4feac7fe8277fc03ce68690de67bf87b797f48d7c
bf15e80eb4cf24133f6d6e76bdffd4bf24f773da5dfaa8e556b8ab50a2958e0d
c7198b1687ed82639483373631098aa23b799eb98f75c905e74b85fe7183dc69
c93717c1b73e15805a5ebb825a0f83c3cf32d384ea7deff1e813fdbe0825bba7
cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58
d000e5f0460bd8e621ef210fe24ce7fcaa810913cb828759e9da8f41e7616d69
d40884a88813d26d40a65175e9984b2aef2194177d43235cc0acd6ad31f9b0f5
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
d78b7e2a95556cd06c060df2f85c20a6d879aa37fb25f5bac962001dce0ceb7a
d96bc0f6c19228776d0dbf7955e6f9c5400b115512bbdeb85c5a4838b8fca911
dba633c1727089dd55e79e8e3eedaf637d2ed2517424450fb9ba8222fb602522
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e742b6710497438a385bff1ca64869286b4ed3a00f1feb6d47d30b17e9807c1d
e96e8e7f2f90e4cac9112a23479d298bf3a1ab5492ff807520b61251f8bb0d03