www.heathmankirkland.com Open in urlscan Pro
52.70.215.199 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.heathmankirkland.com/
Submission Tags: krdtest
Submission: On May 22 via api (May 22nd 2021, 2:53:02 pm UTC) from JP

Summary HTTP 151 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 41 IPs in 5 countries across 31 domains to perform 151 HTTP transactions. The main IP is 52.70.215.199, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.heathmankirkland.com.
TLS certificate: Issued by R3 on May 16th 2021. Valid for: 3 months.

This is the only time www.heathmankirkland.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	52.70.215.199 52.70.215.199	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
7	54.192.219.50 54.192.219.50	16509 (AMAZON-02) (AMAZON-02)
2	2.17.181.202 2.17.181.202	16625 (AKAMAI-AS) (AKAMAI-AS)
9	54.192.219.125 54.192.219.125	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f21... 2a03:2880:f218:ca:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	18.205.18.241 18.205.18.241	14618 (AMAZON-AES) (AMAZON-AES)
22	2606:4700:20:... 2606:4700:20::ac43:60e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	104.111.214.240 104.111.214.240	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:21f... 2600:9000:21f3:d400:5:ce21:340:93a1	16509 (AMAZON-02) (AMAZON-02)
2	178.62.192.243 178.62.192.243	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1 6	2a02:26f0:6c0... 2a02:26f0:6c00::210:baf3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.192.219.116 54.192.219.116	16509 (AMAZON-02) (AMAZON-02)
14 17	54.171.41.181 54.171.41.181	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	54.192.219.34 54.192.219.34	16509 (AMAZON-02) (AMAZON-02)
1	54.230.108.156 54.230.108.156	16509 (AMAZON-02) (AMAZON-02)
1	52.84.49.97 52.84.49.97	16509 (AMAZON-02) (AMAZON-02)
1	52.59.28.101 52.59.28.101	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	18.158.81.184 18.158.81.184	16509 (AMAZON-02) (AMAZON-02)
1 2	52.29.176.117 52.29.176.117	16509 (AMAZON-02) (AMAZON-02)
1 2	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
151	41

32 52.70.215.199 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: cms.letgroup.com

www.heathmankirkland.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.192.219.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-219-50.mrs52.r.cloudfront.net

cdn.letgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.17.181.202 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-181-202.deploy.static.akamaitechnologies.com

cdn.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.192.219.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-219-125.mrs52.r.cloudfront.net

images.letgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f218:ca:face:b00c:0:43fe (United States)

ASN32934 (FACEBOOK, US)

scontent-atl3-2.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.205.18.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-18-241.compute-1.amazonaws.com

api.stashrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.stashrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:20::ac43:60e4 (United States)

ASN13335 (CLOUDFLARENET, US)

b-tiles.locationiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c-tiles.locationiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a-tiles.locationiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.214.240 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-240.deploy.static.akamaitechnologies.com

www.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:d400:5:ce21:340:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.stashrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.62.192.243 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

hits-i.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00::210:baf3 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.219.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-219-116.mrs52.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 54.171.41.181 (Dublin, Ireland) 14 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-41-181.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.219.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-219-34.mrs52.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.108.156 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-108-156.mrs52.r.cloudfront.net

d3rg1399pygx85.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.49.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-49-97.mrs52.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.28.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-28-101.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.81.184 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.176.117 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-176-117.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.45 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	heathmankirkland.com 1 redirects www.heathmankirkland.com	1 MB
22	adroll.com 14 redirects s.adroll.com d.adroll.com	29 KB
22	locationiq.com b-tiles.locationiq.com a-tiles.locationiq.com Failed c-tiles.locationiq.com Failed	857 KB
16	letgroup.com cdn.letgroup.com images.letgroup.com	2 MB
6	cdninstagram.com scontent-atl3-2.cdninstagram.com	2 MB
5	iubenda.com cdn.iubenda.com www.iubenda.com hits-i.iubenda.com	71 KB
4	stashrewards.com api.stashrewards.com www.stashrewards.com images.stashrewards.com	49 KB
4	facebook.net connect.facebook.net	192 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	3 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	62 KB
3	google.com 1 redirects www.google.com	257 B
3	facebook.com www.facebook.com	323 B
3	google-analytics.com www.google-analytics.com ssl.google-analytics.com	36 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	151 KB
2	openx.net 1 redirects us-u.openx.net	480 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net	875 B
2	3lift.com 1 redirects eb2.3lift.com	735 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	google.de www.google.de	216 B
2	gstatic.com fonts.gstatic.com www.gstatic.com	66 KB
2	googletagmanager.com www.googletagmanager.com	95 KB
1	taboola.com sync.taboola.com	220 B
1	yahoo.com ads.yahoo.com	446 B
1	pubmatic.com simage2.pubmatic.com	548 B
1	outbrain.com sync.outbrain.com	477 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	advertising.com pixel.advertising.com	125 B
1	cloudfront.net d3rg1399pygx85.cloudfront.net	362 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	136 B
1	googleadservices.com www.googleadservices.com	14 KB
151	31

	Domain	Requested by
32	www.heathmankirkland.com	1 redirects www.heathmankirkland.com
16	d.adroll.com	13 redirects
9	images.letgroup.com	www.heathmankirkland.com
8	b-tiles.locationiq.com	www.heathmankirkland.com
7	c-tiles.locationiq.com	www.heathmankirkland.com
7	a-tiles.locationiq.com	www.heathmankirkland.com
7	cdn.letgroup.com	www.heathmankirkland.com
6	s.adroll.com	1 redirects www.googletagmanager.com s.adroll.com d.adroll.com
6	scontent-atl3-2.cdninstagram.com	www.heathmankirkland.com
4	connect.facebook.net	www.heathmankirkland.com connect.facebook.net d.adroll.com
3	www.google.com	1 redirects
3	www.facebook.com	www.heathmankirkland.com
2	us-u.openx.net	1 redirects
2	ib.adnxs.com	1 redirects
2	x.bidswitch.net	1 redirects
2	eb2.3lift.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	www.google.de
2	googleads.g.doubleclick.net	www.googleadservices.com
2	hits-i.iubenda.com	cdn.iubenda.com
2	www.stashrewards.com	api.stashrewards.com www.heathmankirkland.com
2	www.google-analytics.com	www.googletagmanager.com www.stashrewards.com
2	www.googletagmanager.com	www.heathmankirkland.com www.stashrewards.com
2	ajax.googleapis.com	www.heathmankirkland.com
2	cdn.iubenda.com	www.heathmankirkland.com cdn.iubenda.com
1	cm.g.doubleclick.net	1 redirects
1	sync.taboola.com
1	ads.yahoo.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	pixel.rubiconproject.com
1	pixel.advertising.com
1	vars.hotjar.com	static.hotjar.com
1	d3rg1399pygx85.cloudfront.net
1	script.hotjar.com	static.hotjar.com
1	d.adroll.mgr.consensu.org	1 redirects
1	static.hotjar.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	ssl.google-analytics.com	www.googletagmanager.com
1	www.gstatic.com	www.stashrewards.com
1	images.stashrewards.com	www.heathmankirkland.com
1	www.iubenda.com	cdn.iubenda.com
1	api.stashrewards.com	www.heathmankirkland.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.heathmankirkland.com
151	45

This site contains links to these domains. Also see Links.

Domain
gc.synxis.com
www.hearthkirkland.com
leafletjs.com
locationiq.com
www.openstreetmap.org
www.instagram.com
columbiahospitality.com
www.columbiahospitality.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
heathmankirkland.com R3	`2021-05-16` - `2021-08-14`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
cdn.letgroup.com Amazon	`2020-12-14` - `2022-01-12`	a year	crt.sh
www.iubenda.com DigiCert SHA2 Secure Server CA	`2021-03-26` - `2022-03-31`	a year	crt.sh
images.letgroup.com Amazon	`2021-02-08` - `2022-03-09`	a year	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-03-21` - `2021-06-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.stashrewards.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-08` - `2022-02-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-19` - `2021-07-19`	a year	crt.sh
*.iubenda.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-31` - `2022-01-30`	2 years	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
adroll.com R3	`2021-03-30` - `2021-06-28`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-03-01` - `2021-08-24`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-11` - `2021-06-30`	2 months	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.heathmankirkland.com/
Frame ID: 6BB21F85DA384800B02DFF525A73DCEC
Requests: 112 HTTP requests in this frame

Frame: https://www.stashrewards.com//stash-partner-widget-track?url_key=the-heathman-hotel&sw_action=Load
Frame ID: 7895DAC4ED55DEAE03CCE44F60F492E6
Requests: 38 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: D313638EC1D61EB062DFD7FC9FFB2A14
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

151
Requests

87 %
HTTPS

41 %
IPv6

31
Domains

45
Subdomains

41
IPs

5
Countries

6183 kB
Transfer

7967 kB
Size

3
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://gc.synxis.com/rez.aspx?arrive=Arrival&depart=Departure&Hotel=7832&Chain=8517
Title: Book Now

Search URL Search Domain Scan URL

URL: https://gc.synxis.com/rez.aspx?Hotel=7832&Chain=8517&template=RBE&shell=RBE
Title: Book Now Best Rate Guaranteed

Search URL Search Domain Scan URL

URL: https://www.hearthkirkland.com/
Title: Hearth is open for dine-in service and takeout

Search URL Search Domain Scan URL

URL: http://leafletjs.com/
Title: Leaflet

Search URL Search Domain Scan URL

URL: https://locationiq.com/?ref=maps
Title: LocationIQ Maps

Search URL Search Domain Scan URL

URL: https://www.openstreetmap.org/copyright
Title: OpenStreetMap

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heathmanhotel
Title:

Search URL Search Domain Scan URL

URL: http://columbiahospitality.com/careers.php
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.columbiahospitality.com/terms.php
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.columbiahospitality.com/privacy.php
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/heathmanhotel
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/HeathmanHotel
Title: Google Plus

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heathmanhotel/
Title: Instagram

Search URL Search Domain Scan URL

URL: http://www.columbiahospitality.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://www.heathmankirkland.com/styles/images/ajax-loader.gif HTTP 302
https://www.heathmankirkland.com/404.php

Request Chain 112

https://www.google.com/jsapi HTTP 301
https://www.gstatic.com/charts/loader.js

Request Chain 120

https://s.adroll.com/j/exp/VKLGJLIDLZBGNADP7CU6FN/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 122

https://d.adroll.mgr.consensu.org/consent/iabcheck/VKLGJLIDLZBGNADP7CU6FN?_s=11c0e507250992d6baa8781614cb97b3&_b=2 HTTP 302
https://d.adroll.com/consent/check/VKLGJLIDLZBGNADP7CU6FN/?_s=11c0e507250992d6baa8781614cb97b3&_b=2

Request Chain 129

https://d.adroll.com/pixel/VKLGJLIDLZBGNADP7CU6FN/7CNCURWV7BFGVFSUPIWCAZ?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&no-cookies=1&pv=82059083691.6937&adroll_s_ref=https%3A//www.heathmankirkland.com/&keyw= HTTP 302
https://s.adroll.com/pixel/VKLGJLIDLZBGNADP7CU6FN/7CNCURWV7BFGVFSUPIWCAZ/FQ6DK4UAOZCKRHZVVY7LW4.js

Request Chain 135

https://d.adroll.com/cm/aol/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7CU6FN HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 136

https://d.adroll.com/cm/index/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7CU6FN HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&expiration=1653231163 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&expiration=1653231163&C=1

Request Chain 137

https://d.adroll.com/cm/n/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7CU6FN HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&expires=365

Request Chain 138

https://d.adroll.com/cm/outbrain/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7CU6FN HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA

Request Chain 139

https://d.adroll.com/cm/pubmatic/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7CU6FN HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 140

https://d.adroll.com/cm/r/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7CU6FN HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 141

https://d.adroll.com/cm/taboola/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7CU6FN HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA

Request Chain 142

https://d.adroll.com/cm/triplelift/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7CU6FN HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

Request Chain 143

https://d.adroll.com/cm/b/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7CU6FN HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA

Request Chain 144

https://d.adroll.com/cm/x/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7CU6FN HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA

Request Chain 146

https://d.adroll.com/cm/o/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7CU6FN HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=8d7164c7760876975ae96375132aa280 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=8d7164c7760876975ae96375132aa280

Request Chain 147

https://d.adroll.com/cm/g/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7CU6FN&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=jXFkx3YIdpda6WN1EyqigA HTTP 302
https://d.adroll.com/cm/g/in

151 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.heathmankirkland.com/ 26 KB
8 KB 545ms
138ms Document
text/html 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

0310e962f0ff651e988b5e1d9483a71f9c8de4772538df6cf81e1b68449acd8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.heathmankirkland.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=0
Expires: Sat, 22 May 2021 14:52:41 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
X-Frame-Options: SAMEORIGIN
Content-Length: 7928
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK normalize.css
www.heathmankirkland.com/styles/ 8 KB
3 KB 145ms
142ms Stylesheet
text/css 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heathmankirkland.com/styles/normalize.css

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

635065c51102696bb7398e1f7b4cd14b3a9e39c15958c6115d3917a7022f09ce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.heathmankirkland.com/
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 30 Oct 2017 14:55:07 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 2177
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H/1.1 200
OK handsome.css
www.heathmankirkland.com/styles/ 9 KB
3 KB 280ms
135ms Stylesheet
text/css 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heathmankirkland.com/styles/handsome.css

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

8ede71cdcb63e6a5d860c180f3406f610614fd81948bfdc0c222c15de0c46de8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.heathmankirkland.com/
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 06 Nov 2017 02:19:44 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 2325
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H/1.1 200
OK jquery-ui.css
www.heathmankirkland.com/styles/ 35 KB
8 KB 402ms
135ms Stylesheet
text/css 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heathmankirkland.com/styles/jquery-ui.css

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

2ac1587499515471702f1cae341fa42f1f8ee62ff77223093b9aa83da87c7a1e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.heathmankirkland.com/
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 30 Oct 2017 01:51:46 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 8123
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H/1.1 200
OK styles.css
www.heathmankirkland.com/styles/ 37 KB
7 KB 404ms
136ms Stylesheet
text/css 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heathmankirkland.com/styles/styles.css

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

b918dcb79e5b54685932e4d5d6779576ba984297e59ea78d0e10cb6bcba18fb9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.heathmankirkland.com/
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 05 Mar 2020 16:03:33 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 7004
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H/1.1 200
OK slick.css
www.heathmankirkland.com/styles/ 4 KB
2 KB 405ms
135ms Stylesheet
text/css 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heathmankirkland.com/styles/slick.css

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

29bd8abfedc6d23a972eff46e67598978d839c4c403d52956b2a3e89426a3289

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.heathmankirkland.com/
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 16 Nov 2017 18:57:43 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 1253
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
718 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,500,600,700,900

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0a1716af6fc79ca34b42aec633f26f8c179fa8615ca0b32e096d1aa890923052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 22 May 2021 14:52:41 GMT
server: ESF
date: Sat, 22 May 2021 14:52:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 May 2021 14:52:41 GMT

GET
H/1.1 200
OK css3-mediaqueries.js Show response
cdn.letgroup.com/shared/scripts/ 16 KB
6 KB 227ms
70ms Script
application/x-javascript 54.192.219.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.letgroup.com/shared/scripts/css3-mediaqueries.js
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-50.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c4b649fa77e9c9a343c213f48930595040d5f257ab55dd8f714ec12893be4a2

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 17:54:34 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 11 Aug 2016 19:08:48 GMT
Server: AmazonS3
Age: 2062688
ETag: W/"061595536862b4bdaf25cf5927d98270"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 876d78271929a83070970f4d8906b685.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: MRS52-P2
X-Amz-Cf-Id: ZcT5XXnDyBjlnYKDP0awRCz2iOdpuQNgiHGOzKjDElupPbLc1I0xiA==

GET
H/1.1 200
OK modernizr.js Show response
cdn.letgroup.com/shared/scripts/ 14 KB
6 KB 225ms
68ms Script
application/x-javascript 54.192.219.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.letgroup.com/shared/scripts/modernizr.js
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-50.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da9f4f91dff5332a6f337ebfa9830b1f9a306528c137e0be3dfbbba7dde487d1

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 07:05:48 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 11 Aug 2016 19:04:55 GMT
Server: AmazonS3
Age: 2447214
ETag: W/"f700071fecb87d88a9fc86320d260ffc"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 ab94358e0d2d36f8b4f6ff94645b8b39.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: MRS52-P2
X-Amz-Cf-Id: 8ByKXMfY1hE9b6TG57pTgmK9zpWNur9AUr3oouGxGxTRYXH8wSC3uA==

GET
H/1.1 200
OK gdpr-iubenda.css
www.heathmankirkland.com/styles/ 11 KB
2 KB 410ms
133ms Stylesheet
text/css 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heathmankirkland.com/styles/gdpr-iubenda.css

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

5d77c04ce5f7d16a20eaeee40ff8725c3ed08859a277d00fceeaf48582d16465

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.heathmankirkland.com/
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 09 Sep 2019 17:40:18 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 2032
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H2 200 iubenda_cs.js Show response
cdn.iubenda.com/cs/ 451 B
604 B 196ms
63ms Script
application/javascript 2.17.181.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.181.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-181-202.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 68e72afc5b1e5d0f54027d8591e645baf91115f416e105a600d52f46baace183

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 14:52:41 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 13:43:29 GMT
etag: "60a27301-14e"
vary: Accept-Encoding
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: public, must-revalidate, proxy-revalidate, max-age=10800
content-type: application/javascript
content-length: 334
expires: Sat, 22 May 2021 17:52:41 GMT

GET
H/1.1 200
OK nivo.theme.comb.3.0.1.min.css
cdn.letgroup.com/shared/styles/nivo/nivo-slider-themes/default/ 4 KB
2 KB 217ms
66ms Stylesheet
text/css 54.192.219.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.letgroup.com/shared/styles/nivo/nivo-slider-themes/default/nivo.theme.comb.3.0.1.min.css
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-50.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62e00bc145f784101aa0f9daabc8e78406cffc893cfd7122e068b3d7caf42a1d

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 02:15:25 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 07 Jan 2020 23:22:48 GMT
Server: AmazonS3
Age: 1946236
ETag: W/"726eaaad3c8f6b6119b95bd94d007ba5"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 c5e5a9ddc16b995cc90319b13f316f59.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: MRS52-P2
X-Amz-Cf-Id: WbFQGUrHUtb8xHAJApqEVxZRZ-oBDxs1xjYwqILOuK090I3P2WyzAg==

GET
H/1.1 200
OK leaflet.all.min.css
cdn.letgroup.com/shared/styles/ 12 KB
3 KB 218ms
66ms Stylesheet
text/css 54.192.219.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.letgroup.com/shared/styles/leaflet.all.min.css
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-50.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 151833621a443f532f1d84e6b887cbe38ed5f7c73af7a1c2d8b887d7e4e4fa54

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 23:16:35 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 29 Mar 2021 17:14:42 GMT
Server: AmazonS3
Age: 1956967
ETag: W/"7d94026df04f13236fe2345e0f3d21e8"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 c76130909cba12f494ee98f488e40753.cloudfront.net (CloudFront)
Cache-Control: public, max-age=2592000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: MRS52-P2
X-Amz-Cf-Id: TDHtvZ3Ot3IRtTLrvBDZUVfjY5zZSM0pCRtSG0egLy6d0M_yqcYDAw==

GET
H/1.1 200
OK ico-calendar.png
www.heathmankirkland.com/images/ 5 KB
5 KB 337ms
133ms Image
image/png 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heathmankirkland.com/images/ico-calendar.png

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

ba72aa8d20da5f4a022bd74429ef856032644e5752b4e06794a2543723fc4917

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.heathmankirkland.com/
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 30 Oct 2017 05:56:50 GMT
Server: Apache
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 4773
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H/1.1 200
OK cmsimg_1513193195.jpg
www.heathmankirkland.com/images/ 29 KB
29 KB 450ms
231ms Image
image/jpeg 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heathmankirkland.com/images/cmsimg_1513193195.jpg

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

a20db50ac4bc386912cd76e4b625051de283a111a7112fb2b1d1725a8d52ae51

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.heathmankirkland.com/
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 13 Dec 2017 19:28:32 GMT
Server: Apache
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 29667
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H/1.1 200
OK cmsimg_1517327900.jpg
www.heathmankirkland.com/images/ 28 KB
29 KB 223ms
132ms Image
image/jpeg 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heathmankirkland.com/images/cmsimg_1517327900.jpg

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

28f4c08ca6439c25758775e1d0b94191a2b933aed279ba3124a893c4a9c17b62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.heathmankirkland.com/
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 30 Jan 2018 16:00:22 GMT
Server: Apache
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 29161
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H/1.1 200
OK cmsimg_1559345276.jpg
www.heathmankirkland.com/images/ 11 KB
12 KB 232ms
139ms Image
image/jpeg 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heathmankirkland.com/images/cmsimg_1559345276.jpg

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

8ddc0f3bbeb22aba504dd2b880f6435487db56e78dd1c1abc680ff213cc5000b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.heathmankirkland.com/
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 31 May 2019 23:24:17 GMT
Server: Apache
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 11369
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H/1.1 200
OK cmsimg_1519338223.jpg
www.heathmankirkland.com/images/ 8 KB
8 KB 350ms
129ms Image
image/jpeg 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heathmankirkland.com/images/cmsimg_1519338223.jpg

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

bd23fb9303c41a26d8ef6bffc72e7098f3f65b97657b9779ab217e168d05aea4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.heathmankirkland.com/
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 22 Feb 2018 22:25:31 GMT
Server: Apache
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 7709
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H/1.1 200
OK cmsimg_1522972152.jpg
www.heathmankirkland.com/images/ 5 KB
5 KB 373ms
140ms Image
image/jpeg 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heathmankirkland.com/images/cmsimg_1522972152.jpg

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

8e2e8ca04bcd842a6303403f9cbcc2d30b7f9b0e75889c8e0a88ca2ae0f61258

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.heathmankirkland.com/
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 05 Apr 2018 23:50:32 GMT
Server: Apache
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 4672
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H/1.1 200
OK cmsimg_1513193330.jpg
www.heathmankirkland.com/images/ 9 KB
9 KB 221ms
130ms Image
image/jpeg 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heathmankirkland.com/images/cmsimg_1513193330.jpg

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

03cad5c91900db734321056ed6011dc78c2458a1e826e4fd81fbe122e4d97245

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.heathmankirkland.com/
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 13 Dec 2017 19:30:47 GMT
Server: Apache
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 8773
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H2 200 cmsimg_1517425358.jpg
images.letgroup.com/PtDlANNgVr/ 24 KB
24 KB 480ms
356ms Image
image/jpeg 54.192.219.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.letgroup.com/PtDlANNgVr/cmsimg_1517425358.jpg
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-125.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b41707f02060644a84a91e0f7007312171369e93a0fdca3f14c1b5f243fbde87

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 12:00:33 GMT
via: 1.1 5fd865e604cad30b24a805ca3b6d4048.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2018 19:02:39 GMT
server: AmazonS3
age: 874329
etag: "d4a2b9db4e8fd2079a2783c19b675073"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: MRS52-P2
accept-ranges: bytes
content-length: 24434
x-amz-cf-id: -wY77aTT4IoKBWgsVSQK16PKvlFgvjqmauTy9SiXjOz5PA252Fxeqg==

GET
H2 200 cmsimg_1517425359.jpg
images.letgroup.com/PtDlANNgVr/ 25 KB
25 KB 521ms
397ms Image
image/jpeg 54.192.219.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.letgroup.com/PtDlANNgVr/cmsimg_1517425359.jpg
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-125.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e5735ee52fe811804caf77fad6a87dd82c827a9a0735ada1933f52ccf787f5b

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:55:37 GMT
via: 1.1 5fd865e604cad30b24a805ca3b6d4048.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2018 19:02:41 GMT
server: AmazonS3
age: 2221025
etag: "86201ae944d3365346a31c5af08bb6d2"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: MRS52-P2
accept-ranges: bytes
content-length: 25161
x-amz-cf-id: LdQqJ4EbQw6bidAgsmb6gTh5G1jhwDInfIe4xC51EyYc6aTbDHvCBQ==

GET
H2 200 cmsimg_1517425360.jpg
images.letgroup.com/PtDlANNgVr/ 73 KB
73 KB 393ms
393ms Image
image/jpeg 54.192.219.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.letgroup.com/PtDlANNgVr/cmsimg_1517425360.jpg
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-125.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2d8d39504ba387e526bfabcc22faf2a69e0ce22cd22e8f3a7c245b965ab20c0

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:55:37 GMT
via: 1.1 5fd865e604cad30b24a805ca3b6d4048.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2018 19:02:41 GMT
server: AmazonS3
age: 2221025
etag: "25509714a5075578b66c066b5a53b488"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: MRS52-P2
accept-ranges: bytes
content-length: 74523
x-amz-cf-id: UcAh9oRDldR5Eeri_IIXRBEqC2o9xkESg0mq459XbL1lHxLiSqHpJA==

GET
H2 200 186268030_786353872243031_7184560329453616477_n.jpg
scontent-atl3-2.cdninstagram.com/v/t51.2885-15/ 317 KB
317 KB 418ms
211ms Image
image/jpeg 2a03:2880:f218:ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/186268030_786353872243031_7184560329453616477_n.jpg?_nc_cat=107&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=F5bM6OSlCzIAX8KRMpN&_nc_ht=scontent-atl3-2.cdninstagram.com&oh=aff5ccc4f179b0468204f9644e1689e3&oe=60CD0583
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f218:ca:face:b00c:0:43fe , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 14a1aa553cf13657abc505b7e0b54d42a85db4d33eb3128a78cae73e840fa96f

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2062105105
date: Sat, 22 May 2021 14:52:42 GMT
x-fb-trip-id: 19638678
last-modified: Thu, 13 May 2021 21:00:25 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3491441499
x-fb-config-version-olb-prod: b8b91be5952c4c26b0586141826eca72
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 324610

GET
H2 200 181638996_880873882460041_6799231045104897997_n.jpg
scontent-atl3-2.cdninstagram.com/v/t51.2885-15/ 366 KB
366 KB 419ms
212ms Image
image/jpeg 2a03:2880:f218:ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/181638996_880873882460041_6799231045104897997_n.jpg?_nc_cat=100&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=XarqEYAGsX8AX__oMjD&_nc_ht=scontent-atl3-2.cdninstagram.com&oh=68c058d50bdb133cf9bbf2f10c315edb&oe=60CE7B62
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f218:ca:face:b00c:0:43fe , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 94f92e67cec385bc8a0d121a0f4663d51c67b48ad11e24bb0ad7bfcbfd86b11d

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2644143030
date: Sat, 22 May 2021 14:52:42 GMT
x-fb-trip-id: 19638678
last-modified: Wed, 05 May 2021 19:00:51 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3206161663
x-fb-config-version-olb-prod: b8b91be5952c4c26b0586141826eca72
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 374390

GET
H2 200 180693815_105188948312440_1009391210781523103_n.jpg
scontent-atl3-2.cdninstagram.com/v/t51.2885-15/ 59 KB
59 KB 295ms
109ms Image
image/jpeg 2a03:2880:f218:ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/180693815_105188948312440_1009391210781523103_n.jpg?_nc_cat=108&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=6-4q5S8ovysAX8z5Nnq&_nc_ht=scontent-atl3-2.cdninstagram.com&oh=f913cf206f367e697a5aee1ff1b36ba8&oe=60CD8E7A
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f218:ca:face:b00c:0:43fe , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 149b17171b672e6a0b3761146c54a367756aa68a3c5c2fffa3ac0bce05b5a185

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2342256699
date: Sat, 22 May 2021 14:52:42 GMT
x-fb-trip-id: 19638678
last-modified: Mon, 03 May 2021 19:01:11 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2244603111
x-fb-config-version-olb-prod: b8b91be5952c4c26b0586141826eca72
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60093

GET
H2 200 179657540_386814155735590_7017935703511376727_n.jpg
scontent-atl3-2.cdninstagram.com/v/t51.2885-15/ 159 KB
159 KB 395ms
212ms Image
image/jpeg 2a03:2880:f218:ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/179657540_386814155735590_7017935703511376727_n.jpg?_nc_cat=106&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=92R1U9GRxIsAX_0qyiO&_nc_ht=scontent-atl3-2.cdninstagram.com&oh=e991a88ac2a526fbe2ed447326ea40e5&oe=60CDFB33
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f218:ca:face:b00c:0:43fe , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 9ef9d4ac9dc25de66da2bba338c3b6a70a9d2fdf5d5c913db32b87992213aa31

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2322656286
date: Sat, 22 May 2021 14:52:42 GMT
x-fb-trip-id: 19638678
last-modified: Fri, 30 Apr 2021 21:00:51 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3545616128
x-fb-config-version-olb-prod: b8b91be5952c4c26b0586141826eca72
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 162435

GET
H2 200 179402360_856153791604447_4146812446890391471_n.jpg
scontent-atl3-2.cdninstagram.com/v/t51.2885-15/ 363 KB
363 KB 392ms
212ms Image
image/jpeg 2a03:2880:f218:ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/179402360_856153791604447_4146812446890391471_n.jpg?_nc_cat=109&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=si75xSIffAMAX8lsrwy&_nc_ht=scontent-atl3-2.cdninstagram.com&oh=1318e4ba3cb4aa4210d7c0b24e1fcbed&oe=60CF5810
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f218:ca:face:b00c:0:43fe , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 1cd01d4d60b7aabd2b847b264efc35d22520301803a5dde3c2ea495f93c30817

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1278384594
date: Sat, 22 May 2021 14:52:42 GMT
x-fb-trip-id: 19638678
last-modified: Thu, 29 Apr 2021 19:01:05 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 259460288
x-fb-config-version-olb-prod: b8b91be5952c4c26b0586141826eca72
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 371674

GET
H2 200 178322598_2036797129809834_1370472698474521513_n.jpg
scontent-atl3-2.cdninstagram.com/v/t51.2885-15/ 472 KB
472 KB 392ms
212ms Image
image/jpeg 2a03:2880:f218:ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/178322598_2036797129809834_1370472698474521513_n.jpg?_nc_cat=101&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=YEls7jO8hLQAX8UTWqn&_nc_ht=scontent-atl3-2.cdninstagram.com&oh=2b0310dbf9cc442c0ea771bf99573440&oe=60CD3A22
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f218:ca:face:b00c:0:43fe , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6fdc38d8799fd45ba7c3ba449dcf072c190cdb6ddc8d362aa816521884c9e478

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2218662112
date: Sat, 22 May 2021 14:52:42 GMT
x-fb-trip-id: 19638678
last-modified: Tue, 27 Apr 2021 19:01:17 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3655496773
x-fb-config-version-olb-prod: f505330fc78246408a01bc4714b0d909
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 483393

GET
H/1.1 200
OK logo-footer-ch.png
www.heathmankirkland.com/images/ 6 KB
6 KB 130ms
130ms Image
image/png 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heathmankirkland.com/images/logo-footer-ch.png

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

344d2af27bd7a738af225dcf8553806c46d9dc889a332420847cc7de475b0ebd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.heathmankirkland.com/
Cookie: _ga_JVRMXDJV94=GS1.1.1621695162.1.0.1621695162.0; _ga=GA1.1.158499224.1621695162; _fbp=fb.1.1621695162050.548232059
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:42 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sat, 28 Oct 2017 08:17:47 GMT
Server: Apache
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 5965
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:42 GMT

GET
H/1.1 200
OK logo-footer-stash.png
www.heathmankirkland.com/images/ 4 KB
4 KB 126ms
125ms Image
image/png 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heathmankirkland.com/images/logo-footer-stash.png

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

e25c0895a29e277cdb98d897fca616f714ca5e81b84c0b3d3fab4ea00e83d853

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.heathmankirkland.com/
Cookie: _ga_JVRMXDJV94=GS1.1.1621695162.1.0.1621695162.0; _ga=GA1.1.158499224.1621695162; _fbp=fb.1.1621695162050.548232059
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:42 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 07 May 2019 23:29:58 GMT
Server: Apache
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 3603
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:42 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
91 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 10:52:43 GMT
x-content-type-options: nosniff
age: 14398
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93100
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 May 2022 10:52:43 GMT

GET
H3-29 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/ 223 KB
59 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 13:48:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 349426
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60529
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 May 2022 13:48:55 GMT

GET
H/1.1 200
OK jquery.migrate.js Show response
cdn.letgroup.com/shared/scripts/ 17 KB
6 KB 69ms
64ms Script
application/javascript 54.192.219.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.letgroup.com/shared/scripts/jquery.migrate.js
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-50.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c89cd7ab35c0781b8f0cd7d425246fba854bc688a2f5584444e6b7868bc8316e

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 12:43:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 08 Nov 2019 18:03:17 GMT
Server: AmazonS3
Age: 353355
ETag: W/"8cdd8837208533a86d94f7d07eca1c44"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 ab94358e0d2d36f8b4f6ff94645b8b39.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: MRS52-P2
X-Amz-Cf-Id: kcDRMV9CDP-fDt5F7q8USXxVjfRxkR5oKyrKlG-XHYsLl2AKb_CO1g==

GET
H/1.1 200
OK date_functions.js Show response
cdn.letgroup.com/shared/scripts/ 12 KB
3 KB 70ms
65ms Script
application/x-javascript 54.192.219.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.letgroup.com/shared/scripts/date_functions.js
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-50.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74ae807a7b8c9e4d061ea86f17956fb996728914ca58e9a1148e278dd5b23b21

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 19:10:30 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 11 Aug 2016 19:03:43 GMT
Server: AmazonS3
Age: 416532
ETag: W/"3c088508badbf4da15963dd58e453389"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 876d78271929a83070970f4d8906b685.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: MRS52-P2
X-Amz-Cf-Id: 65ZMhyOC618mQEnz3xoNyQnXmo9g3OYYMapvMod6r-xepVJ6s-IfGg==

GET
H/1.1 200
OK slick.js Show response
www.heathmankirkland.com/scripts/ 86 KB
15 KB 251ms
245ms Script
application/javascript 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heathmankirkland.com/scripts/slick.js

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

45ce20adbfc796c03b2f434ed197bcea53c152ac0d4b1dd20b270343d2b1cdae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.heathmankirkland.com/
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 13 Nov 2017 23:22:14 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 15020
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H/1.1 200
OK masonry.min.js Show response
www.heathmankirkland.com/scripts/ 24 KB
8 KB 135ms
130ms Script
application/javascript 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heathmankirkland.com/scripts/masonry.min.js

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

0894cc62f8e406d115cc4f9491e8bc51b70c6c49005401ff7e9e7db625bdb9fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.heathmankirkland.com/
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sat, 04 Nov 2017 22:26:49 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 7363
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H/1.1 200
OK retina.min.js Show response
www.heathmankirkland.com/scripts/ 3 KB
2 KB 138ms
132ms Script
application/javascript 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heathmankirkland.com/scripts/retina.min.js

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

5930e8458be31e52baa4fe04db2b248759f5f02971c370ed89e44d4ca8d5af51

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.heathmankirkland.com/
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 30 Oct 2017 01:51:46 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 1224
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H/1.1 200
OK booking.js Show response
www.heathmankirkland.com/scripts/ 4 KB
2 KB 132ms
127ms Script
application/javascript 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heathmankirkland.com/scripts/booking.js?1585844474

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

efc57efb0a3474961a00ffc8b007d85b8ed12615d096ffdbaf24d4e0b9563e48

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.heathmankirkland.com/
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 02 Apr 2020 16:21:14 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 1264
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H/1.1 200
OK scripts.js Show response
www.heathmankirkland.com/scripts/ 13 KB
5 KB 138ms
133ms Script
application/javascript 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heathmankirkland.com/scripts/scripts.js

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

2fcdb2f94a7f92536d6e2a923cb87a9529b82a46e7567706045723b049df1627

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.heathmankirkland.com/
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 21 May 2020 23:43:27 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 4253
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H/1.1 200
OK parallax.min.js Show response
www.heathmankirkland.com/scripts/ 12 KB
4 KB 140ms
135ms Script
application/javascript 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heathmankirkland.com/scripts/parallax.min.js

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

0417667998b258595cecbf967278e33d5769da1ca98ae324df43731ffb99bf07

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.heathmankirkland.com/
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 31 Oct 2017 07:16:07 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 3150
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 118 KB
46 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JVRMXDJV94

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0ad637460b49cdc97d063c7f64615282a4c67aaff2cd588f1ae2374c2e42378

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 14:52:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46493
x-xss-protection: 0
expires: Sat, 22 May 2021 14:52:41 GMT

GET
H/1.1 200
OK leaflet.all.20210219.min.js Show response
cdn.letgroup.com/shared/scripts/ 157 KB
47 KB 66ms
61ms Script
application/javascript 54.192.219.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.letgroup.com/shared/scripts/leaflet.all.20210219.min.js
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-50.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7444ec3fee0dab5ae7ce3b2b701b44f52d1a2a858d874881a123234cafb03c10

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 04:06:58 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 19 Feb 2021 17:07:18 GMT
Server: AmazonS3
Age: 2544344
ETag: W/"7eba58fed4b755fbe63ed9bd69447305"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 c76130909cba12f494ee98f488e40753.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: MRS52-P2
X-Amz-Cf-Id: nI1rWICHdqlY0E8E3j2D-hui-olNxZpsbA32e8-O4-ZHCAGA86eWsw==

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v19/ 46 KB
46 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,500,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.heathmankirkland.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:37:32 GMT
server: sffe
age: 218979
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47272
x-xss-protection: 0
expires: Fri, 20 May 2022 02:03:02 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24156
x-fb-rlafr: 0
pragma: public
x-fb-debug: T1lShp4Mkyvc+mHDVhhwhy5jI7+E/H289KoUw8/V7K/S4vchPygaVEFpGBUKPObUteIkKA66jpmBiadPHFvoBQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 22 May 2021 14:52:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK stash_partner_widget.js Show response
api.stashrewards.com/v4/ 6 KB
6 KB 536ms
139ms Script
text/javascript 18.205.18.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stashrewards.com/v4/stash_partner_widget.js?url_key=the-heathman-hotel&src=https%3A%2F%2Fwww.heathmankirkland.com%2F

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.205.18.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-205-18-241.compute-1.amazonaws.com

Software

Resource Hash

eefa5e4b186ba5bcac55f1fa9734323e313ca8334e8960df645d0c336b1c0c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Access-Control-Request-Method: GET,POST,DELETE,OPTIONS
X-Content-Type-Options: nosniff
Status: 200 OK
Date: Sat, 22 May 2021 14:52:42 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://www.heathmankirkland.com/
Cache-Control: no-cache
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *,x-requested-with
X-XSS-Protection: 1; mode=block
X-Request-Id: e55291e9-06a6-4e46-b5ea-38740154c995

GET
H/1.1 200
OK logo.svg
www.heathmankirkland.com/images/ 10 KB
3 KB 219ms
131ms Image
image/svg+xml 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heathmankirkland.com/images/logo.svg

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/styles/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

8ee0c7baebde2fc65930a167d82f489d6410e7ab3eb98d1656ae76a24f55e37e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.heathmankirkland.com/styles/styles.css
Connection: keep-alive
Referer: https://www.heathmankirkland.com/styles/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 21 Nov 2017 22:30:38 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 3033
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H2 200 car_1602611873.jpg
images.letgroup.com/PtDlANNgVr/ 303 KB
304 KB 345ms
200ms Image
image/jpeg 54.192.219.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.letgroup.com/PtDlANNgVr/car_1602611873.jpg
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-125.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a51a50f16f4c081c26ef68180c5991947cc6c9e7044562f21bdfa02f187a07b7

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:55:33 GMT
via: 1.1 5fd865e604cad30b24a805ca3b6d4048.cloudfront.net (CloudFront)
last-modified: Tue, 13 Oct 2020 17:57:55 GMT
server: AmazonS3
age: 2221029
etag: "18c8ffcc0319d9423cdbbc7966b7792f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: MRS52-P2
accept-ranges: bytes
content-length: 310202
x-amz-cf-id: I1c_X37Q2vqsroHGSxpLHSf17aRUL_WZ_qaSEaqcE9gOQgTCe435AQ==

GET
H2 200 car_1517328028.jpg
images.letgroup.com/PtDlANNgVr/ 269 KB
269 KB 508ms
362ms Image
image/jpeg 54.192.219.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.letgroup.com/PtDlANNgVr/car_1517328028.jpg
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-125.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c12f928d6383b720e9f804ee0e7b80257f579f64b5c4b630baae9e521ce01826

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:38:19 GMT
via: 1.1 5fd865e604cad30b24a805ca3b6d4048.cloudfront.net (CloudFront)
last-modified: Thu, 12 Apr 2018 16:53:43 GMT
server: AmazonS3
age: 1476863
etag: "feaab23f645f302fc362cb8c300bb27b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: MRS52-P2
accept-ranges: bytes
content-length: 275217
x-amz-cf-id: wi04CEFYVD-semsFIhCIkpFL8mtHt7guisUg3J84YgRGl-2WdCO1IQ==

GET
H2 200 car_1599153369.jpg
images.letgroup.com/PtDlANNgVr/ 234 KB
235 KB 281ms
135ms Image
image/jpeg 54.192.219.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.letgroup.com/PtDlANNgVr/car_1599153369.jpg
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-125.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87193968cfe0e0aa522404cb36207124483670c83a3761b848fb38165bbd207b

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:38:19 GMT
via: 1.1 5fd865e604cad30b24a805ca3b6d4048.cloudfront.net (CloudFront)
last-modified: Thu, 03 Sep 2020 17:16:10 GMT
server: AmazonS3
age: 1476863
etag: "6c0a75b52e7ba9f739463655c8c5424f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: MRS52-P2
accept-ranges: bytes
content-length: 239810
x-amz-cf-id: qBOtH2bCPqItlD-mT5KQsl9D0YDUi2LGkRHk5BMi4wBRGmYnluZBhg==

GET
H2 200 car_1562101110.jpg
images.letgroup.com/PtDlANNgVr/ 288 KB
289 KB 226ms
81ms Image
image/jpeg 54.192.219.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.letgroup.com/PtDlANNgVr/car_1562101110.jpg
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-125.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3866d05019d8d9a79db065fbc0ccabbf1bcbd1500650515be90007e3f58c6dc

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 20:02:04 GMT
via: 1.1 5fd865e604cad30b24a805ca3b6d4048.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jul 2019 20:58:31 GMT
server: AmazonS3
age: 1018238
etag: "c98a70e4978a1a0fb12dd9c4be7d5e8a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: MRS52-P2
accept-ranges: bytes
content-length: 294891
x-amz-cf-id: 9A2SVCp2FkgdDhklUMhfJbYYazCuqhNV7A4kgHBxi52NA9vtEYeMyg==

GET
H/1.1 200
OK art_1567710654.jpg
www.heathmankirkland.com/images/ 399 KB
400 KB 137ms
136ms Image
image/jpeg 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heathmankirkland.com/images/art_1567710654.jpg

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

2193e1a515f3ea4f24813d7244e9e6d3e16ff2672fdbc8ea88ca330c05ce0a64

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.heathmankirkland.com/
Cookie: _ga_JVRMXDJV94=GS1.1.1621695162.1.0.1621695162.0; _ga=GA1.1.158499224.1621695162; _fbp=fb.1.1621695162050.548232059
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:42 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 05 Sep 2019 19:06:01 GMT
Server: Apache
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 409053
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:42 GMT

GET
H/1.1 200
OK art_1614618168.jpg
www.heathmankirkland.com/images/ 142 KB
143 KB 137ms
137ms Image
image/jpeg 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heathmankirkland.com/images/art_1614618168.jpg

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

a465df4f59264321d0b5fcbc0d233e1ba5d7c8f1b915f93fad9d055089f2ae9c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.heathmankirkland.com/
Cookie: _ga_JVRMXDJV94=GS1.1.1621695162.1.0.1621695162.0; _ga=GA1.1.158499224.1621695162; _fbp=fb.1.1621695162050.548232059
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:42 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Mar 2021 16:51:17 GMT
Server: Apache
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 145553
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:42 GMT

GET
H/1.1 200
OK art_1593556810.jpg
www.heathmankirkland.com/images/ 132 KB
132 KB 130ms
130ms Image
image/jpeg 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heathmankirkland.com/images/art_1593556810.jpg

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

df95d6472e27dd41bea4cbdc5627bc07048774567457669018abb6194408b57f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.heathmankirkland.com/
Cookie: _ga_JVRMXDJV94=GS1.1.1621695162.1.0.1621695162.0; _ga=GA1.1.158499224.1621695162; _fbp=fb.1.1621695162050.548232059
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:42 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 30 Jun 2020 22:31:43 GMT
Server: Apache
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 135229
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:42 GMT

GET
H/1.1 200
OK art_1600708770.jpg
www.heathmankirkland.com/images/ 203 KB
204 KB 139ms
138ms Image
image/jpeg 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heathmankirkland.com/images/art_1600708770.jpg

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

c132fefd5c7cc58db78b3152f74ef891f102b8052a9e07b49a2141d08510a418

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.heathmankirkland.com/
Cookie: _ga_JVRMXDJV94=GS1.1.1621695162.1.0.1621695162.0; _ga=GA1.1.158499224.1621695162; _fbp=fb.1.1621695162050.548232059
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:42 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 21 Sep 2020 17:09:53 GMT
Server: Apache
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 208178
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:42 GMT

GET
H/1.1 200
OK logo-footer.svg
www.heathmankirkland.com/images/ 10 KB
4 KB 128ms
127ms Image
image/svg+xml 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heathmankirkland.com/images/logo-footer.svg

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/styles/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

30310b8f43b59c9104f366a6d99e0ecdd7dc4fcf83afb0815c9d81d5100c1d60

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.heathmankirkland.com/styles/styles.css
Cookie: _ga_JVRMXDJV94=GS1.1.1621695162.1.0.1621695162.0; _ga=GA1.1.158499224.1621695162; _fbp=fb.1.1621695162050.548232059
Connection: keep-alive
Referer: https://www.heathmankirkland.com/styles/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:42 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 21 Nov 2017 22:29:50 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 3263
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:42 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
www.heathmankirkland.com/styles/fonts/ 96 KB
96 KB 249ms
130ms Font
application/font-woff 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heathmankirkland.com/styles/fonts/fontawesome-webfont.woff?v=3.2.1

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/styles/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.heathmankirkland.com
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.heathmankirkland.com/styles/styles.css
Connection: keep-alive
Origin: https://www.heathmankirkland.com
Referer: https://www.heathmankirkland.com/styles/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:41 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 30 Oct 2017 01:51:46 GMT
Server: Apache
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 98024
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:41 GMT

GET
H3-29 200 417560128665607 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 69ms
68ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/417560128665607?v=2.9.40&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9aa9d5e61d5a0adbf05164bbd85946d3d660efb4bfb08c87aef57be57b5ebb9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: 997XQwuD8xJkbCzF/z1U+ZwdM6Z7I01N0twdeCJvZ4m4+zXSC8qqN77OqtHEZB0RcH9HYUmpyfC29tyT/2y93Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 22 May 2021 14:52:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core-en.js Show response
cdn.iubenda.com/cookie_solution/iubenda_cs/1.30.3/ 288 KB
69 KB 57ms
57ms Script
application/javascript 2.17.181.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.30.3/core-en.js
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.181.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-181-202.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6bb9e0b33740af7f5b781de78eb15c1bbc86e176f7430bfeefbed4e382c4c024

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 14:52:41 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 13:43:28 GMT
etag: "60a27300-113ea"
vary: Accept-Encoding
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: public, must-revalidate, proxy-revalidate, max-age=31536000
content-type: application/javascript
content-length: 70634
expires: Sun, 22 May 2022 14:52:41 GMT

GET
H/1.1

200
OK

404.php
www.heathmankirkland.com/
Redirect Chain

https://www.heathmankirkland.com/styles/images/ajax-loader.gif
https://www.heathmankirkland.com/404.php

16 KB
16 KB

132ms
132ms

Image
text/html

52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heathmankirkland.com/404.php

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/styles/slick.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.heathmankirkland.com/styles/slick.css
Cookie: _ga_JVRMXDJV94=GS1.1.1621695162.1.0.1621695162.0; _ga=GA1.1.158499224.1621695162; _fbp=fb.1.1621695162050.548232059
Connection: keep-alive
Referer: https://www.heathmankirkland.com/styles/slick.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:42 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=0
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Vary: Accept-Encoding
Content-Length: 4807
X-Content-Type-Options: nosniff
Expires: Sat, 22 May 2021 14:52:42 GMT

Redirect headers

Location: https://www.heathmankirkland.com/404.php
Date: Sat, 22 May 2021 14:52:42 GMT
Cache-Control: max-age=0
Expires: Sat, 22 May 2021 14:52:42 GMT
Server: Apache
Content-Length: 224
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 cmsimg_1548964376.jpg
images.letgroup.com/PtDlANNgVr/ 143 KB
143 KB 266ms
266ms Image
image/jpeg 54.192.219.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.letgroup.com/PtDlANNgVr/cmsimg_1548964376.jpg
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-125.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9bbe9a6da68a3e05de945ee662f3f7f62edb6e953f22d70dc6e17e446fa45c3

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 12:00:33 GMT
via: 1.1 5fd865e604cad30b24a805ca3b6d4048.cloudfront.net (CloudFront)
last-modified: Thu, 31 Jan 2019 19:52:57 GMT
server: AmazonS3
age: 874330
etag: "b15d29df59812b5078c7faf4badddfd7"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: MRS52-P2
accept-ranges: bytes
content-length: 146116
x-amz-cf-id: CBqjw0pVxsY1c-OalOaL6F_BOuzMzsPi4Igwi1x9cNmBLp9VfCLo1g==

GET
H2 200 cmsimg_1522701337-0.jpg
images.letgroup.com/PtDlANNgVr/ 207 KB
207 KB 266ms
266ms Image
image/jpeg 54.192.219.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.letgroup.com/PtDlANNgVr/cmsimg_1522701337-0.jpg
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-125.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e53f7caf1f1049f98d180700320e3e3dff040e449266ad82c6c087949bb39190

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 14:47:26 GMT
via: 1.1 5fd865e604cad30b24a805ca3b6d4048.cloudfront.net (CloudFront)
last-modified: Mon, 02 Apr 2018 20:35:39 GMT
server: AmazonS3
age: 432317
etag: "1c5a587796b00b029bf7c95f076fc1d6"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: MRS52-P2
accept-ranges: bytes
content-length: 211497
x-amz-cf-id: and5JgfsjiwdslBQDVlr8TCd44lfupTd_8ILDtMPHQNaEFrYF-QOpA==

GET
H/1.1 200
OK map-marker.png
www.heathmankirkland.com/images/ 8 KB
8 KB 139ms
138ms Image
image/png 52.70.215.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heathmankirkland.com/images/map-marker.png

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.70.215.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

cms.letgroup.com

Software

Apache /

Resource Hash

55147cd770eedca5f306670e208b5a6097b2a6238840d751a699caf16a88a4c0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.heathmankirkland.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.heathmankirkland.com/
Cookie: _ga_JVRMXDJV94=GS1.1.1621695162.1.0.1621695162.0; _ga=GA1.1.158499224.1621695162; _fbp=fb.1.1621695162050.548232059
Connection: keep-alive
Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:42 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 30 Oct 2017 22:55:50 GMT
Server: Apache
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.letgroup.com
Accept-Ranges: bytes
Content-Length: 7851
X-Content-Type-Options: nosniff
Expires: Thu, 18 Nov 2021 14:52:42 GMT

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 91476.png
b-tiles.locationiq.com/v2/obk/r/18/42085/ 17 KB
18 KB 197ms
172ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b-tiles.locationiq.com/v2/obk/r/18/42085/91476.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

67f8c7ac3fb041bde6c66e71ee36142e04a6514ad2209e363b3754a6c137f04c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a36297e9b0000dfb76a96b000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jllmznSTZGvLVKp%2BJ3ZCuuaV4dUUiR1sVXaNcBHMs7lCYXkOdEG6xPjRClMpGkTeNt2F8B0lgX4qBcqsKaLzpimxzbi7qLHhFTzNdlAIGSXnLAb8JvhLDFpxuuSQLiEH%2FuGV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deaa9f93dfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET 91475.png
a-tiles.locationiq.com/v2/obk/r/18/42085/ 0
0

GET 91476.png
a-tiles.locationiq.com/v2/obk/r/18/42084/ 0
0

GET 91476.png
c-tiles.locationiq.com/v2/obk/r/18/42086/ 0
0

GET 91477.png
c-tiles.locationiq.com/v2/obk/r/18/42085/ 0
0

GET 91475.png
c-tiles.locationiq.com/v2/obk/r/18/42084/ 0
0

GET 91475.png
b-tiles.locationiq.com/v2/obk/r/18/42086/ 0
0

GET 91477.png
b-tiles.locationiq.com/v2/obk/r/18/42084/ 0
0

GET 91477.png
a-tiles.locationiq.com/v2/obk/r/18/42086/ 0
0

GET 91476.png
c-tiles.locationiq.com/v2/obk/r/18/42083/ 0
0

GET 91476.png
a-tiles.locationiq.com/v2/obk/r/18/42087/ 0
0

GET 91475.png
b-tiles.locationiq.com/v2/obk/r/18/42083/ 0
0

GET 91475.png
c-tiles.locationiq.com/v2/obk/r/18/42087/ 0
0

GET 91477.png
a-tiles.locationiq.com/v2/obk/r/18/42083/ 0
0

GET 91477.png
b-tiles.locationiq.com/v2/obk/r/18/42087/ 0
0

GET 91476.png
b-tiles.locationiq.com/v2/obk/r/18/42082/ 0
0

GET 91476.png
b-tiles.locationiq.com/v2/obk/r/18/42088/ 0
0

GET 91475.png
a-tiles.locationiq.com/v2/obk/r/18/42082/ 0
0

GET 91475.png
a-tiles.locationiq.com/v2/obk/r/18/42088/ 0
0

GET 91477.png
c-tiles.locationiq.com/v2/obk/r/18/42082/ 0
0

GET 91477.png
c-tiles.locationiq.com/v2/obk/r/18/42088/ 0
0

POST
H2 204 collect
www.google-analytics.com/g/ 0
79 B 13ms
13ms Ping
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JVRMXDJV94&gtm=2oe5c1&_p=1343951691&sr=1600x1200&ul=en-us&cid=158499224.1621695162&_s=1&dl=https%3A%2F%2Fwww.heathmankirkland.com%2F&dt=Luxurious%20Kirkland%2C%20WA%20Hotel%20-%20The%20Heathman%20Kirkland&sid=1621695162&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.anonymize_ip=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JVRMXDJV94
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 22 May 2021 14:52:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heathmankirkland.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 98311166.js Show response
www.iubenda.com/cookie-solution/confs/js/ 62 B
434 B 215ms
97ms Script
application/javascript 104.111.214.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iubenda.com/cookie-solution/confs/js/98311166.js
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.30.3/core-en.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-240.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b3067d75e528bbc600263d1e9976380941e2de3e80ee02106e73bad5842ed28a

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 14:52:42 GMT
access-control-request-method: *
content-encoding: gzip
content-length: 68
last-modified: Fri, 26 Mar 2021 11:57:12 GMT
server: nginx
etag: "605dcc18-3e"
vary: Accept-Encoding
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=417560128665607&ev=PageView&dl=https%3A%2F%2Fwww.heathmankirkland.com%2F&rl=&if=false&ts=1621695162052&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&fbp=fb.1.1621695162050.548232059&it=1621695161855&coo=false&exp=l1&rqm=GET

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 14:52:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 22 May 2021 14:52:42 GMT

GET
H2 200 11434.png
c-tiles.locationiq.com/v2/obk/r/15/5260/ 72 KB
73 KB 149ms
138ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c-tiles.locationiq.com/v2/obk/r/15/5260/11434.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

9f18d55253ec7384a1106c588fa56b064e81e613d6a85b47fa1a4f9be4e32f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a362980d80000dfb7568ac000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SEPCGi6iGb350kND64KFWAErUzyOQrS9WAX7JvxG3q4W6mGq1DvcZV5ir2Qe1rbw2o4zvZZyqY3Zj2A9VZ%2F6TcToaEfn0LYk4vzhSW7kcBHWWImNj%2BmAMRT%2BYmVXvDXgfiTD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deae2ec6dfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 11433.png
b-tiles.locationiq.com/v2/obk/r/15/5260/ 75 KB
75 KB 134ms
124ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b-tiles.locationiq.com/v2/obk/r/15/5260/11433.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

6d59f35a16fe8630128b9059a6d14ae95f702b1e0d61a8046371414e76e059ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a36297f940000dfb7512c0000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GVj1CVc1%2B%2F%2FkhqSJLpS6e%2BmuOeN0CTHUByLaa%2FqkDqzjLBcaUCUrFPTE%2FkDEcq4x%2By8xIoGrhAG4AHwtJ1Hqc0NaIIqTlPxpEW5pkSiCaRXmLfNAgn5ZKhH1mzy8NNQoVhAR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deac1b32dfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 11434.png
b-tiles.locationiq.com/v2/obk/r/15/5259/ 7 KB
7 KB 64ms
55ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b-tiles.locationiq.com/v2/obk/r/15/5259/11434.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

20f8a4c790ec7dd5e745c704ffba150d1693c335f2427282bebb780d165c52e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a36297f940000dfb76d9b6000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nAmA2Ak0DLUg%2FdK67oeMmfDOTu3FgtTF%2FRKzwhQRehK1Sj3gMNGlc282CHH1%2FesYgDSIVNFAVFALbfaK3bPRoIqBqOF1FOGkRtbezCiqFnx%2FhZVvWTy1Z7EtocJehXy5Siif"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deac2b37dfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 11434.png
a-tiles.locationiq.com/v2/obk/r/15/5261/ 71 KB
71 KB 165ms
155ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a-tiles.locationiq.com/v2/obk/r/15/5261/11434.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

a53fe60d15f16c1151ca66a9572f380c68fb5acd15390430a6d785b887ed6c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a362980ec0000dfb77e300000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=adq7Vcsa09yraQr8ToeXVcbTQROnNeqf18e7c6R63Muk8CJj0PcfpH4%2FG%2B8mulJZpQ%2FiVSNc3Bd4vnlMLsJxyz5hAethgMuKODpA%2F%2BpmvVI69DSj476ecle5D2eIi%2BWO4T7W"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deae4ef5dfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 11435.png
a-tiles.locationiq.com/v2/obk/r/15/5260/ 50 KB
50 KB 142ms
133ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a-tiles.locationiq.com/v2/obk/r/15/5260/11435.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

036f9745e46c2592a07bf264668e521f352d3fcf2b2a9a7fa88f6323086ae633

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a362980ec0000dfb708afb000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jyeKnI4xULdULlQKtKzkvr5EtFszghsjjsHLBA7R0vuZ%2Fqtp2uriEOhaHAkamCjBRfLn21R9KP%2BqzJXwTq6bNaotjEQmO7VJd2E3%2BKSC9a0X9tuyiFZIyn3Br39bjAZjqQHW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deae4ef1dfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 11433.png
a-tiles.locationiq.com/v2/obk/r/15/5259/ 36 KB
36 KB 73ms
73ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a-tiles.locationiq.com/v2/obk/r/15/5259/11433.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

e1631d6083cab0b04ab7a57223a85fba97737d053cfb6fa570c242199a98be3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a362980f00000dfb76d9cd000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tLcBRU6Kj2sjPXS1SyyYc3gP4U3e8%2Bwe%2Fd%2F8T7kSuGN01UGdZf%2Fe6PXk1KY9%2Bs65x%2BHywbbMK5gIDYqTyvyBcYysVuZm1s3ofpSgb9qAooPUEVHDtQamTO7Y%2BNzCccY%2FiWaG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deae4efedfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 11433.png
c-tiles.locationiq.com/v2/obk/r/15/5261/ 64 KB
64 KB 109ms
109ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c-tiles.locationiq.com/v2/obk/r/15/5261/11433.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

bb77511571605e2c0cf17d87409a9b1f5e14c0261a2c93d26001f9d6cfd76532

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a362981220000dfb770946000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XbgpbjmnryNj6Dec598XrLCXxfuzwJZgCIUXyUoTI8JY8FdOVViqFD8OB2bzeL336Jd2rzuihedg0rGJN%2FEwO74oi1oTQSnLMixGK6sNswfEd2Kf5gKxRGV1A8DI%2BulwV9%2BW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deae9f7fdfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 11435.png
c-tiles.locationiq.com/v2/obk/r/15/5259/ 688 B
999 B 41ms
41ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c-tiles.locationiq.com/v2/obk/r/15/5259/11435.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

f9f6c0c2e2074c6c5e15f3c809e969c8e7be3b852829d495da5c14c3c581b627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a3629812e0000dfb7f980c000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tS2YriPOqBpZZnVmeLYcXg4K4axW8LjItJFc30yi6LDW%2FbgfWor%2FIs%2Fpv7Fi5t%2BWPLPo0AlWE4vyyEVXNNoQlE3vz9%2FjrpHgSxQhttSlL4UvPLzeu%2B5mTjC7AcZMg3APWXuD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deaebf93dfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 11435.png
b-tiles.locationiq.com/v2/obk/r/15/5261/ 71 KB
72 KB 137ms
130ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b-tiles.locationiq.com/v2/obk/r/15/5261/11435.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

59e856daf0eb65b117771eb39823f9d5f49e09817b3a76491dd2b8c5b9368529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a36297f950000dfb75abfc000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q8TmUeSv%2BJ9ulUEmCRF1spEo4l4Ufqp3Qruxyv6JrlYRgSNOMo%2BAbWrzl9f0Hvkno96wWqwfl94YZ59gPPzvjoEiypbp0zFYB7EiAxkBru5m%2F3PSdJmQfZKvOwuNd6zhobTW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deac2b38dfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 11434.png
a-tiles.locationiq.com/v2/obk/r/15/5258/ 688 B
984 B 56ms
56ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a-tiles.locationiq.com/v2/obk/r/15/5258/11434.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

f9f6c0c2e2074c6c5e15f3c809e969c8e7be3b852829d495da5c14c3c581b627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a3629813a0000dfb729bad000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sJ%2FT9X%2BwOIqeFVAYDdzPETYeG9DV0iSAd0JstQ%2BfCzMhJgm7ydZuHSn%2F19Sp1y4Zz%2F88vDIB2uNSpC6s3yy8UgCiyBE3p9UzHlp1Ipn6hJhQqNCRvKwglpqYkOfWZ7Avk%2FP6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deaecfaedfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 11434.png
b-tiles.locationiq.com/v2/obk/r/15/5262/ 61 KB
62 KB 168ms
161ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b-tiles.locationiq.com/v2/obk/r/15/5262/11434.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

732f9f6b655bfb40622df1757a9a08090df54b332f8c23ff07cc1d3b1d2f0afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a36297f950000dfb708ae5000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P4dOoQZmJsXOr2G1ttdIOw8IRraZjzd2aBdTHNFddlHLiwWHPfsYOBBD%2Bj%2BVWEboWh1shKQADpPyfaXs3kL0WMmrI4%2FZPSYRfn0bTjWkPZhMAMCndhX6pkOcJFYlDMMf8rfW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deac2b3ddfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 11433.png
c-tiles.locationiq.com/v2/obk/r/15/5258/ 688 B
989 B 75ms
75ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c-tiles.locationiq.com/v2/obk/r/15/5258/11433.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

f9f6c0c2e2074c6c5e15f3c809e969c8e7be3b852829d495da5c14c3c581b627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a362981410000dfb7568b3000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CiDXZF20OiA%2FyXARa98MaiXwCpummhCPEMIv%2Fgk2%2F7hcjb2mDcNIr%2BcixSSorL89TldUh9%2F1Ti%2FhpCWrSq%2F31hz3lNZ%2FhY%2BoM%2BkM554pvT1KhK6%2Fze7uZ6jRK7AD0RZkmfv0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deaecfc4dfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 11433.png
a-tiles.locationiq.com/v2/obk/r/15/5262/ 58 KB
59 KB 108ms
107ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a-tiles.locationiq.com/v2/obk/r/15/5262/11433.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

5c351e8fdeb1479d865aeb56a8e117761cd36184a660f45609fdde4405785677

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a362981580000dfb76a9a3000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4cbIsjXOwJJqtccU2Wx1ZoHV2o4Ynv4SCCI8W5f39XgFPQ%2BAjf6jX8waEjHqeOhEPh0t%2FDw0RFJ2%2BGqiiu3N8%2Fadm%2FsVwG%2BBAO2gOSBtU%2FuwAqnNLNPjauXtFrBnOgqMkfrr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deaeffffdfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 11435.png
b-tiles.locationiq.com/v2/obk/r/15/5258/ 688 B
980 B 75ms
69ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b-tiles.locationiq.com/v2/obk/r/15/5258/11435.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

f9f6c0c2e2074c6c5e15f3c809e969c8e7be3b852829d495da5c14c3c581b627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a36297f960000dfb749373000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zO2s4VURjfm%2FaB%2FRlYb21g3M9elrs51C%2FOf5iIHE4w7eQlvsTr1sQi8TnilGZy2C0mWwkELtU3%2BL6ZZr5wS%2Fv07cg74bqy5ba6B680D9j%2BFazQM1xXoWrpVQQI6W3DWOec2V"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deac2b43dfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 11435.png
c-tiles.locationiq.com/v2/obk/r/15/5262/ 66 KB
66 KB 144ms
143ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c-tiles.locationiq.com/v2/obk/r/15/5262/11435.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

975380d2613a95640f61cd208814427f5ba09d2a6668acc2aa0a1206a341cd56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a362981680000dfb770948000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bn2Py8w6Ea0%2Bo%2Fmpuuiu9j8rl61z97dws6vPTNP%2FZhN9IAcYX%2FlKiPXvBCFY1dd%2FvXJBQNU5U2WKDKf0YUoYVCGG3YE072Wwxx0ClYx3TPFzvmkKOU0aZjH1TEdEuVsmsOQA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deaf0827dfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 11434.png
c-tiles.locationiq.com/v2/obk/r/15/5257/ 4 KB
5 KB 73ms
73ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c-tiles.locationiq.com/v2/obk/r/15/5257/11434.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

c2041b50ef652606c5be5457c6e55683b64c0f8e443e8b784dd70f579bf4e119

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a3629816a0000dfb74caa6000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NJktrqRjJNSx%2FomGxPf9AV%2FMyw%2Bj129T9ryr9rtn2oXMkvIhFcR%2BF%2B%2FeoI13eZvsemX3WR0zcjscZrwE8NdFY8UCntOddDI%2FbIOoA3OFW6Uo2P%2Bw8vbe7%2BJDLxibhjtC8DND"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deaf182bdfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 11434.png
c-tiles.locationiq.com/v2/obk/r/15/5263/ 70 KB
70 KB 134ms
133ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c-tiles.locationiq.com/v2/obk/r/15/5263/11434.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

836f825f678780570e685496bb8efc40f478fd535b596c197037512bf95d6469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a362981730000dfb74bbdb000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1QN6P0oMHGcTdASn6T%2FvEP%2BcjehHfjkIR6nqnkFfCZBtzjrb4FkAnUqdmXniM%2FYlV9Osdj1LCXA3RsPsZcN5gbvhHHdPUnAv%2FAWorX7ppTJF3oaPsE0IKnOnUGxJbgaQi8BL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deaf1849dfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 11433.png
b-tiles.locationiq.com/v2/obk/r/15/5257/ 688 B
982 B 76ms
71ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b-tiles.locationiq.com/v2/obk/r/15/5257/11433.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

f9f6c0c2e2074c6c5e15f3c809e969c8e7be3b852829d495da5c14c3c581b627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a36297f950000dfb77092b000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Zfrxr6ZNwosLxXdwvTkyy%2FkXVJQhC4JSCKXXpefsfqCWT1CgC0PeBLZ3VlJNQNkZXYihZHo%2B4wglWVHKHVKpvOmaSkj32KjMHEIuRECTDPbGKMMODvOCyYAi1kiEeQ%2BH9e3v"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deac2b44dfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 11433.png
b-tiles.locationiq.com/v2/obk/r/15/5263/ 60 KB
61 KB 151ms
147ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b-tiles.locationiq.com/v2/obk/r/15/5263/11433.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

54aebf05911590f0c30cca73b8596ed559e030c8c247e598e27df854eb61dd76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a36297f960000dfb722bc2000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vY9unVcQqRZfQgJjn6QY6MFL4PKeqDkb66h0rae4yoX6Zn9Djr4newa1kjFhalqblEYSQQ638zNVyMODKfnQ%2Fp%2BU6bnh1ADvHnWXnTrZHIDeU8bmQEKSrIILYkWFgzOFJXAa"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deac2b47dfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 11435.png
a-tiles.locationiq.com/v2/obk/r/15/5257/ 688 B
1 KB 49ms
49ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a-tiles.locationiq.com/v2/obk/r/15/5257/11435.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

f9f6c0c2e2074c6c5e15f3c809e969c8e7be3b852829d495da5c14c3c581b627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a3629817b0000dfb739b67000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4qQ%2BKaPoGYswZvJRJajuIMtIBqM5FSFRGhp%2Faj05CtsXOIN5DoQG2LkEPmtEBlIPfN37zDkkqQ9v9cyXpqfjuGl7FHNxutObJTU5l9AWllGXnkmuOStno33ezIEgo7ztrgnP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deaf285bdfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H2 200 11435.png
a-tiles.locationiq.com/v2/obk/r/15/5263/ 62 KB
62 KB 179ms
179ms Image
image/png 2606:4700:20::ac43:60e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a-tiles.locationiq.com/v2/obk/r/15/5263/11435.png?key=2bf675d0f24874

Requested by

Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:60e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Unwired Labs

Resource Hash

e8f7942dfa76dfec08198efff3b34086d117b34990a94c022ce200888bf9888e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

u-cache: M
date: Sat, 22 May 2021 14:52:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Unwired Labs
cf-request-id: 0a3629818b0000dfb7311f6000000001
pragma: public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7%2FfMhRHi%2FwHmZUCoTH8EdQlsnqytL%2FF7qAz3v5kUj9P5cVTcnoZCvPgHy1%2FJBQv8UH42sR9Nw4hmRk7%2BjviqwtUp2srwVaRbheewdoxIAUXpwaaTZlWuIZKx17ht7eE1NlZ4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6536deaf488adfb7-FRA
expires: Sun, 23 May 2021 14:52:42 GMT

GET
H/1.1 200
OK Cookie set stash-partner-widget-track Show response
www.stashrewards.com// Frame 7895 1 KB
2 KB 555ms
159ms Document
text/html 18.205.18.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stashrewards.com//stash-partner-widget-track?url_key=the-heathman-hotel&sw_action=Load

Requested by

Host: api.stashrewards.com
URL: https://api.stashrewards.com/v4/stash_partner_widget.js?url_key=the-heathman-hotel&src=https%3A%2F%2Fwww.heathmankirkland.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.205.18.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-205-18-241.compute-1.amazonaws.com

Software

Resource Hash

9100295509041dd1b68dea296970ab762186069e2dfcff43b074d5dea3be95ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.stashrewards.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.heathmankirkland.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heathmankirkland.com/

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: abtest=_sss%3Dnav_signup%3Dbranded_shortform%3Dfull_; path=/; HttpOnly; secure guid=bf25bef6-dcee-4fcb-99e7-02f1cc90458f; path=/; expires=Sun, 22 May 2022 14:52:42 -0000; HttpOnly; secure _stash_session=dWtsYzYwTVg2ZVNYeHBJd0E0Q3VKYUZwU29HOHorclVDR1dFdXRUMGlJYXc5Q2svMEFvb0N2b2UycTROMnhFOWpzRXpObFJTWmdxY3BhNXQyTGpPckxLaUpvQ1Fvb1pUUXF5U0VDSTk3dEFMV3Y0Vy9nUllqR09PSTBkeUxyeFNDVi9RMXBxLzQ2eWFDWm84c0ZWTmtIemFWc2djTVRPRjU0NlBrVHkrRlY4MFBsZmFsQ2lublVydzNwcGtXN3F6Y09YeWQwczNxd2U1b1BSQURVRUZuZmY4M2JtdWIwMlF4RkYzcHZ6KzZUeU9vZXB0TkxaTWNiTkl4NThrRldvOU1kSzZJVFVUSllmbElFRGUyRkFmaXl0MFNtc0xuY3NwaEJBbEdhRWFkdGErV0JxNEoxN3JhMGkzTjkweTdWU09ncXNjeSs4cko1aXNOb2NVTmk5Q29td3cxYjkwa1pFZCsvYkxTVlRueVp5bGxmV3ZVOTMvcEdJSnV4d01neTdLUk1WVlNZREVwRzlTRmx1SUJxSkwvbE00R013VjF0Q3JxUUpkb1hXeC9YVEEvU0gxT1Vkb202UmNKbitmWUovZnpyTHRYNW1kY2RrU2gxYnJRT0w5R3RQVEpheHE5cTdZU0F3K0Z6bUEvQkVpMksxemlqQkhOMkZiOUU5TS9lNTJ1amJjOUQxUUNwMG9qUVVyVEhrcTM3UjFvZU9SaFg5UEt0NnZzR20wOG56MFBYckNaM0Jvdi9nL0ZZaG94MklBQkFHL0tWbHU0cUFDNzQzRUs2VWhZRlcyT01JempSc2FxVFh5TjRJSTIxOW14OTA3ZzI2TjJHWGFkeWVmcEpIajRVeEJ1RysyeWptS3hNbUZaMFNLMGtQOWpkNWVvQS9Mb0E0V2dOSHBoaVNnNDNUMlk2R2w3dHJhK01ldXhpczR3R2RUenBrZnp1WjVKanF3ZmdvQlZRPT0tLTUySGE0bkgwV01QM0FSa2hEYS9DeVE9PQ%3D%3D--a8cb99eb180b3374db7d36f8f5c296beaaf486c0; path=/; secure; HttpOnly hap=website_prod2; path=/; HttpOnly; Secure
X-Request-Id: 93f100d2-76a6-47c1-90df-3e9115f52725
Strict-Transport-Security: max-age=15552000
Date: Sat, 22 May 2021 14:52:42 GMT
Content-Encoding: gzip

GET
H2 200 stash-star-v3-wht-40x40_c_2.gif
images.stashrewards.com/ 14 KB
14 KB 67ms
21ms Image
image/gif 2600:9000:21f3:d400:5:ce21:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.stashrewards.com/stash-star-v3-wht-40x40_c_2.gif
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d400:5:ce21:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 467743bf8a9e8ae77dcffb01ba3eae728863afa766cabad737e78d382da61367

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 12:14:23 GMT
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
last-modified: Tue, 17 Dec 2019 23:52:21 GMT
server: AmazonS3
age: 2083100
etag: "5196a9491af8c252899088dddbce72db"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=2419200
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 14144
x-amz-cf-id: V6-agw_pIzS2tfhTTRTZtQF11YCHEFzHmRWYizvhUBaPopVzJvjK9A==

OPTIONS
H2 204 write
hits-i.iubenda.com/ Frame 0
0 221ms
67ms Preflight
text/plain 178.62.192.243
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hits-i.iubenda.com/write?db=hits1
Protocol: H2
Server: 178.62.192.243 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://www.heathmankirkland.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 22 May 2021 14:52:43 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *, authorization
access-control-max-age: 1728000
access-control-allow-credentials: true
content-length: 0
content-type: text/plain charset=UTF-8

POST
H2 204 write Show response
hits-i.iubenda.com/ 0
407 B 112ms
112ms XHR
text/plain 178.62.192.243
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hits-i.iubenda.com/write?db=hits1
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.30.3/core-en.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.62.192.243 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heathmankirkland.com/
Authorization: Basic aGl0czFfdTpoaXRzMV91cHdk
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 22 May 2021 14:52:43 GMT
server: nginx
x-influxdb-build: OSS
access-control-allow-methods: DELETE, GET, OPTIONS, POST, PUT
access-control-allow-origin: https://www.heathmankirkland.com
access-control-expose-headers: Date, X-InfluxDB-Version, X-InfluxDB-Build
request-id: 5cd3caca-bb0d-11eb-80f0-0242ac110002
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Length, Content-Type, X-CSRF-Token, X-HTTP-Method-Override
x-influxdb-version: 1.8.2
x-request-id: 5cd3caca-bb0d-11eb-80f0-0242ac110002

GET
H2

200

loader.js Show response
www.gstatic.com/charts/ Frame 7895
Redirect Chain

https://www.google.com/jsapi
https://www.gstatic.com/charts/loader.js

65 KB
20 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Host: www.stashrewards.com
URL: https://www.stashrewards.com//stash-partner-widget-track?url_key=the-heathman-hotel&sw_action=Load

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efdde317b774ed03a69918bb931553608881c84987ce79e68c7f9d32d6138a96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 14:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2354
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20151
x-xss-protection: 0
last-modified: Mon, 12 Apr 2021 17:45:29 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 22 May 2021 15:13:28 GMT

Redirect headers

date: Sat, 22 May 2021 14:27:23 GMT
x-content-type-options: nosniff
server: sffe
age: 1519
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/charts/loader.js
cache-control: public, max-age=1800
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Sat, 22 May 2021 14:57:23 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ Frame 7895 162 KB
49 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PQKW5J

Requested by

Host: www.stashrewards.com
URL: https://www.stashrewards.com//stash-partner-widget-track?url_key=the-heathman-hotel&sw_action=Load

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b29762eebcdc5ee31689eba37abc4703f4340131258ef1781eacc06e48bb80e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 14:52:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50316
x-xss-protection: 0
last-modified: Sat, 22 May 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 May 2021 14:52:42 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 7895 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.stashrewards.com
URL: https://www.stashrewards.com//stash-partner-widget-track?url_key=the-heathman-hotel&sw_action=Load

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4966
date: Sat, 22 May 2021 13:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sat, 22 May 2021 15:29:56 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ Frame 7895 45 KB
17 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQKW5J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2306
date: Sat, 22 May 2021 14:14:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 22 May 2021 16:14:17 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 7895 36 KB
14 KB 54ms
53ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQKW5J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

506df44f82ef782e6f5c6a7832dfd2be0638b393dca0c8d0964c616e296c83a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 14:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14011
x-xss-protection: 0
server: cafe
etag: 7512236244504453440
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 22 May 2021 14:52:43 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ Frame 7895 41 KB
13 KB 12ms
12ms Script
text/javascript 2a02:26f0:6c00::210:baf3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQKW5J
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baf3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44fd260563f49318f6bc6700c3f997d422dd5fb17055f5716e2851b2f049670a

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wPQ_UeweJHSswrwkDd65gDw4E0IQLvZC
Content-Encoding: gzip
ETag: "98850c19abcad34c8a7dd801fd5c9865"
x-amz-request-id: M2791RHE9A8BCW9G
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12999
x-amz-id-2: l1prWtkQndv63GnMtw3ca0NV6bpV1SLWG+2bDdFdXz4JDmlJ3N3jcemWkmdXiAgiTLm5+mN0L8Q=
Last-Modified: Thu, 20 May 2021 19:42:06 GMT
Server: AmazonS3
Date: Sat, 22 May 2021 14:52:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 hotjar-2316762.js Show response
static.hotjar.com/c/ Frame 7895 4 KB
2 KB 239ms
111ms Script
application/javascript 54.192.219.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2316762.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQKW5J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.219.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-219-116.mrs52.r.cloudfront.net

Software

Resource Hash

4799f8b461bc68575815f7c10f9e34e02aa798b492e97fe12f188ee448462700

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 14:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: MRS52-P2
etag: W/9d6182763d7aac0590cc65abf2025c14
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1910
via: 1.1 aa1a30846e0095e7119e3af834f718c3.cloudfront.net (CloudFront)
x-amz-cf-id: JVQjGRnlBoTbqOVGIRDi0oru4BTgOk7tIH4j9Rrs2yrdcceQAx2qfA==

GET
H/1.1 200
OK snowplow.js Show response
www.stashrewards.com/assets/ Frame 7895 64 KB
26 KB 235ms
234ms Script
application/javascript 18.205.18.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stashrewards.com/assets/snowplow.js
Requested by: Host: www.heathmankirkland.com
URL: https://www.heathmankirkland.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.205.18.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-18-241.compute-1.amazonaws.com
Software: /
Resource Hash: b7071c73216a133ad4e241a09c142dcba3cfe9565b04527e56a12e2b7ae40021

Request headers

Referer: https://www.stashrewards.com//stash-partner-widget-track?url_key=the-heathman-hotel&sw_action=Load
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:43 GMT
Content-Encoding: gzip
Expires: Mon, 21 Jun 2021 14:52:43 GMT
Cache-Control: max-age=2592000, public
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/ Frame 7895
Redirect Chain

https://s.adroll.com/j/exp/VKLGJLIDLZBGNADP7CU6FN/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

6ms
6ms

Script
application/javascript

2a02:26f0:6c00::210:baf3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baf3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: E6Gl9B7gPbHVX38jHWUJV0Im5cXEZg8.
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 6J6WV6RWN730WHRP
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 5fY3mOf86PHfXzznpqyZ93VnsPjHl6TGgYcWIYb8oAwsAUfC3CR9Q6oHbvANb3at/wFXTkgrlzE=
Last-Modified: Thu, 20 May 2021 19:48:38 GMT
Server: AmazonS3
Date: Sat, 22 May 2021 14:52:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Sat, 22 May 2021 14:52:43 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/VKLGJLIDLZBGNADP7CU6FN/7CNCURWV7BFGVFSUPIWCAZ/ Frame 7895 0
773 B 185ms
184ms Script
text/javascript 2a02:26f0:6c00::210:baf3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/VKLGJLIDLZBGNADP7CU6FN/7CNCURWV7BFGVFSUPIWCAZ/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baf3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: LhHJ7NOV_V2cJNcgFoew2ncsYKUNwBcP
Content-Encoding: gzip
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: CXRSFAG5DHVRPYNV
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
x-amz-id-2: u/56YrkJXz5fITn8XY1qrm7RXM3nJpvEx+aWmwsYoteldbhoxVT/xYqP7HdlF6/lA4LBQlI1T78=
Last-Modified: Sat, 22 May 2021 12:07:37 GMT
Server: AmazonS3
Date: Sat, 22 May 2021 14:52:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/VKLGJLIDLZBGNADP7CU6FN/ Frame 7895
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/VKLGJLIDLZBGNADP7CU6FN?_s=11c0e507250992d6baa8781614cb97b3&_b=2
https://d.adroll.com/consent/check/VKLGJLIDLZBGNADP7CU6FN/?_s=11c0e507250992d6baa8781614cb97b3&_b=2

393 B
861 B

62ms
62ms

Script
application/javascript

54.171.41.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/VKLGJLIDLZBGNADP7CU6FN/?_s=11c0e507250992d6baa8781614cb97b3&_b=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.41.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-41-181.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 1a651e69e113381a2b104ef8d44b9df46901f4e4b4062b478c4ea1b75c1ee759

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 May 2021 14:52:43 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-type: application/javascript
content-length: 393
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

Redirect headers

location: https://d.adroll.com/consent/check/VKLGJLIDLZBGNADP7CU6FN/?_s=11c0e507250992d6baa8781614cb97b3&_b=2
date: Sat, 22 May 2021 14:52:43 GMT
server: nginx/1.18.0
content-length: 105

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/834747249/ Frame 7895 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/834747249/?random=1621695163120&cv=9&fst=1621695163120&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&ref=https%3A%2F%2Fwww.heathmankirkland.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8c544308c9b9a3c5ebc071a1853c7086b216ea3de9e286c34b511e826abc240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 May 2021 14:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/993485726/ Frame 7895 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/993485726/?random=1621695163123&cv=9&fst=1621695163123&num=1&label=Rvp6CLLXmQQQnsfd2QM&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&ref=https%3A%2F%2Fwww.heathmankirkland.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80386ed7a243f21efa850227e4718686f27bfc2da728b9dad42cd92d62ca7cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 May 2021 14:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1105
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/834747249/ Frame 7895 42 B
64 B 29ms
28ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/834747249/?random=1621695163120&cv=9&fst=1621692000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&frm=2&url=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&ref=https%3A%2F%2Fwww.heathmankirkland.com%2F&async=1&fmt=3&is_vtc=1&random=2623170897&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 May 2021 14:52:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/834747249/ Frame 7895 42 B
108 B 18ms
17ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/834747249/?random=1621695163120&cv=9&fst=1621692000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&frm=2&url=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&ref=https%3A%2F%2Fwww.heathmankirkland.com%2F&async=1&fmt=3&is_vtc=1&random=2623170897&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 May 2021 14:52:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/993485726/ Frame 7895 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/993485726/?random=1621695163123&cv=9&fst=1621692000000&num=1&label=Rvp6CLLXmQQQnsfd2QM&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&frm=2&url=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&ref=https%3A%2F%2Fwww.heathmankirkland.com%2F&async=1&fmt=3&is_vtc=1&random=4179411168&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 May 2021 14:52:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/993485726/ Frame 7895 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/993485726/?random=1621695163123&cv=9&fst=1621692000000&num=1&label=Rvp6CLLXmQQQnsfd2QM&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&frm=2&url=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&ref=https%3A%2F%2Fwww.heathmankirkland.com%2F&async=1&fmt=3&is_vtc=1&random=4179411168&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 May 2021 14:52:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

FQ6DK4UAOZCKRHZVVY7LW4.js Show response
s.adroll.com/pixel/VKLGJLIDLZBGNADP7CU6FN/7CNCURWV7BFGVFSUPIWCAZ/ Frame 7895
Redirect Chain

https://d.adroll.com/pixel/VKLGJLIDLZBGNADP7CU6FN/7CNCURWV7BFGVFSUPIWCAZ?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&...
https://s.adroll.com/pixel/VKLGJLIDLZBGNADP7CU6FN/7CNCURWV7BFGVFSUPIWCAZ/FQ6DK4UAOZCKRHZVVY7LW4.js

4 KB
2 KB

231ms
230ms

Script
text/javascript

2a02:26f0:6c00::210:baf3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/VKLGJLIDLZBGNADP7CU6FN/7CNCURWV7BFGVFSUPIWCAZ/FQ6DK4UAOZCKRHZVVY7LW4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baf3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e73e49db072e2cfc7f3fd6869f40ce045c28d98aa1465c8f830a4643bbc39fc4

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: LTY2dPrqyhdchoiHqwAoRrEM9i59TjJd
Content-Encoding: gzip
ETag: "bb37736e95b510f9be98cd0f2f014d69"
x-amz-request-id: BZDZEBGB7Y3Q7G6D
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1611
x-amz-id-2: LYQsu//qEpDSaqO+/Mv53Amm9eQIiqiqEHkPO0HRCyBJUqFNUCBTxnlJC4wuPWhqivJxHPVYzmc=
Last-Modified: Thu, 17 Dec 2020 19:44:47 GMT
Server: AmazonS3
Date: Sat, 22 May 2021 14:52:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.18.0
x-rule: *
date: Sat, 22 May 2021 14:52:43 GMT
x-segment-eid: FQ6DK4UAOZCKRHZVVY7LW4
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://s.adroll.com/pixel/VKLGJLIDLZBGNADP7CU6FN/7CNCURWV7BFGVFSUPIWCAZ/FQ6DK4UAOZCKRHZVVY7LW4.js
cache-control: no-store, no-cache, must-revalidate
x-segment-display-name: Visitors to Unsegmented Pages
x-pixel-eid: 7CNCURWV7BFGVFSUPIWCAZ
x-segment-name: *
x-advertisable-eid: VKLGJLIDLZBGNADP7CU6FN
content-length: 0
x-conversion-currency

GET
H2 200 modules.0d0a898aa455aaa7acd5.js Show response
script.hotjar.com/ Frame 7895 219 KB
58 KB 213ms
84ms Script
application/javascript 54.192.219.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0d0a898aa455aaa7acd5.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2316762.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.219.34 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-219-34.mrs52.r.cloudfront.net

Software

Resource Hash

6344ba60b5407714ea496dc2195e55d55a0de6446844786b976a5df387283dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 96218
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59007
access-control-allow-origin: *
last-modified: Fri, 21 May 2021 12:08:20 GMT
etag: "93ac925b3658bdcc78077b657a6a72f4"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d3dc7fce70a4cf01f01f6bf06755098c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: MRS52-P2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: nfyVZvdB_Bt-emO3VFYjbCOQ_Sv2WPldmkLQhp50Rrh9fa1bv3-cTw==

GET
H2 200 i
d3rg1399pygx85.cloudfront.net/ Frame 7895 37 B
362 B 199ms
60ms Image
image/gif 54.230.108.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rg1399pygx85.cloudfront.net/i?e=pv&url=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&refr=https%3A%2F%2Fwww.heathmankirkland.com%2F&tv=js-2.4.2&tna=cf&aid=stash_website&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=7c937e8b-207f-4e2e-beec-d0b9f8f0c329&dtm=1621695163265&vp=0x0&ds=0x0&vid=1&duid=6eacc927266d9713&fp=1072425006
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.108.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-108-156.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 14:44:04 GMT
via: 1.1 c76130909cba12f494ee98f488e40753.cloudfront.net (CloudFront)
last-modified: Thu, 20 Mar 2014 21:53:04 GMT
server: AmazonS3
age: 27556
etag: "3eacd0132310ea44cad756b378a3bc07"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: MRS52-P2
accept-ranges: bytes
content-length: 37
x-amz-cf-id: _mmU_OIzXCCPFJL7D64e74YK2nNUmVMhhXx4XAtUFdNwvJ2JYwaLtQ==

GET
H2 200 box-21ccaa45726c0f3c8c458f7a87eb2298.html Show response
vars.hotjar.com/ Frame D313 2 KB
1 KB 187ms
61ms Document
text/html 52.84.49.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2316762.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.49.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-49-97.mrs52.r.cloudfront.net
Software: /
Resource Hash: c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-21ccaa45726c0f3c8c458f7a87eb2298.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.stashrewards.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.stashrewards.com/

Response headers

content-type: text/html
content-length: 1044
date: Thu, 20 May 2021 13:17:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "6a4e2ae376c29011d2e53de65a08d0b7"
last-modified: Thu, 20 May 2021 13:16:24 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e5c15247ec560744bc8eee50e069c231.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P1
x-amz-cf-id: KiGX1Dr5QamNMBPHnEjbcZDNGPvDQiZTH3A9400dbdvZNr_5EDgYvA==
age: 178538

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 7895 92 KB
24 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d.adroll.com
URL: https://d.adroll.com/pixel/VKLGJLIDLZBGNADP7CU6FN/7CNCURWV7BFGVFSUPIWCAZ?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&no-cookies=1&pv=82059083691.6937&adroll_s_ref=https%3A//www.heathmankirkland.com/&keyw=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24156
x-fb-rlafr: 0
pragma: public
x-fb-debug: T1lShp4Mkyvc+mHDVhhwhy5jI7+E/H289KoUw8/V7K/S4vchPygaVEFpGBUKPObUteIkKA66jpmBiadPHFvoBQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 22 May 2021 14:52:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK sendrolling2.js Show response
s.adroll.com/j/ Frame 7895 10 KB
3 KB 157ms
157ms Script
application/javascript 2a02:26f0:6c00::210:baf3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling2.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/VKLGJLIDLZBGNADP7CU6FN/7CNCURWV7BFGVFSUPIWCAZ?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&no-cookies=1&pv=82059083691.6937&adroll_s_ref=https%3A//www.heathmankirkland.com/&keyw=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baf3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91fbda662d0f483752cf76c0fabf630d8eb4fd7f66ef3c29c63b7c602a05c145

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: h886_EQis.1YqSYGU2LpW537xR0wMDVX
Content-Encoding: gzip
ETag: "1f1f2ed9852fc742c6d5b5c28bbe22e6"
x-amz-request-id: AZ1P8P3TDWFJ3ZBP
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2271
x-amz-id-2: NYfyBZf6l6JcCNG9nqjDh9cWujG6ul2TcjN/rABc1W252dhq8apLPohJn5QpojcL7piYNhsgrrQ=
Last-Modified: Thu, 14 Jan 2021 19:01:02 GMT
Server: AmazonS3
Date: Sat, 22 May 2021 14:52:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

204

sync
pixel.advertising.com/ups/55980/ Frame 7895
Redirect Chain

https://d.adroll.com/cm/aol/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7CU6FN
https://pixel.advertising.com/ups/55980/sync?uid=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
125 B

138ms
47ms

Image
text/plain

52.59.28.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55980/sync?uid=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.28.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-28-101.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 14:52:43 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/55980/sync?uid=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Sat, 22 May 2021 14:52:43 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 167
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7895
Redirect Chain

https://d.adroll.com/cm/index/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&expiration=1653231163
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&expiration=1653231163&C=1

43 B
1 KB

61ms
60ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&expiration=1653231163&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 May 2021 14:52:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 22 May 2021 14:52:43 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 22 May 2021 14:52:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&expiration=1653231163&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Sat, 22 May 2021 14:52:43 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7895
Redirect Chain

https://d.adroll.com/cm/n/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7CU6FN
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&expires=365

0
239 B

186ms
42ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&expires=365
pragma: no-cache
date: Sat, 22 May 2021 14:52:43 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 7895
Redirect Chain

https://d.adroll.com/cm/outbrain/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNA...
https://sync.outbrain.com/cookie-sync?p=adroll&uid=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA

0
477 B

527ms
131ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 14:52:44 GMT
Cache-Control: no-cache
X-TraceId: b7bcf7b1747188f1496a61edc79d475d
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA
pragma: no-cache
date: Sat, 22 May 2021 14:52:43 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 100
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7895
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNA...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
548 B

201ms
60ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 14:52:43 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug013:0:446
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Sat, 22 May 2021 14:52:43 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 220
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 7895
Redirect Chain

https://d.adroll.com/cm/r/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7CU6FN
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
446 B

21ms
7ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 14:52:43 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

location: https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Sat, 22 May 2021 14:52:43 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 165
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/ Frame 7895
Redirect Chain

https://d.adroll.com/cm/taboola/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNAD...
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA

0
220 B

157ms
43ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Sat, 22 May 2021 14:52:43 GMT
server: nginx
x-fastly-to-nlb-rtt: 23795

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA
pragma: no-cache
date: Sat, 22 May 2021 14:52:43 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/ Frame 7895
Redirect Chain

https://d.adroll.com/cm/triplelift/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBG...
https://eb2.3lift.com/xuid?mid=4714&xuid=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

37 B
351 B

42ms
41ms

Image
image/gif

18.158.81.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.81.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 14:52:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
date: Sat, 22 May 2021 14:52:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 7895
Redirect Chain

https://d.adroll.com/cm/b/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7CU6FN
https://x.bidswitch.net/sync?dsp_id=44&user_id=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA

43 B
345 B

45ms
45ms

Image
image/gif

52.29.176.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.176.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-176-117.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 14:52:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA
date: Sat, 22 May 2021 14:52:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 7895
Redirect Chain

https://d.adroll.com/cm/x/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7CU6FN
https://ib.adnxs.com/setuid?entity=172&code=OGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA

43 B
1 KB

47ms
47ms

Image
image/gif

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 May 2021 14:52:43 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.15:80
AN-X-Request-Uuid: 46483213-92f8-492c-a83a-73f6be41fa16
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 22 May 2021 14:52:43 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.144:80
AN-X-Request-Uuid: 9818b286-5586-4141-a00f-33033450ecc3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOGQ3MTY0Yzc3NjA4NzY5NzVhZTk2Mzc1MTMyYWEyODA
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 out
d.adroll.com/cm/l/ Frame 7895 42 B
180 B 66ms
65ms Image
image/gif 54.171.41.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7CU6FN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.41.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-41-181.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 14:52:43 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.18.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7895
Redirect Chain

https://d.adroll.com/cm/o/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7CU6FN
https://us-u.openx.net/w/1.0/sd?id=537103138&val=8d7164c7760876975ae96375132aa280
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=8d7164c7760876975ae96375132aa280

43 B
180 B

72ms
72ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=8d7164c7760876975ae96375132aa280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 May 2021 14:52:44 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=8d7164c7760876975ae96375132aa280
date: Sat, 22 May 2021 14:52:44 GMT
via: 1.1 google
server: OXGW/16.207.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

in
d.adroll.com/cm/g/ Frame 7895
Redirect Chain

https://d.adroll.com/cm/g/out?arrfrr=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&xid_ch=f&advertisable=VKLGJLIDLZBGNADP7CU6F...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=jXFkx3YIdpda6WN1EyqigA
https://d.adroll.com/cm/g/in

42 B
536 B

67ms
66ms

Image
image/gif

54.171.41.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.41.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-41-181.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 May 2021 14:52:44 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Sat, 22 May 2021 14:52:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 520886331442104 Show response
connect.facebook.net/signals/config/ Frame 7895 254 KB
72 KB 72ms
71ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/520886331442104?v=2.9.40&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bfdaf20529fbb87acff6e4efa332beae16cc07cc8ea1bfcd880dd7f088ade53b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Nf2iWhK6NP/dtovgXf6LR2Bch9nvA+miLMazCq8qdLUVsL3Sm6jsj5OzEnGuRgYaoF8p8dbh13qVwD+rvGIrug==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 22 May 2021 14:52:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=417560128665607&ev=Microdata&dl=https%3A%2F%2Fwww.heathmankirkland.com%2F&rl=&if=false&ts=1621695163557&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Luxurious%20Kirkland%2C%20WA%20Hotel%20-%20The%20Heathman%20Kirkland%22%2C%22meta%3Adescription%22%3A%22Enjoy%20luxury%20accommodations%2C%20upscale%20amenities%2C%20farm-to-table%20dining%20and%20flex%20meeting%20space%20at%20our%20luxurious%20Kirkland%2C%20WA%20Hotel%20near%20Bellevue.%22%2C%22meta%3Akeywords%22%3A%22The%20Heathman%20Kirkland%2C%20Kirkland%20WA%20Hotels%2C%20The%20Heathman%20Hotel%2C%20Downtown%20Kirkland%20Hotels%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.40&r=stable&ec=1&o=30&fbp=fb.1.1621695162050.548232059&it=1621695161855&coo=false&es=automatic&tm=3&exp=l1&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heathmankirkland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 14:52:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sat, 22 May 2021 14:52:43 GMT

GET
H3-29 200 /
www.facebook.com/tr/ Frame 7895 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=520886331442104&ev=PageView&dl=https%3A%2F%2Fwww.stashrewards.com%2F%2Fstash-partner-widget-track%3Furl_key%3Dthe-heathman-hotel%26sw_action%3DLoad&rl=https%3A%2F%2Fwww.heathmankirkland.com%2F&if=true&ts=1621695163591&cd[segment_eid]=FQ6DK4UAOZCKRHZVVY7LW4&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=29&it=1621695163496&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=l0&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.stashrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 14:52:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sat, 22 May 2021 14:52:43 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: a-tiles.locationiq.com
URL: https://a-tiles.locationiq.com/v2/obk/r/18/42085/91475.png?key=2bf675d0f24874

Domain: a-tiles.locationiq.com
URL: https://a-tiles.locationiq.com/v2/obk/r/18/42084/91476.png?key=2bf675d0f24874

Domain: c-tiles.locationiq.com
URL: https://c-tiles.locationiq.com/v2/obk/r/18/42086/91476.png?key=2bf675d0f24874

Domain: c-tiles.locationiq.com
URL: https://c-tiles.locationiq.com/v2/obk/r/18/42085/91477.png?key=2bf675d0f24874

Domain: c-tiles.locationiq.com
URL: https://c-tiles.locationiq.com/v2/obk/r/18/42084/91475.png?key=2bf675d0f24874

Domain: b-tiles.locationiq.com
URL: https://b-tiles.locationiq.com/v2/obk/r/18/42086/91475.png?key=2bf675d0f24874

Domain: b-tiles.locationiq.com
URL: https://b-tiles.locationiq.com/v2/obk/r/18/42084/91477.png?key=2bf675d0f24874

Domain: a-tiles.locationiq.com
URL: https://a-tiles.locationiq.com/v2/obk/r/18/42086/91477.png?key=2bf675d0f24874

Domain: c-tiles.locationiq.com
URL: https://c-tiles.locationiq.com/v2/obk/r/18/42083/91476.png?key=2bf675d0f24874

Domain: a-tiles.locationiq.com
URL: https://a-tiles.locationiq.com/v2/obk/r/18/42087/91476.png?key=2bf675d0f24874

Domain: b-tiles.locationiq.com
URL: https://b-tiles.locationiq.com/v2/obk/r/18/42083/91475.png?key=2bf675d0f24874

Domain: c-tiles.locationiq.com
URL: https://c-tiles.locationiq.com/v2/obk/r/18/42087/91475.png?key=2bf675d0f24874

Domain: a-tiles.locationiq.com
URL: https://a-tiles.locationiq.com/v2/obk/r/18/42083/91477.png?key=2bf675d0f24874

Domain: b-tiles.locationiq.com
URL: https://b-tiles.locationiq.com/v2/obk/r/18/42087/91477.png?key=2bf675d0f24874

Domain: b-tiles.locationiq.com
URL: https://b-tiles.locationiq.com/v2/obk/r/18/42082/91476.png?key=2bf675d0f24874

Domain: b-tiles.locationiq.com
URL: https://b-tiles.locationiq.com/v2/obk/r/18/42088/91476.png?key=2bf675d0f24874

Domain: a-tiles.locationiq.com
URL: https://a-tiles.locationiq.com/v2/obk/r/18/42082/91475.png?key=2bf675d0f24874

Domain: a-tiles.locationiq.com
URL: https://a-tiles.locationiq.com/v2/obk/r/18/42088/91475.png?key=2bf675d0f24874

Domain: c-tiles.locationiq.com
URL: https://c-tiles.locationiq.com/v2/obk/r/18/42082/91477.png?key=2bf675d0f24874

Domain: c-tiles.locationiq.com
URL: https://c-tiles.locationiq.com/v2/obk/r/18/42088/91477.png?key=2bf675d0f24874

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.heathmankirkland.com/	1970-01-19 20:37:51	Name: _fbp Value: fb.1.1621695162050.548232059
.heathmankirkland.com/	1970-01-20 11:59:27	Name: _ga Value: GA1.1.158499224.1621695162
.heathmankirkland.com/	1970-01-20 11:59:27	Name: _ga_JVRMXDJV94 Value: GS1.1.1621695162.1.0.1621695162.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' *.letgroup.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-tiles.locationiq.com
ads.yahoo.com
ajax.googleapis.com
api.stashrewards.com
b-tiles.locationiq.com
c-tiles.locationiq.com
cdn.iubenda.com
cdn.letgroup.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
d3rg1399pygx85.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hits-i.iubenda.com
ib.adnxs.com
images.letgroup.com
images.stashrewards.com
pixel.advertising.com
pixel.rubiconproject.com
s.adroll.com
scontent-atl3-2.cdninstagram.com
script.hotjar.com
simage2.pubmatic.com
ssl.google-analytics.com
static.hotjar.com
sync.outbrain.com
sync.taboola.com
us-u.openx.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.heathmankirkland.com
www.iubenda.com
www.stashrewards.com
x.bidswitch.net
a-tiles.locationiq.com
b-tiles.locationiq.com
c-tiles.locationiq.com
104.111.214.240
141.226.228.48
142.250.185.130
172.217.23.98
178.62.192.243
18.158.81.184
18.205.18.241
185.64.190.80
2.17.181.202
2.18.234.21
2600:9000:21f3:d400:5:ce21:340:93a1
2606:4700:20::ac43:60e4
2a00:1288:80:800::7001
2a00:1450:4001:803::200a
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a02:26f0:6c00::210:baf3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:2880:f218:ca:face:b00c:0:43fe
34.98.64.218
37.252.172.45
52.29.176.117
52.59.28.101
52.70.215.199
52.84.49.97
54.171.41.181
54.192.219.116
54.192.219.125
54.192.219.34
54.192.219.50
54.230.108.156
69.173.144.139
70.42.32.191
0310e962f0ff651e988b5e1d9483a71f9c8de4772538df6cf81e1b68449acd8a
036f9745e46c2592a07bf264668e521f352d3fcf2b2a9a7fa88f6323086ae633
03cad5c91900db734321056ed6011dc78c2458a1e826e4fd81fbe122e4d97245
0417667998b258595cecbf967278e33d5769da1ca98ae324df43731ffb99bf07
0894cc62f8e406d115cc4f9491e8bc51b70c6c49005401ff7e9e7db625bdb9fb
0a1716af6fc79ca34b42aec633f26f8c179fa8615ca0b32e096d1aa890923052
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
149b17171b672e6a0b3761146c54a367756aa68a3c5c2fffa3ac0bce05b5a185
14a1aa553cf13657abc505b7e0b54d42a85db4d33eb3128a78cae73e840fa96f
151833621a443f532f1d84e6b887cbe38ed5f7c73af7a1c2d8b887d7e4e4fa54
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
1a651e69e113381a2b104ef8d44b9df46901f4e4b4062b478c4ea1b75c1ee759
1cd01d4d60b7aabd2b847b264efc35d22520301803a5dde3c2ea495f93c30817
20f8a4c790ec7dd5e745c704ffba150d1693c335f2427282bebb780d165c52e3
2193e1a515f3ea4f24813d7244e9e6d3e16ff2672fdbc8ea88ca330c05ce0a64
28f4c08ca6439c25758775e1d0b94191a2b933aed279ba3124a893c4a9c17b62
29bd8abfedc6d23a972eff46e67598978d839c4c403d52956b2a3e89426a3289
2ac1587499515471702f1cae341fa42f1f8ee62ff77223093b9aa83da87c7a1e
2c4b649fa77e9c9a343c213f48930595040d5f257ab55dd8f714ec12893be4a2
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e5735ee52fe811804caf77fad6a87dd82c827a9a0735ada1933f52ccf787f5b
2fcdb2f94a7f92536d6e2a923cb87a9529b82a46e7567706045723b049df1627
30310b8f43b59c9104f366a6d99e0ecdd7dc4fcf83afb0815c9d81d5100c1d60
344d2af27bd7a738af225dcf8553806c46d9dc889a332420847cc7de475b0ebd
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
44fd260563f49318f6bc6700c3f997d422dd5fb17055f5716e2851b2f049670a
45ce20adbfc796c03b2f434ed197bcea53c152ac0d4b1dd20b270343d2b1cdae
467743bf8a9e8ae77dcffb01ba3eae728863afa766cabad737e78d382da61367
4799f8b461bc68575815f7c10f9e34e02aa798b492e97fe12f188ee448462700
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
506df44f82ef782e6f5c6a7832dfd2be0638b393dca0c8d0964c616e296c83a4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54aebf05911590f0c30cca73b8596ed559e030c8c247e598e27df854eb61dd76
55147cd770eedca5f306670e208b5a6097b2a6238840d751a699caf16a88a4c0
5930e8458be31e52baa4fe04db2b248759f5f02971c370ed89e44d4ca8d5af51
59e856daf0eb65b117771eb39823f9d5f49e09817b3a76491dd2b8c5b9368529
5c351e8fdeb1479d865aeb56a8e117761cd36184a660f45609fdde4405785677
5d77c04ce5f7d16a20eaeee40ff8725c3ed08859a277d00fceeaf48582d16465
62e00bc145f784101aa0f9daabc8e78406cffc893cfd7122e068b3d7caf42a1d
6344ba60b5407714ea496dc2195e55d55a0de6446844786b976a5df387283dd2
635065c51102696bb7398e1f7b4cd14b3a9e39c15958c6115d3917a7022f09ce
67f8c7ac3fb041bde6c66e71ee36142e04a6514ad2209e363b3754a6c137f04c
68e72afc5b1e5d0f54027d8591e645baf91115f416e105a600d52f46baace183
6bb9e0b33740af7f5b781de78eb15c1bbc86e176f7430bfeefbed4e382c4c024
6d59f35a16fe8630128b9059a6d14ae95f702b1e0d61a8046371414e76e059ae
6fdc38d8799fd45ba7c3ba449dcf072c190cdb6ddc8d362aa816521884c9e478
732f9f6b655bfb40622df1757a9a08090df54b332f8c23ff07cc1d3b1d2f0afe
7444ec3fee0dab5ae7ce3b2b701b44f52d1a2a858d874881a123234cafb03c10
74ae807a7b8c9e4d061ea86f17956fb996728914ca58e9a1148e278dd5b23b21
80386ed7a243f21efa850227e4718686f27bfc2da728b9dad42cd92d62ca7cc4
836f825f678780570e685496bb8efc40f478fd535b596c197037512bf95d6469
87193968cfe0e0aa522404cb36207124483670c83a3761b848fb38165bbd207b
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8ddc0f3bbeb22aba504dd2b880f6435487db56e78dd1c1abc680ff213cc5000b
8e2e8ca04bcd842a6303403f9cbcc2d30b7f9b0e75889c8e0a88ca2ae0f61258
8ede71cdcb63e6a5d860c180f3406f610614fd81948bfdc0c222c15de0c46de8
8ee0c7baebde2fc65930a167d82f489d6410e7ab3eb98d1656ae76a24f55e37e
9100295509041dd1b68dea296970ab762186069e2dfcff43b074d5dea3be95ed
91fbda662d0f483752cf76c0fabf630d8eb4fd7f66ef3c29c63b7c602a05c145
94f92e67cec385bc8a0d121a0f4663d51c67b48ad11e24bb0ad7bfcbfd86b11d
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
975380d2613a95640f61cd208814427f5ba09d2a6668acc2aa0a1206a341cd56
9b29762eebcdc5ee31689eba37abc4703f4340131258ef1781eacc06e48bb80e
9ef9d4ac9dc25de66da2bba338c3b6a70a9d2fdf5d5c913db32b87992213aa31
9f18d55253ec7384a1106c588fa56b064e81e613d6a85b47fa1a4f9be4e32f69
a20db50ac4bc386912cd76e4b625051de283a111a7112fb2b1d1725a8d52ae51
a465df4f59264321d0b5fcbc0d233e1ba5d7c8f1b915f93fad9d055089f2ae9c
a51a50f16f4c081c26ef68180c5991947cc6c9e7044562f21bdfa02f187a07b7
a53fe60d15f16c1151ca66a9572f380c68fb5acd15390430a6d785b887ed6c51
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3067d75e528bbc600263d1e9976380941e2de3e80ee02106e73bad5842ed28a
b41707f02060644a84a91e0f7007312171369e93a0fdca3f14c1b5f243fbde87
b7071c73216a133ad4e241a09c142dcba3cfe9565b04527e56a12e2b7ae40021
b918dcb79e5b54685932e4d5d6779576ba984297e59ea78d0e10cb6bcba18fb9
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
ba72aa8d20da5f4a022bd74429ef856032644e5752b4e06794a2543723fc4917
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb77511571605e2c0cf17d87409a9b1f5e14c0261a2c93d26001f9d6cfd76532
bd23fb9303c41a26d8ef6bffc72e7098f3f65b97657b9779ab217e168d05aea4
bfdaf20529fbb87acff6e4efa332beae16cc07cc8ea1bfcd880dd7f088ade53b
c0ad637460b49cdc97d063c7f64615282a4c67aaff2cd588f1ae2374c2e42378
c12f928d6383b720e9f804ee0e7b80257f579f64b5c4b630baae9e521ce01826
c132fefd5c7cc58db78b3152f74ef891f102b8052a9e07b49a2141d08510a418
c2041b50ef652606c5be5457c6e55683b64c0f8e443e8b784dd70f579bf4e119
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c89cd7ab35c0781b8f0cd7d425246fba854bc688a2f5584444e6b7868bc8316e
c8c544308c9b9a3c5ebc071a1853c7086b216ea3de9e286c34b511e826abc240
d3866d05019d8d9a79db065fbc0ccabbf1bcbd1500650515be90007e3f58c6dc
da9f4f91dff5332a6f337ebfa9830b1f9a306528c137e0be3dfbbba7dde487d1
df95d6472e27dd41bea4cbdc5627bc07048774567457669018abb6194408b57f
e1631d6083cab0b04ab7a57223a85fba97737d053cfb6fa570c242199a98be3e
e25c0895a29e277cdb98d897fca616f714ca5e81b84c0b3d3fab4ea00e83d853
e2d8d39504ba387e526bfabcc22faf2a69e0ce22cd22e8f3a7c245b965ab20c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53f7caf1f1049f98d180700320e3e3dff040e449266ad82c6c087949bb39190
e73e49db072e2cfc7f3fd6869f40ce045c28d98aa1465c8f830a4643bbc39fc4
e8f7942dfa76dfec08198efff3b34086d117b34990a94c022ce200888bf9888e
e9bbe9a6da68a3e05de945ee662f3f7f62edb6e953f22d70dc6e17e446fa45c3
eefa5e4b186ba5bcac55f1fa9734323e313ca8334e8960df645d0c336b1c0c58
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc57efb0a3474961a00ffc8b007d85b8ed12615d096ffdbaf24d4e0b9563e48
efdde317b774ed03a69918bb931553608881c84987ce79e68c7f9d32d6138a96
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f9aa9d5e61d5a0adbf05164bbd85946d3d660efb4bfb08c87aef57be57b5ebb9
f9f6c0c2e2074c6c5e15f3c809e969c8e7be3b852829d495da5c14c3c581b627

www.heathmankirkland.com Open in urlscan Pro 52.70.215.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

151 Requests

87 %HTTPS

41 %IPv6

31 Domains

45 Subdomains

41 IPs

5 Countries

6183 kBTransfer

7967 kBSize

3 Cookies

14 Outgoing links

Redirected requests

151 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heathmankirkland.com Open in urlscan Pro
52.70.215.199 Public Scan

Screenshot
Live screenshot

Full Image

151
Requests

87 %
HTTPS

41 %
IPv6

31
Domains

45
Subdomains

41
IPs

5
Countries

6183 kB
Transfer

7967 kB
Size

3
Cookies

151 HTTP transactions
1 data transactions