urlscan.io logo urlscan.io
SecurityTrails logo

hearthealthtip.com Open in urlscan Pro
184.106.86.69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.do/fbzjP#FejDdFejDd
Effective URL: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Submission: On October 09 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 6 countries across 25 domains to perform 62 HTTP transactions. The main IP is 184.106.86.69, located in San Antonio, United States and belongs to RACKSPACE - Rackspace Hosting, US. The main domain is hearthealthtip.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on July 17th 2019. Valid for: a year.
This is the only time hearthealthtip.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.83.52.76 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 195.181.174.6 60068 (CDN77)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 162.252.214.5 53334 (TUT-AS)
1 216.21.13.11 53334 (TUT-AS)
1 1 67.199.248.10 396982 (GOOGLE-PR...)
1 23.244.64.192 18978 (ENZUINC-US)
1 1 67.228.182.155 36351 (SOFTLAYER)
1 1 52.50.109.222 16509 (AMAZON-02)
3 16 184.106.86.69 19994 (RACKSPACE)
1 178.250.0.130 44788 (ASN-CRITE...)
2 23.111.9.35 33438 (HIGHWINDS2)
6 2a04:4e42:1b:... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 178.250.0.163 44788 (ASN-CRITE...)
2 74.119.119.150 19750 (AS-CRITEO)
1 2001:4860:480... 15169 (GOOGLE)
1 35.186.194.58 15169 (GOOGLE)
1 1 52.54.248.194 14618 (AMAZON-AES)
1 34.209.100.148 16509 (AMAZON-02)
2 50.56.9.112 19994 (RACKSPACE)
2 2.16.186.18 20940 (AKAMAI-ASN1)
1 54.201.233.70 16509 (AMAZON-02)
1 52.89.139.175 16509 (AMAZON-02)
62 28
1    54.83.52.76 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-83-52-76.compute-1.amazonaws.com
bit.do
2    2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
newslistbloggr.blogspot.com
6    2a00:1450:4001:824::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.blogger.com
resources.blogblog.com
3    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
netdna.bootstrapcdn.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
2    2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
1.bp.blogspot.com
3    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
apis.google.com
1    195.181.174.6 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-1.cdn77.com
c1.popads.net
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
2    2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
c.adsco.re
6.adsco.re
1    162.252.214.5 (United States)

ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US)
adsco.re
1    216.21.13.11 (United States)

ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US)
serve.popads.net
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD - Google LLC, US)
PTR: bit.ly
bit.ly
1    23.244.64.192 (Los Angeles, United States)

ASN18978 (ENZUINC-US - Enzu Inc, US)
PTR: eml7.yabofa.com
www.titanhoodanne.com
1    67.228.182.155 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 9b.b6.e443.ip4.static.sl-reverse.com
www.m859w.com
1    52.50.109.222 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-109-222.eu-west-1.compute.amazonaws.com
go.track3e.com
16    184.106.86.69 (San Antonio, United States)

ASN19994 (RACKSPACE - Rackspace Hosting, US)
hearthealthtip.com
1    178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
use.fontawesome.com
6    2a04:4e42:1b::622 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)
fast.wistia.com
1    2606:4700::6813:c797 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO - Criteo Corp., US)
dis.us.criteo.com
1    2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE - Google LLC, US)
fullstory.com
1    35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
1    52.54.248.194 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-54-248-194.compute-1.amazonaws.com
nutrinitycrm.limelightcrm.com
1    34.209.100.148 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-209-100-148.us-west-2.compute.amazonaws.com
ssl.kaptcha.com
2    50.56.9.112 (San Antonio, United States)

ASN19994 (RACKSPACE - Rackspace Hosting, US)
clients.thirdelementmarketing.com
2    2.16.186.18 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-18.deploy.static.akamaitechnologies.com
embedwistia-a.akamaihd.net
1    54.201.233.70 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-201-233-70.us-west-2.compute.amazonaws.com
distillery.wistia.com
1    52.89.139.175 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-89-139-175.us-west-2.compute.amazonaws.com
pipedream.wistia.com
Domain Requested by
16 hearthealthtip.com 3 redirects www.titanhoodanne.com
hearthealthtip.com
6 fast.wistia.com hearthealthtip.com
fast.wistia.com
5 www.blogger.com newslistbloggr.blogspot.com
ajax.googleapis.com
3 fonts.gstatic.com ajax.googleapis.com
3 apis.google.com newslistbloggr.blogspot.com
apis.google.com
3 fonts.googleapis.com newslistbloggr.blogspot.com
2 embedwistia-a.akamaihd.net fast.wistia.com
2 clients.thirdelementmarketing.com hearthealthtip.com
2 dis.us.criteo.com hearthealthtip.com
static.criteo.net
2 use.fontawesome.com hearthealthtip.com
2 1.bp.blogspot.com newslistbloggr.blogspot.com
2 newslistbloggr.blogspot.com newslistbloggr.blogspot.com
1 pipedream.wistia.com fast.wistia.com
1 distillery.wistia.com fast.wistia.com
1 ssl.kaptcha.com hearthealthtip.com
1 nutrinitycrm.limelightcrm.com 1 redirects
1 rs.fullstory.com fullstory.com
1 fullstory.com hearthealthtip.com
1 sslwidget.criteo.com 1 redirects
1 cdnjs.cloudflare.com hearthealthtip.com
1 static.criteo.net hearthealthtip.com
1 go.track3e.com 1 redirects
1 www.m859w.com 1 redirects
1 www.titanhoodanne.com
1 bit.ly 1 redirects
1 serve.popads.net c1.popads.net
1 adsco.re c.adsco.re
1 6.adsco.re newslistbloggr.blogspot.com
1 c.adsco.re c1.popads.net
1 www.gstatic.com apis.google.com
1 c1.popads.net newslistbloggr.blogspot.com
1 resources.blogblog.com newslistbloggr.blogspot.com
1 ajax.googleapis.com newslistbloggr.blogspot.com
1 netdna.bootstrapcdn.com newslistbloggr.blogspot.com
1 bit.do 1 redirects
62 35

This site contains links to these domains. Also see Links.

Domain
secure.trust-guard.com
Subject Issuer Validity Valid
*.googleusercontent.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.blogger.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.googleapis.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
*.apis.google.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
1355769017.rsc.cdn77.org
Let's Encrypt Authority X3		 2019-08-28 -
2019-11-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.adsco.re
COMODO RSA Organization Validation Secure Server CA		 2017-09-26 -
2020-09-25		 3 years crt.sh
*.popads.net
COMODO RSA Domain Validation Secure Server CA		 2018-06-18 -
2020-06-17		 2 years crt.sh
www.titanhoodanne.com
Let's Encrypt Authority X3		 2019-09-17 -
2019-12-16		 3 months crt.sh
hearthealthtip.com
RapidSSL RSA CA 2018		 2019-07-17 -
2020-07-16		 a year crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2019-03-26 -
2020-03-30		 a year crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2018-09-17 -
2019-11-21		 a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
*.us.criteo.com
DigiCert ECC Secure Server CA		 2019-06-12 -
2020-06-16		 a year crt.sh
*.fullstory.com
COMODO RSA Domain Validation Secure Server CA		 2017-12-27 -
2021-03-26		 3 years crt.sh
ssl.kaptcha.com
Thawte TLS RSA CA G1		 2019-10-01 -
2021-11-29		 2 years crt.sh
clients.thirdelementmarketing.com
RapidSSL RSA CA 2018		 2018-11-06 -
2020-12-05		 2 years crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2019-08-13 -
2020-08-12		 a year crt.sh
*.wistia.com
DigiCert SHA2 Secure Server CA		 2017-03-27 -
2020-06-24		 3 years crt.sh

This page contains 3 frames:

Primary Page: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Frame ID: 59CF31B2F47BE0EB919F13AED6CC3518
Requests: 63 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=201228&s=15706182238255
Frame ID: 5C3024DBD63815BED753FB2FC4A8B3EF
Requests: 1 HTTP requests in this frame

Frame: https://dis.us.criteo.com/dis/dis.aspx?p=54343&cb=41931638356&ref=&sc_r=1600x1200&sc_d=24
Frame ID: 2E0651FD3BE0C53DD41A257C9AB4E31A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bit.do/fbzjP HTTP 301
    https://newslistbloggr.blogspot.com/p/loading-offer_3.html Page URL
  2. http://bit.ly/2AEAQQ6 HTTP 301
    https://www.titanhoodanne.com/3f4626fed056b9b85f31956713bdb5823002579c-0-0-0/ Page URL
  3. http://www.m859w.com/5474/110/2/?subid=331910&subid2=629607456 HTTP 302
    http://go.track3e.com/aff_c?offer_id=16&aff_id=1487&aff_click_id=5474_sessid2019100910506792&aff_s... HTTP 302
    https://hearthealthtip.com/traffic.asp?affid=1487&subid1=110&subid2=&subid3=&subid4=&subid5=&hoclickid=... HTTP 302
    https://hearthealthtip.com/mobiledetect.php?affid=1487&subid1=110&subid2=&subid3=&hoclickid=102f657b450... HTTP 302
    https://hearthealthtip.com/traffic.asp?ismobile=N&affid=1487&subid1=110&subid2=&subid3=&hoclickid=102f6... HTTP 302
    https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium= Page URL

Page Statistics

62
Requests

100 %
HTTPS

39 %
IPv6

25
Domains

35
Subdomains

28
IPs

6
Countries

2425 kB
Transfer

4201 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.do/fbzjP HTTP 301
    https://newslistbloggr.blogspot.com/p/loading-offer_3.html Page URL
  2. http://bit.ly/2AEAQQ6 HTTP 301
    https://www.titanhoodanne.com/3f4626fed056b9b85f31956713bdb5823002579c-0-0-0/ Page URL
  3. http://www.m859w.com/5474/110/2/?subid=331910&subid2=629607456 HTTP 302
    http://go.track3e.com/aff_c?offer_id=16&aff_id=1487&aff_click_id=5474_sessid2019100910506792&aff_sub=110 HTTP 302
    https://hearthealthtip.com/traffic.asp?affid=1487&subid1=110&subid2=&subid3=&subid4=&subid5=&hoclickid=102f657b450a9f1483bb4721cc714b&hoofferid=16 HTTP 302
    https://hearthealthtip.com/mobiledetect.php?affid=1487&subid1=110&subid2=&subid3=&hoclickid=102f657b450a9f1483bb4721cc714b&hoofferid=16&alturl=&hourlid=&ep=&adv= HTTP 302
    https://hearthealthtip.com/traffic.asp?ismobile=N&affid=1487&subid1=110&subid2=&subid3=&hoclickid=102f657b450a9f1483bb4721cc714b&hoofferid=16&alturl=&hourlid=&ep=&adv= HTTP 302
    https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bit.do/fbzjP HTTP 301
  • https://newslistbloggr.blogspot.com/p/loading-offer_3.html
Request Chain 27
  • http://bit.ly/2AEAQQ6 HTTP 301
  • https://www.titanhoodanne.com/3f4626fed056b9b85f31956713bdb5823002579c-0-0-0/
Request Chain 42
  • https://sslwidget.criteo.com/event?a=54343&v=5.3.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&lwid=90b80c79-e4fa-4ee6-af54-35121aa72d8b&tld=hearthealthtip.com&dtycbr=79638 HTTP 302
  • https://dis.us.criteo.com/event?a=54343&v=5.3.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&lwid=90b80c79-e4fa-4ee6-af54-35121aa72d8b&tld=hearthealthtip.com&dtycbr=79638
Request Chain 47
  • https://nutrinitycrm.limelightcrm.com/pixel.php?t=htm&campaign_id=18&sessionId=15706182238255 HTTP 302
  • https://ssl.kaptcha.com/logo.htm?m=201228&s=15706182238255

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
loading-offer_3.html
newslistbloggr.blogspot.com/p/
Redirect Chain
  • http://bit.do/fbzjP
  • https://newslistbloggr.blogspot.com/p/loading-offer_3.html
84 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
70bdbaaa73835a346a90ca5dbc6a7095eca07d647c0eea568a60228660fe587e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
newslistbloggr.blogspot.com
:scheme
https
:path
/p/loading-offer_3.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
text/html; charset=UTF-8
expires
Wed, 09 Oct 2019 10:50:17 GMT
date
Wed, 09 Oct 2019 10:50:17 GMT
cache-control
private, max-age=0
last-modified
Wed, 09 Oct 2019 09:10:45 GMT
etag
W/"e080ab94133f39fb329a6c58965234e58151973aa2330d58eeec3a973d08a964"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
23632
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

Server
nginx/1.16.1
Date
Wed, 09 Oct 2019 10:50:16 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
338
Connection
keep-alive
Location
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
2549344219-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/2549344219-widget_css_bundle.css
Requested by
Host: newslistbloggr.blogspot.com
URL: https://newslistbloggr.blogspot.com/p/loading-offer_3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d539a910089008f073b426d44a496f1952ba01b9ff018425c18d21bea42aa128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 08 Oct 2019 20:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 07 Oct 2019 22:24:01 GMT
server
sffe
age
50042
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6822
x-xss-protection
0
expires
Wed, 07 Oct 2020 20:56:15 GMT
css
fonts.googleapis.com/ 		3 KB
502 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,700,800,900
Requested by
Host: newslistbloggr.blogspot.com
URL: https://newslistbloggr.blogspot.com/p/loading-offer_3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
f3ecf246e6f78dea05761ffbbbcb95861d3cbeff7fb4ffa2d2c973779b9a2e05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 09 Oct 2019 10:50:17 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 09 Oct 2019 10:50:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Wed, 09 Oct 2019 10:50:17 GMT
css
fonts.googleapis.com/ 		24 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,800,700
Requested by
Host: newslistbloggr.blogspot.com
URL: https://newslistbloggr.blogspot.com/p/loading-offer_3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
0a733c9a259685cf9a9816145434c0087227f35400e16208e7e63e58ccd44538
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 09 Oct 2019 10:50:17 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 09 Oct 2019 10:50:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Wed, 09 Oct 2019 10:50:17 GMT
css
fonts.googleapis.com/ 		1 KB
538 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif
Requested by
Host: newslistbloggr.blogspot.com
URL: https://newslistbloggr.blogspot.com/p/loading-offer_3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
8178ee3529043afe4e747a2a7a61a1ee69a1656067f76da83345dbf70c04d570
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 09 Oct 2019 10:50:17 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 09 Oct 2019 10:50:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Wed, 09 Oct 2019 10:50:17 GMT
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.1.0/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css
Requested by
Host: newslistbloggr.blogspot.com
URL: https://newslistbloggr.blogspot.com/p/loading-offer_3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:17 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
status
200
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
4696
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: newslistbloggr.blogspot.com
URL: https://newslistbloggr.blogspot.com/p/loading-offer_3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 08 Oct 2019 02:02:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118069
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33576
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Oct 2020 02:02:28 GMT
icon18_wrench_allbkg.png
resources.blogblog.com/img/ 		475 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/icon18_wrench_allbkg.png
Requested by
Host: newslistbloggr.blogspot.com
URL: https://newslistbloggr.blogspot.com/p/loading-offer_3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 08 Oct 2019 20:52:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 18:25:29 GMT
server
sffe
age
50257
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
475
x-xss-protection
0
expires
Tue, 15 Oct 2019 20:52:40 GMT
josh-sobel-ofvMu9nemFQ-unsplash.jpg
1.bp.blogspot.com/-FpGJPBEwO-U/XUkj7prvGlI/AAAAAAAAAE4/MGFFhix4leQPBhE_0-3BiWNC6K-yVRDnwCPcBGAYYCw/s72-c/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-FpGJPBEwO-U/XUkj7prvGlI/AAAAAAAAAE4/MGFFhix4leQPBhE_0-3BiWNC6K-yVRDnwCPcBGAYYCw/s72-c/josh-sobel-ofvMu9nemFQ-unsplash.jpg
Requested by
Host: newslistbloggr.blogspot.com
URL: https://newslistbloggr.blogspot.com/p/loading-offer_3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
ad6d3a7546fb711e4d1574d37cd922b7a5b875d61cd23e0f10326172fdcb5413
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:17 GMT
x-content-type-options
nosniff
server
fife
status
404
content-type
image/png
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1492
x-xss-protection
0
henri-meilhac-jJ0tLs2ROd4-unsplash.jpg
1.bp.blogspot.com/-LxVifZgOdMQ/XUkj5TuFLQI/AAAAAAAAAEk/5MQTTsdE9ZocGi6HkCF6d6ugE45TuhSGwCPcBGAYYCw/s72-c/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-LxVifZgOdMQ/XUkj5TuFLQI/AAAAAAAAAEk/5MQTTsdE9ZocGi6HkCF6d6ugE45TuhSGwCPcBGAYYCw/s72-c/henri-meilhac-jJ0tLs2ROd4-unsplash.jpg
Requested by
Host: newslistbloggr.blogspot.com
URL: https://newslistbloggr.blogspot.com/p/loading-offer_3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
ad6d3a7546fb711e4d1574d37cd922b7a5b875d61cd23e0f10326172fdcb5413
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:17 GMT
x-content-type-options
nosniff
server
fife
status
404
content-type
image/png
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1492
x-xss-protection
0
plusone.js
apis.google.com/js/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: newslistbloggr.blogspot.com
URL: https://newslistbloggr.blogspot.com/p/loading-offer_3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d996e8927ae45383450bd8314f8bc89259a528aaa698231fe91d2295872d0496
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-xr68fUEbgc7PC9QCmKC3lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"deb3e7b226abe725b3606240ebb6abf7"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Wed, 09 Oct 2019 10:50:17 GMT
cookienotice.js
newslistbloggr.blogspot.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newslistbloggr.blogspot.com/js/cookienotice.js
Requested by
Host: newslistbloggr.blogspot.com
URL: https://newslistbloggr.blogspot.com/p/loading-offer_3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 06:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Oct 2019 05:08:11 GMT
server
sffe
age
14324
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2026
x-xss-protection
0
expires
Wed, 16 Oct 2019 06:51:33 GMT
2289495658-widgets.js
www.blogger.com/static/v1/widgets/ 		141 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/2289495658-widgets.js
Requested by
Host: newslistbloggr.blogspot.com
URL: https://newslistbloggr.blogspot.com/p/loading-offer_3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c41e3a6e2d57f9f96047f3c3799f3ee126051031bbcdbe698198c92ef94522
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 08 Oct 2019 04:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 07 Oct 2019 19:39:35 GMT
server
sffe
age
108524
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
53008
x-xss-protection
0
expires
Wed, 07 Oct 2020 04:41:33 GMT
pop.js
c1.popads.net/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.popads.net/pop.js
Requested by
Host: newslistbloggr.blogspot.com
URL: https://newslistbloggr.blogspot.com/p/loading-offer_3.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.6 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
f305452ed13912ed36d9a1a0577b4211fd4e4cc6aea2a7d7a78ea1a601208a20

Request headers

Sec-Fetch-Mode
cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
Origin
https://newslistbloggr.blogspot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:17 GMT
content-encoding
br
last-modified
Mon, 17 Jun 2019 22:20:49 GMT
server
CDN77-Turbo
x-edge-location
frankfurtDE
etag
W/"5d081241-79ce"
status
200
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
x-edge-ip
195.181.174.1
x-age
830
alt-svc
quic="195.181.174.1:443"; ma=2592000; v="44,43,39"
authorization.css
www.blogger.com/dyn-css/ 		1 B
114 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=2826997146359293803&zx=6c2f7d87-69ef-4ab0-bbc7-0f255d37b94b
Requested by
Host: newslistbloggr.blogspot.com
URL: https://newslistbloggr.blogspot.com/p/loading-offer_3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 09 Oct 2019 10:50:17 GMT
server
GSE
date
Wed, 09 Oct 2019 10:50:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,800,700
Origin
https://newslistbloggr.blogspot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 08 Oct 2019 17:59:15 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
60662
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9132
x-xss-protection
0
expires
Wed, 07 Oct 2020 17:59:15 GMT
logo-16.png
www.blogger.com/img/ 		279 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blogger.com/img/logo-16.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 08 Oct 2019 22:51:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 07 Oct 2019 22:24:01 GMT
server
sffe
age
43132
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
279
x-xss-protection
0
expires
Tue, 15 Oct 2019 22:51:25 GMT
1Ptrg8zYS_SKggPNwK4vWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwK4vWqZPANqczVs.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9c695acb1fb9e1a8739e6ae5621d41fc1ff3d13bbf370ea9c1fc95e879109890
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Raleway:400,700,800,900
Origin
https://newslistbloggr.blogspot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 08 Oct 2019 02:00:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:47:41 GMT
server
sffe
age
118193
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13564
x-xss-protection
0
expires
Wed, 07 Oct 2020 02:00:24 GMT
EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
fonts.gstatic.com/s/ptserif/v11/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v11/EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=PT+Serif
Origin
https://newslistbloggr.blogspot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 17:45:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:23:27 GMT
server
sffe
age
752694
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13280
x-xss-protection
0
expires
Tue, 29 Sep 2020 17:45:23 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/ 		194 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a449696c6de7bd903b361a937a4a0c608b96157f4d9e7dcb179811ea1851a1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 08 Oct 2019 00:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 01 Oct 2019 16:14:40 GMT
server
sffe
age
124407
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
68651
x-xss-protection
0
expires
Wed, 07 Oct 2020 00:16:50 GMT
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3c500dcfdbe3911c8a494fd1aab2e6c77b4eafcc9fee831b1fa09e628639e1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 04:54:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 07 Oct 2019 20:18:14 GMT
server
sffe
age
21341
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18461
x-xss-protection
0
expires
Thu, 10 Oct 2019 04:54:36 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=gapi_iframes_style_slide_menu/exm=plusone,profile/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=gapi_iframes_style_slide_menu/exm=plusone,profile/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8e225a9b001c124d9188dc28ca03177261e8439b2eedd57426a89669ef876679
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 06:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 01 Oct 2019 16:14:40 GMT
server
sffe
age
16660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3737
x-xss-protection
0
expires
Thu, 08 Oct 2020 06:12:37 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
114 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=2826997146359293803&zx=6c2f7d87-69ef-4ab0-bbc7-0f255d37b94b
Requested by
Host: newslistbloggr.blogspot.com
URL: https://newslistbloggr.blogspot.com/p/loading-offer_3.html#FejDdFejDd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 09 Oct 2019 10:50:18 GMT
server
GSE
date
Wed, 09 Oct 2019 10:50:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
c.adsco.re/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c1.popads.net
URL: https://c1.popads.net/pop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eaf72909f5fdb91f51856e148c1deb0830ad30c8d14affa218a4433058c2ba0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:17 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
2212099
etag
"29koYPnCOtCezj9e+8OyYA=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
status
200
cache-control
max-age=43200,public,immutable,no-transform
cf-ray
522fcaf4e84ecbb4-VIE
link
<//adsco.re>;rel=preconnect,<//6.adsco.re>;rel=prefetch
expires
Sat, 17 Aug 2019 08:21:54 GMT
/
6.adsco.re/ 		0
103 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: newslistbloggr.blogspot.com
URL: https://newslistbloggr.blogspot.com/p/loading-offer_3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:17 GMT
content-encoding
br
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
access-control-max-age
2592000
cache-control
max-age=600,public,immutable
cf-ray
522fcaf50889cbb4-VIE
access-control-allow-headers
Content-Type
t
adsco.re/ 		259 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/t
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software
/
Resource Hash
178c77e7ecf5fa181d5264f43afc1515a2dfe951e6533d4baa9ad4ba20f4f309

Request headers

Sec-Fetch-Mode
cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 09 Oct 2019 10:50:17 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://newslistbloggr.blogspot.com
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
c
serve.popads.net/ 		0
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://serve.popads.net/c?_=BAoAXZ265gFdnbtpgAGBAcAAILLUVzuQdTQYL_RvegU_la88uOnTRb15BIwaPXGMPCq-wQAggre29lub4tEELJxtravYor4DSzxombAcp1R8Sr8yjPnCACBBVhx0ObqCCK8HsmbpXmnrvQX0zlsbzLdeWxL3ZADMeMQAECoBBPgBklQUAAAAAAAAAALFABAEJoLtKUO1JHurajAqbt8pwwAgEjOMndLeldQNrTPAQMLyOkXO3zyRCKjrB3_RzkpqH_M&v=4&siteId=3595884&minBid=&popundersPerIP=&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200
Requested by
Host: c1.popads.net
URL: https://c1.popads.net/pop.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
216.21.13.11 , United States, ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://newslistbloggr.blogspot.com/p/loading-offer_3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 09 Oct 2019 10:50:18 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=UTF-8
PopAds-EC
ASB
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
0
PopAds-CI
88
Cookie set /
www.titanhoodanne.com/3f4626fed056b9b85f31956713bdb5823002579c-0-0-0/
Redirect Chain
  • http://bit.ly/2AEAQQ6
  • https://www.titanhoodanne.com/3f4626fed056b9b85f31956713bdb5823002579c-0-0-0/
125 B
373 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.titanhoodanne.com/3f4626fed056b9b85f31956713bdb5823002579c-0-0-0/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.244.64.192 Los Angeles, United States, ASN18978 (ENZUINC-US - Enzu Inc, US),
Reverse DNS
eml7.yabofa.com
Software
Apache /
Resource Hash

Request headers

Host
www.titanhoodanne.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 09 Oct 2019 10:50:22 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
125
Server
Apache
Set-Cookie
uid19495=629607456-20191009065022-bfb9a9d5089f14a87f7046a57512b187-; path=/; domain=titanhoodanne.com

Redirect headers

Server
nginx
Date
Wed, 09 Oct 2019 10:50:21 GMT
Content-Type
text/html; charset=utf-8
Content-Length
164
Cache-Control
private, max-age=90
Location
https://www.titanhoodanne.com/3f4626fed056b9b85f31956713bdb5823002579c-0-0-0/
Set-Cookie
_bit=j99aOl-8590d791af29e58c13-00w; Domain=bit.ly; Expires=Mon, 06 Apr 2020 10:50:21 GMT
Via
1.1 google
Primary Request /
hearthealthtip.com/E035/
Redirect Chain
  • http://www.m859w.com/5474/110/2/?subid=331910&subid2=629607456
  • http://go.track3e.com/aff_c?offer_id=16&aff_id=1487&aff_click_id=5474_sessid2019100910506792&aff_sub=110
  • https://hearthealthtip.com/traffic.asp?affid=1487&subid1=110&subid2=&subid3=&subid4=&subid5=&hoclickid=102f657b450a9f1483bb4721cc714b&hoofferid=16
  • https://hearthealthtip.com/mobiledetect.php?affid=1487&subid1=110&subid2=&subid3=&hoclickid=102f657b450a9f1483bb4721cc714b&hoofferid=16&alturl=&hourlid=&ep=&adv=
  • https://hearthealthtip.com/traffic.asp?ismobile=N&affid=1487&subid1=110&subid2=&subid3=&hoclickid=102f657b450a9f1483bb4721cc714b&hoofferid=16&alturl=&hourlid=&ep=&adv=
  • https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Requested by
Host: www.titanhoodanne.com
URL: https://www.titanhoodanne.com/3f4626fed056b9b85f31956713bdb5823002579c-0-0-0/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.106.86.69 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
39b69e428019dd0e7d1bd2a508b0357ff17480743d8e3deeed59afb120b0781b

Request headers

:method
GET
:authority
hearthealthtip.com
:scheme
https
:path
/E035/?clickid=91746113&utm_source=1487&utm_medium=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
cookie
visited=Y; clickid=91746113; hoclickid=102f657b450a9f1483bb4721cc714b; ASPSESSIONIDSGDCAQQC=PAGPNDGBHFDIHLPFJEMGEBAL
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
cache-control
private
content-type
text/html
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
access-control-allow-origin
*
date
Wed, 09 Oct 2019 10:50:23 GMT
content-length
8537

Redirect headers

status
302
cache-control
private
content-type
text/html
location
/E035/?clickid=91746113&utm_source=1487&utm_medium=
server
Microsoft-IIS/10.0
set-cookie
visited=Y; expires=Fri, 08-Nov-2019 11:50:22 GMT; path=/ clickid=91746113; expires=Fri, 08-Nov-2019 11:50:22 GMT; path=/ hoclickid=102f657b450a9f1483bb4721cc714b; expires=Fri, 08-Nov-2019 11:50:22 GMT; path=/ ASPSESSIONIDSGDCAQQC=PAGPNDGBHFDIHLPFJEMGEBAL; secure; path=/
x-powered-by
ASP.NET
access-control-allow-origin
*
date
Wed, 09 Oct 2019 10:50:23 GMT
content-length
180
combined.css
hearthealthtip.com/E035/css/ 		38 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hearthealthtip.com/E035/css/combined.css
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.106.86.69 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
072136fd5772bc16b0d521f692b043d7f5874a96e5f7219819f9f12152577dc0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:23 GMT
content-encoding
gzip
etag
"f90be1b2e30d51:0"
last-modified
Mon, 01 Jul 2019 16:57:46 GMT
server
Microsoft-IIS/10.0
status
200
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
11267
ld.js
static.criteo.net/js/ld/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d4cd0793770cdc3a88d0960bb1655ea2fab4b6f828bdb6a31f90bce008a9ed01

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:23 GMT
content-encoding
gzip
last-modified
Tue, 30 Jul 2019 16:15:10 GMT
server
nginx
etag
W/"5d406d0e-75ed"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Thu, 10 Oct 2019 10:50:23 GMT
all.css
use.fontawesome.com/releases/v5.7.2/css/ 		53 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.7.2/css/all.css
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Sec-Fetch-Mode
cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Origin
https://hearthealthtip.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:23 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 16:48:32 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"7b1d7f457d056ace7b230b587b9f3753"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
smiley-icon.png
hearthealthtip.com/E035/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hearthealthtip.com/E035/images/smiley-icon.png
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.106.86.69 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
54e0aae46d513f115715425b377e162a46ddf966d17372b3b8e0019db0dbcd71

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:23 GMT
last-modified
Mon, 01 Jul 2019 16:58:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"ea6e5252e30d51:0"
status
200
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
3083
q4i3do16i2.jsonp
fast.wistia.com/embed/medias/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/q4i3do16i2.jsonp
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
8829ba1adf6b346393c64c9736c047edefe906ea85ad5919546dcd7db00e0061
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
77948
x-cache
MISS, HIT, HIT
p3p
CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
status
200
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length
1684
x-request-id
95847216290fb4f9d018c96cf85e5978
x-served-by
cache-sea1045-SEA, cache-hhn4080-HHN
x-runtime
0.131322
access-control-allow-origin
*
x-browser-version
74
x-timer
S1570618224.042828,VS0,VE1
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
link
<https://embedwistia-a.akamaihd.net>; rel=preconnect; crossorigin
x-cache-hits
0, 1, 1
E-v1.js
fast.wistia.com/assets/external/ 		566 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
8690355c3d50a25bfb190e56725ff3e7cdd004bb914dea01a17d86780f54e5a5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:24 GMT
content-encoding
br
vary
Accept-Encoding
age
557
x-cache
HIT, HIT
status
200
content-length
110391
x-served-by
cache-sea1037-SEA, cache-hhn4080-HHN
access-control-allow-origin
*
x-browser-version
74
last-modified
Tue, 08 Oct 2019 17:32:19 GMT
x-timer
S1570618224.042854,VS0,VE0
etag
"5d9cc823-1af37"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 81
media.png
hearthealthtip.com/E035/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hearthealthtip.com/E035/images/media.png
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.106.86.69 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9c01f84981114465e29a28d6d6694ac47ab96b6a0f9a27bff523c24797dd85ec

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:24 GMT
last-modified
Mon, 01 Jul 2019 16:58:00 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"f725ca232e30d51:0"
status
200
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
11761
drsam-sidebar.jpg
hearthealthtip.com/E035/images/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hearthealthtip.com/E035/images/drsam-sidebar.jpg
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.106.86.69 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dcf862e92116e6b774828b2c467d2060a970d12a4c4e8d4cb64cfe35e6d9f63c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:24 GMT
last-modified
Mon, 01 Jul 2019 16:57:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"37280202e30d51:0"
status
200
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
44750
jquery-2.2.4.min.js
hearthealthtip.com/includes/js/ 		84 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hearthealthtip.com/includes/js/jquery-2.2.4.min.js
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.106.86.69 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8e09aa31f396ea41d698f437dc5fc7125e931d400eb2873f5b68ef78c1e6f3a6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:24 GMT
content-encoding
gzip
etag
"22545a21097d41:0"
last-modified
Tue, 18 Dec 2018 20:26:51 GMT
server
Microsoft-IIS/10.0
status
200
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
38308
combined.js
hearthealthtip.com/E035/js/ 		166 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hearthealthtip.com/E035/js/combined.js
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.106.86.69 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
23d134012211f8a9138fc8732e555ac648417e3164df0d9e86e14b1a403cfc08

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:24 GMT
content-encoding
gzip
etag
"d764c0262e30d51:0"
last-modified
Mon, 01 Jul 2019 16:58:05 GMT
server
Microsoft-IIS/10.0
status
200
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
56858
platform.js
hearthealthtip.com/E035/js/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hearthealthtip.com/E035/js/platform.js
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.106.86.69 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f6af597f12f893bc3d9fa48198805640843e40a1424788afcce9227989685b90

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:24 GMT
content-encoding
gzip
etag
"90fa6f282e30d51:0"
last-modified
Mon, 01 Jul 2019 16:58:08 GMT
server
Microsoft-IIS/10.0
status
200
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
14459
jquery.lazyloadxt.js
hearthealthtip.com/E035/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hearthealthtip.com/E035/js/jquery.lazyloadxt.js
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.106.86.69 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
efebab702aff9c631113bf0c6286986ada740717034af9c0ad64698203b21d07

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:24 GMT
content-encoding
gzip
etag
"e49ef9262e30d51:0"
last-modified
Mon, 01 Jul 2019 16:58:05 GMT
server
Microsoft-IIS/10.0
status
200
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
3320
moment.js
hearthealthtip.com/E035/js/ 		126 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hearthealthtip.com/E035/js/moment.js
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.106.86.69 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
19245ee5c1e69930f70e00714627f390d2da5b58b03d3cedf6427ceab19af2d8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:24 GMT
content-encoding
gzip
etag
"605fd7272e30d51:0"
last-modified
Mon, 01 Jul 2019 16:58:07 GMT
server
Microsoft-IIS/10.0
status
200
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
41610
platform.min.js
cdnjs.cloudflare.com/ajax/libs/platform/1.3.4/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/platform/1.3.4/platform.min.js
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d33eb34749bbd01fce72b51574d57ed7446a5daa14c3072bfd150b8829ebf017
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
15252029
status
200
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:24:36 GMT
server
cloudflare
etag
W/"5afd4a54-3619"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
522fcb1c2c778c86-VIE
expires
Mon, 28 Sep 2020 10:50:24 GMT
event
dis.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=54343&v=5.3.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&lwid=90b80c79-e4fa-4ee6-af54-35121aa72d8b&tld=hearthealthtip.com&dtycbr=79638
  • https://dis.us.criteo.com/event?a=54343&v=5.3.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&lwid=90b80c79-e4fa-4ee6-af54-35121aa72d8b&tld=hearthealthtip.com&dtycbr=79638
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dis.us.criteo.com/event?a=54343&v=5.3.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&lwid=90b80c79-e4fa-4ee6-af54-35121aa72d8b&tld=hearthealthtip.com&dtycbr=79638
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO - Criteo Corp., US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
39feb9c90cb96823a4e0e3459c05b7f2b4d2ff5b4fb045817aeaa72482390e68

Request headers

Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Oct 2019 10:50:23 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
timing-allow-origin
*
x-powered-by
ASP.NET
vary
Accept-Encoding
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
status
200
cache-control
no-cache
content-type
application/x-javascript
content-length
823
expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Oct 2019 10:50:23 GMT
status
302
location
https://dis.us.criteo.com/event?a=54343&v=5.3.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&lwid=90b80c79-e4fa-4ee6-af54-35121aa72d8b&tld=hearthealthtip.com&dtycbr=79638
cache-control
no-cache
timing-allow-origin
*
content-length
0
expires
0
fs.js
fullstory.com/s/ 		187 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fullstory.com/s/fs.js
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
279404e1a6a9ca3eab11b3020ce76bb75a12846e86cdd103cafb2d3f71cc8efb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
server
Google Frontend
age
407
status
200
etag
"GhPt9g"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-cloud-trace-context
5325be3316f3f4ced3ad7743ac9c9f40
cache-control
public, max-age=600
date
Wed, 09 Oct 2019 10:43:37 GMT
timing-allow-origin
*
content-length
68410
expires
Wed, 09 Oct 2019 10:53:37 GMT
hb3.jpg
hearthealthtip.com/E035/images/ 		342 KB
342 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hearthealthtip.com/E035/images/hb3.jpg
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.106.86.69 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
704517884e488215c0037e7800a1b041d09b9f35be471994446fa687bc0a8315

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://hearthealthtip.com/E035/css/combined.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:24 GMT
last-modified
Mon, 01 Jul 2019 16:57:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"fa128232e30d51:0"
status
200
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
350321
fa-solid-900.woff2
use.fontawesome.com/releases/v5.7.2/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2

Request headers

Sec-Fetch-Mode
cors
Referer
https://use.fontawesome.com/releases/v5.7.2/css/all.css
Origin
https://hearthealthtip.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:24 GMT
last-modified
Tue, 12 Feb 2019 16:49:29 GMT
server
NetDNA-cache/2.2
status
200
etag
"462806316fea535a6a57651bc2b000b0"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
74348
page
rs.fullstory.com/rec/ 		15 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: fullstory.com
URL: https://fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e714a123414245ff10cf0c0e4d2301965cd12643c56659c5534e8cc851251478
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Oct 2019 10:50:24 GMT
via
1.1 google
x-content-type-options
nosniff
status
202
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://hearthealthtip.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
15
expires
0
Cookie set logo.htm
ssl.kaptcha.com/ Frame 5C30
Redirect Chain
  • https://nutrinitycrm.limelightcrm.com/pixel.php?t=htm&campaign_id=18&sessionId=15706182238255
  • https://ssl.kaptcha.com/logo.htm?m=201228&s=15706182238255
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl.kaptcha.com/logo.htm?m=201228&s=15706182238255
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.100.148 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-209-100-148.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Host
ssl.kaptcha.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache no-store must-revalidate private
Content-Type
text/html
Expires
0
Pragma
no-cache
Set-Cookie
k=7f0d1bfc4f684570a52d7c22e3d3dffe; Path=/; Expires=Tue, 07 Jan 2020 10:50:25 GMT
Date
Wed, 09 Oct 2019 10:50:25 GMT
Transfer-Encoding
chunked

Redirect headers

status
302
date
Wed, 09 Oct 2019 10:50:24 GMT
content-type
text/html; charset=iso-8859-1
content-length
0
location
https://ssl.kaptcha.com/logo.htm?m=201228&s=15706182238255
server
Apache
strict-transport-security
max-age=63072000; includeSubdomains;
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-xss-protection
1; mode=block
x-content-type-options
nosniff
setbrowser.asp
hearthealthtip.com/api/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hearthealthtip.com/api/setbrowser.asp
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/includes/js/jquery-2.2.4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.106.86.69 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 09 Oct 2019 10:50:24 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
status
200
content-type
text/html
access-control-allow-origin
*
cache-control
private
content-length
0
visitorcount.asp
clients.thirdelementmarketing.com/api/ 		2 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clients.thirdelementmarketing.com/api/visitorcount.asp
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/includes/js/jquery-2.2.4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.56.9.112 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
35135aaa6cc23891b40cb3f378c53a17a1127210ce60e125ccf03efcfdaec458

Request headers

Accept
*/*
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 09 Oct 2019 10:50:24 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
status
200
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Content-Type
content-length
121
visitorcount-24.asp
clients.thirdelementmarketing.com/api/ 		4 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clients.thirdelementmarketing.com/api/visitorcount-24.asp
Requested by
Host: hearthealthtip.com
URL: https://hearthealthtip.com/includes/js/jquery-2.2.4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.56.9.112 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f9cd07ab404784867227e958c5ce8986361e5896dd6adf7d1d96c5f329c80bb5

Request headers

Accept
*/*
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 09 Oct 2019 10:50:24 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
status
200
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Content-Type
content-length
124
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
dis.aspx
dis.us.criteo.com/dis/ Frame 2E06 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.us.criteo.com/dis/dis.aspx?p=54343&cb=41931638356&ref=&sc_r=1600x1200&sc_d=24
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO - Criteo Corp., US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

:method
GET
:authority
dis.us.criteo.com
:scheme
https
:path
/dis/dis.aspx?p=54343&cb=41931638356&ref=&sc_r=1600x1200&sc_d=24
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
accept-encoding
gzip, deflate, br
cookie
uid=a32e990d-932b-4065-a200-77419d857e52
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=

Response headers

status
200
cache-control
no-cache
pragma
no-cache
content-type
text/html
content-encoding
gzip
expires
Mon, 26 Jul 1997 05:00:00 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
p3p
CP='CUR ADM OUR NOR STA NID'
timing-allow-origin
*
x-powered-by
ASP.NET
date
Wed, 09 Oct 2019 10:50:25 GMT
content-length
147
wistia-mux.js
fast.wistia.com/assets/external/ 		92 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/wistia-mux.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
450569dcdf61dc484066bc6e0ecee5fcdc8c2eea2dcdd0ae83c51ff1a6ff77fe
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:25 GMT
content-encoding
br
vary
Accept-Encoding
age
560
x-cache
HIT, HIT
status
200
content-length
24795
x-served-by
cache-sea1030-SEA, cache-hhn4080-HHN
access-control-allow-origin
*
x-browser-version
74
last-modified
Tue, 08 Oct 2019 17:32:20 GMT
x-timer
S1570618226.930313,VS0,VE0
etag
"5d9cc824-60db"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 52
play.gif
hearthealthtip.com/E035/images/ 		629 KB
629 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hearthealthtip.com/E035/images/play.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.106.86.69 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
12d78f9ecf11e55089b22160cdc64ed21b9a64190501f3d7acbc505cd9e8f283

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:25 GMT
last-modified
Mon, 01 Jul 2019 16:58:01 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"2a498b242e30d51:0"
status
200
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
643828
hls_video.js
fast.wistia.com/assets/external/engines/ 		284 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/engines/hls_video.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
87d615b2caabaa5c91f520cb62d9da82f1f23f8a12254a90f64c16ed05df6e74
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:26 GMT
content-encoding
br
vary
Accept-Encoding
age
559
x-cache
HIT, HIT
status
200
content-length
63691
x-served-by
cache-sea1043-SEA, cache-hhn4080-HHN
access-control-allow-origin
*
x-browser-version
74
last-modified
Tue, 08 Oct 2019 17:32:20 GMT
x-timer
S1570618226.192037,VS0,VE0
etag
"5d9cc824-f8cb"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 41
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
blank.gif
fast.wistia.com/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.wistia.com/assets/images/blank.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Sec-Fetch-Mode
cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
Origin
https://hearthealthtip.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:26 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
age
61761
x-cache
HIT, HIT
status
200
x-cache-hits
1, 3021
content-length
1214
x-served-by
cache-sea1042-SEA, cache-hhn4048-HHN
x-browser-version
74
last-modified
Tue, 08 Oct 2019 14:11:21 GMT
x-timer
S1570618226.266280,VS0,VE0
etag
"5d9c9909-4be"
strict-transport-security
max-age=0
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
f2a4bf204029b082192bb13df64395335b4aa3d4.bin
embedwistia-a.akamaihd.net/deliveries/ 		111 KB
111 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embedwistia-a.akamaihd.net/deliveries/f2a4bf204029b082192bb13df64395335b4aa3d4.bin
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-18.deploy.static.akamaitechnologies.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
c0cc490541ec82718d435c29669f8ec1ac15c9a69a83a704d0cf7d6ac4cd43d0

Request headers

Sec-Fetch-Mode
cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
PZUqs5bPB4vlIFaMLQR3zLaulsrFS6Ck
Access-Control-Request-Method
*
Last-Modified
Tue, 13 Nov 2018 18:36:39 GMT
Server
nginx/1.4.6 (Ubuntu)
Date
Wed, 09 Oct 2019 10:50:26 GMT
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Cache-Control
max-age=17565004
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
quic=":443"; v="44,43,39,46"; ma=3600
Content-Length
113487
X-Served-By
bakeryaws-breadroute-dosa,bakeryaws-prime-stryker
f2a4bf204029b082192bb13df64395335b4aa3d4.ts
embedwistia-a.akamaihd.net/deliveries/ 		447 KB
447 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embedwistia-a.akamaihd.net/deliveries/f2a4bf204029b082192bb13df64395335b4aa3d4.ts
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-18.deploy.static.akamaitechnologies.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
05962b1a36fc308b4aac815546dc3252803e830dbea6f9950bf4ba3322f6ae04

Request headers

Sec-Fetch-Mode
cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-457403

Response headers

x-amz-version-id
zzrF1zo9sSgzTONktjwUMvIbL.artjME
Access-Control-Request-Method
*
Content-Range
bytes 0-457403/173955460
Connection
keep-alive
Alt-Svc
quic=":443"; v="44,43,39,46"; ma=3600
Content-Length
457404
X-Served-By
bakeryaws-breadroute-sangak,bakeryaws-prime-lupa
Last-Modified
Tue, 13 Nov 2018 18:36:40 GMT
Server
nginx/1.4.6 (Ubuntu)
Date
Wed, 09 Oct 2019 10:50:26 GMT
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Cache-Control
max-age=17564782
Accept-Ranges
bytes
x
distillery.wistia.com/ 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.233.70 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-201-233-70.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 09 Oct 2019 10:50:26 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-origin
*
allIntegrations.js
fast.wistia.com/assets/external/ 		19 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/allIntegrations.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
f7c71bed9d4cec4c6765b50f29c5a1fd46edc707780039688b94c74fc2e1cdb3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 10:50:26 GMT
content-encoding
br
vary
Accept-Encoding
age
560
x-cache
HIT, HIT
status
200
content-length
4277
x-served-by
cache-sea1040-SEA, cache-hhn4080-HHN
access-control-allow-origin
*
x-browser-version
74
last-modified
Tue, 08 Oct 2019 17:32:20 GMT
x-timer
S1570618227.962993,VS0,VE0
etag
"5d9cc824-10b5"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3, 43
mput
pipedream.wistia.com/ 		2 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.89.139.175 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-89-139-175.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://hearthealthtip.com/E035/?clickid=91746113&utm_source=1487&utm_medium=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 09 Oct 2019 10:50:27 GMT
x-content-type-options
nosniff
status
200
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, OPTIONS
content-type
text/html;charset=utf-8
access-control-allow-origin
*
content-length
2
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| criteo_q string| deviceType boolean| _fs_debug string| _fs_host string| _fs_org string| _fs_namespace function| FS string| _fs_loaded function| _fs_shutdown object| Wistia string| _wistiaElemId object| _wq object| wistiaEmbeds object| wistiajsonp-/embed/medias/q4i3do16i2.jsonp function| $ function| jQuery object| $jscomp undefined| moveCarat function| showPrices function| resetCheckout function| updateInternational object| platform function| moment object| date number| year function| videoInit function| showForm

8 Cookies

Domain/Path Name / Value
hearthealthtip.com/ Name: __distillery
Value: 016701f_09a1d341-dd49-40bb-86e3-7b7b830311f1-0acb6d248-19e22571e488-1e2a
ssl.kaptcha.com/ Name: k
Value: 7f0d1bfc4f684570a52d7c22e3d3dffe
hearthealthtip.com/ Name: ASPSESSIONIDSGDCAQQC
Value: PAGPNDGBHFDIHLPFJEMGEBAL
.hearthealthtip.com/ Name: cto_lwid
Value: 90b80c79-e4fa-4ee6-af54-35121aa72d8b
hearthealthtip.com/ Name: hoclickid
Value: 102f657b450a9f1483bb4721cc714b
hearthealthtip.com/ Name: criteo_write_test
Value: ChUIBBINbXlHb29nbGVSdGJJZBgBIAE
hearthealthtip.com/ Name: clickid
Value: 91746113
hearthealthtip.com/ Name: visited
Value: Y

1 Console Messages

Source Level URL
Text
console-api log URL: https://c1.popads.net/pop.js(Line 44)
Message:
CI BAoAXZ265gFdnbtpgAGBAcAAILLUVzuQdTQYL_RvegU_la88uOnTRb15BIwaPXGMPCq-wQAggre29lub4tEELJxtravYor4DSzxombAcp1R8Sr8yjPnCACBBVhx0ObqCCK8HsmbpXmnrvQX0zlsbzLdeWxL3ZADMeMQAECoBBPgBklQUAAAAAAAAAALFABAEJoLtKUO1JHurajAqbt8pwwAgEjOMndLeldQNrTPAQMLyOkXO3zyRCKjrB3_RzkpqH_M

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
6.adsco.re
adsco.re
ajax.googleapis.com
apis.google.com
bit.do
bit.ly
c.adsco.re
c1.popads.net
cdnjs.cloudflare.com
clients.thirdelementmarketing.com
dis.us.criteo.com
distillery.wistia.com
embedwistia-a.akamaihd.net
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
fullstory.com
go.track3e.com
hearthealthtip.com
netdna.bootstrapcdn.com
newslistbloggr.blogspot.com
nutrinitycrm.limelightcrm.com
pipedream.wistia.com
resources.blogblog.com
rs.fullstory.com
serve.popads.net
ssl.kaptcha.com
sslwidget.criteo.com
static.criteo.net
use.fontawesome.com
www.blogger.com
www.gstatic.com
www.m859w.com
www.titanhoodanne.com
162.252.214.5
178.250.0.130
178.250.0.163
184.106.86.69
195.181.174.6
2.16.186.18
2001:4860:4802:32::15
2001:4de0:ac19::1:b:2a
216.21.13.11
23.111.9.35
23.244.64.192
2606:4700::6811:a6ba
2606:4700::6813:c797
2a00:1450:4001:808::200a
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:814::2001
2a00:1450:4001:815::200e
2a00:1450:4001:81a::2001
2a00:1450:4001:81d::2003
2a00:1450:4001:824::2009
2a04:4e42:1b::622
34.209.100.148
35.186.194.58
50.56.9.112
52.50.109.222
52.54.248.194
52.89.139.175
54.201.233.70
54.83.52.76
67.199.248.10
67.228.182.155
74.119.119.150
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
05962b1a36fc308b4aac815546dc3252803e830dbea6f9950bf4ba3322f6ae04
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
072136fd5772bc16b0d521f692b043d7f5874a96e5f7219819f9f12152577dc0
0a733c9a259685cf9a9816145434c0087227f35400e16208e7e63e58ccd44538
12d78f9ecf11e55089b22160cdc64ed21b9a64190501f3d7acbc505cd9e8f283
178c77e7ecf5fa181d5264f43afc1515a2dfe951e6533d4baa9ad4ba20f4f309
19245ee5c1e69930f70e00714627f390d2da5b58b03d3cedf6427ceab19af2d8
23d134012211f8a9138fc8732e555ac648417e3164df0d9e86e14b1a403cfc08
279404e1a6a9ca3eab11b3020ce76bb75a12846e86cdd103cafb2d3f71cc8efb
35135aaa6cc23891b40cb3f378c53a17a1127210ce60e125ccf03efcfdaec458
39b69e428019dd0e7d1bd2a508b0357ff17480743d8e3deeed59afb120b0781b
39feb9c90cb96823a4e0e3459c05b7f2b4d2ff5b4fb045817aeaa72482390e68
3c500dcfdbe3911c8a494fd1aab2e6c77b4eafcc9fee831b1fa09e628639e1e4
450569dcdf61dc484066bc6e0ecee5fcdc8c2eea2dcdd0ae83c51ff1a6ff77fe
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
54c41e3a6e2d57f9f96047f3c3799f3ee126051031bbcdbe698198c92ef94522
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
54e0aae46d513f115715425b377e162a46ddf966d17372b3b8e0019db0dbcd71
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
704517884e488215c0037e7800a1b041d09b9f35be471994446fa687bc0a8315
70bdbaaa73835a346a90ca5dbc6a7095eca07d647c0eea568a60228660fe587e
7eaf72909f5fdb91f51856e148c1deb0830ad30c8d14affa218a4433058c2ba0
8178ee3529043afe4e747a2a7a61a1ee69a1656067f76da83345dbf70c04d570
8690355c3d50a25bfb190e56725ff3e7cdd004bb914dea01a17d86780f54e5a5
87d615b2caabaa5c91f520cb62d9da82f1f23f8a12254a90f64c16ed05df6e74
8829ba1adf6b346393c64c9736c047edefe906ea85ad5919546dcd7db00e0061
8e09aa31f396ea41d698f437dc5fc7125e931d400eb2873f5b68ef78c1e6f3a6
8e225a9b001c124d9188dc28ca03177261e8439b2eedd57426a89669ef876679
9c01f84981114465e29a28d6d6694ac47ab96b6a0f9a27bff523c24797dd85ec
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9c695acb1fb9e1a8739e6ae5621d41fc1ff3d13bbf370ea9c1fc95e879109890
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a449696c6de7bd903b361a937a4a0c608b96157f4d9e7dcb179811ea1851a1b1
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
ad6d3a7546fb711e4d1574d37cd922b7a5b875d61cd23e0f10326172fdcb5413
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
c0cc490541ec82718d435c29669f8ec1ac15c9a69a83a704d0cf7d6ac4cd43d0
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d33eb34749bbd01fce72b51574d57ed7446a5daa14c3072bfd150b8829ebf017
d4cd0793770cdc3a88d0960bb1655ea2fab4b6f828bdb6a31f90bce008a9ed01
d539a910089008f073b426d44a496f1952ba01b9ff018425c18d21bea42aa128
d996e8927ae45383450bd8314f8bc89259a528aaa698231fe91d2295872d0496
dcf862e92116e6b774828b2c467d2060a970d12a4c4e8d4cb64cfe35e6d9f63c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e714a123414245ff10cf0c0e4d2301965cd12643c56659c5534e8cc851251478
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efebab702aff9c631113bf0c6286986ada740717034af9c0ad64698203b21d07
f305452ed13912ed36d9a1a0577b4211fd4e4cc6aea2a7d7a78ea1a601208a20
f3ecf246e6f78dea05761ffbbbcb95861d3cbeff7fb4ffa2d2c973779b9a2e05
f6af597f12f893bc3d9fa48198805640843e40a1424788afcce9227989685b90
f7c71bed9d4cec4c6765b50f29c5a1fd46edc707780039688b94c74fc2e1cdb3
f9cd07ab404784867227e958c5ce8986361e5896dd6adf7d1d96c5f329c80bb5