urlscan.io logo urlscan.io
SecurityTrails logo

ha-web-us-live.azurewebsites.net Open in urlscan Pro
20.119.0.40  Public Scan

Go To Rescan Add Verdict Report
URL: https://ha-web-us-live.azurewebsites.net/
Submission: On December 03 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 1 countries across 13 domains to perform 75 HTTP transactions. The main IP is 20.119.0.40, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is ha-web-us-live.azurewebsites.net.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 01 on August 1st 2023. Valid for: a year.
This is the only time ha-web-us-live.azurewebsites.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

25    20.119.0.40 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ha-web-us-live.azurewebsites.net
4    2607:f8b0:4023:1::63 (Clarksville, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
4    2607:f8b0:4023:1::5e (Clarksville, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2607:f8b0:4023:1::61 (Clarksville, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2600:9000:23cb:e600:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
3    2607:f8b0:4024:c01::71 (Clarksville, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4024:c01::9d (Clarksville, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    23.47.144.79 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-47-144-79.deploy.static.akamaitechnologies.com
analytics.tiktok.com
6    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
static.klaviyo.com
fast.a.klaviyo.com
4    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
static-tracking.klaviyo.com
static-forms.klaviyo.com
2    2607:f8b0:4024:c02::9a (Clarksville, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2600:1f18:61c0:2205:51d3:eac:22fa:45e6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
3    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2607:f8b0:4024:c01::5e (Clarksville, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4006:81d::200e (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4024:c09::5f (Clarksville, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    35.173.7.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-7-68.compute-1.amazonaws.com
ipv4.d.adroll.com
Apex Domain
Subdomains		 Transfer
25 azurewebsites.net
ha-web-us-live.azurewebsites.net
5 MB
10 klaviyo.com
static.klaviyo.com — Cisco Umbrella Rank: 2510
static-tracking.klaviyo.com — Cisco Umbrella Rank: 3203
fast.a.klaviyo.com — Cisco Umbrella Rank: 3266
static-forms.klaviyo.com — Cisco Umbrella Rank: 2976
70 KB
8 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3061
d.adroll.com — Cisco Umbrella Rank: 1380
ipv4.d.adroll.com — Cisco Umbrella Rank: 11506
33 KB
6 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 617
150 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
415 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 152
3 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
158 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
234 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
262 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
30 KB
75 13
Domain Requested by
25 ha-web-us-live.azurewebsites.net ha-web-us-live.azurewebsites.net
code.jquery.com
6 analytics.tiktok.com ha-web-us-live.azurewebsites.net
analytics.tiktok.com
5 static.klaviyo.com www.googletagmanager.com
static.klaviyo.com
5 s.adroll.com 1 redirects www.googletagmanager.com
ha-web-us-live.azurewebsites.net
s.adroll.com
4 connect.facebook.net ha-web-us-live.azurewebsites.net
connect.facebook.net
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com ha-web-us-live.azurewebsites.net
www.gstatic.com
3 www.facebook.com ha-web-us-live.azurewebsites.net
3 static-tracking.klaviyo.com static.klaviyo.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com ha-web-us-live.azurewebsites.net
www.googletagmanager.com
www.google-analytics.com
2 d.adroll.com 1 redirects s.adroll.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
1 ipv4.d.adroll.com ha-web-us-live.azurewebsites.net
1 fonts.googleapis.com client
1 analytics.google.com www.googletagmanager.com
1 fonts.gstatic.com www.google.com
1 static-forms.klaviyo.com static-tracking.klaviyo.com
1 fast.a.klaviyo.com static-tracking.klaviyo.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 code.jquery.com ha-web-us-live.azurewebsites.net
75 21

This site contains links to these domains. Also see Links.

Domain
humanappealusa.org
Subject Issuer Validity Valid
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 01		 2023-08-01 -
2024-06-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
s.adroll.com
Amazon RSA 2048 M01		 2023-06-03 -
2024-07-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-11 -
2023-12-10		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
static.klaviyo.com
R3		 2023-11-14 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
static-tracking.klaviyo.com
R3		 2023-11-22 -
2024-02-20		 3 months crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-06		 a year crt.sh
fast.a.klaviyo.com
R3		 2023-11-14 -
2024-02-12		 3 months crt.sh
static-forms.klaviyo.com
R3		 2023-10-23 -
2024-01-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://ha-web-us-live.azurewebsites.net/
Frame ID: 00319AFAE96C8FF57BBFA2143655358C
Requests: 72 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdNPAUAAAAAIrG2krOiypxdFlG9ovwWChRwC0d&co=aHR0cHM6Ly9oYS13ZWItdXMtbGl2ZS5henVyZXdlYnNpdGVzLm5ldDo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=ta6vpsyadkal
Frame ID: F858C5E0DBDCC240E5A8037748515171
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Human Appeal USA Home | Human Appeal USA

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Basket
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • klaviyo\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

75
Requests

97 %
HTTPS

74 %
IPv6

13
Domains

21
Subdomains

20
IPs

1
Countries

6000 kB
Transfer

9095 kB
Size

20
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://s.adroll.com/j/pre/U4PMR3EYKZAPNAVAAVHKJI/MZDCIW4TJ5BCXLVHXOL4TL/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js
Request Chain 68
  • https://d.adroll.com/pixel/U4PMR3EYKZAPNAVAAVHKJI/MZDCIW4TJ5BCXLVHXOL4TL?adroll_fpc=7d5c187232365ada71ec22810fa93193-1701614852694&pv=3498555272.555137&arrfrr=https%3A%2F%2Fha-web-us-live.azurewebsites.net%2F&cookie=&adroll_s_ref=&keyw=&p0=1122 HTTP 302
  • https://s.adroll.com/pixel/U4PMR3EYKZAPNAVAAVHKJI/MZDCIW4TJ5BCXLVHXOL4TL/C3NLBWVWOVDWDOH5KRNS4Y.js

75 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ha-web-us-live.azurewebsites.net/ 		160 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ha-web-us-live.azurewebsites.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
03cda436b9b3593650ed22dbb3f12160d840c789239ba8b68a517ccd54fefbec
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Content-Type
text/html; charset=utf-8
Date
Sun, 03 Dec 2023 14:47:31 GMT
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Pragma
no-cache
Referrer-Policy
strict-origin
Strict-Transport-Security
max-age=2592000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block
theme.css
ha-web-us-live.azurewebsites.net/css/ 		680 KB
145 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ha-web-us-live.azurewebsites.net/css/theme.css?v=20231121
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2b26b6a3a35e9495ee672fbfb362fa0eeea9ee678965f91193bdb14fccc571ce
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2592000
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Fri, 01 Dec 2023 15:47:29 GMT
ETag
"1da246db06ae13a"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LcdNPAUAAAAAIrG2krOiypxdFlG9ovwWChRwC0d
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1::63 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
817f627aafb15f42e31509426d0a97c03664d5b8e75a3635789307877f2facae
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 14:47:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 03 Dec 2023 14:47:31 GMT
humanappeal-logo-97x126.svg
ha-web-us-live.azurewebsites.net/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ha-web-us-live.azurewebsites.net/img/humanappeal-logo-97x126.svg
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
50a5c8399a3070c859bf559f60486bc26a6e83b3f9f7285d0f5b01138f8464fa
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Tue, 18 Jul 2023 07:57:28 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1d9b94d7f174eb0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
10928
X-XSS-Protection
1; mode=block
israeli_attacks_on_gaza_continue-41.jpg
ha-web-us-live.azurewebsites.net/media/ffqfjw2e/ 		807 KB
808 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ha-web-us-live.azurewebsites.net/media/ffqfjw2e/israeli_attacks_on_gaza_continue-41.jpg?width=1600&height=787&rnd=133450419372230000
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0b057b92a3d77f16f7812427a42e0a2ea9d2821f6a0e68118c9f56d50bd994a8
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Thu, 30 Nov 2023 12:52:01 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1da238c02c5f242"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, immutable
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
826562
X-XSS-Protection
1; mode=block
legacyblog-filler-wm.png
ha-web-us-live.azurewebsites.net/img/placeholders/legacyblog/ 		644 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ha-web-us-live.azurewebsites.net/img/placeholders/legacyblog/legacyblog-filler-wm.png
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f1e75321f82264e1224da5626bbb78edf7f837ee22df3c4a0a665e6fa926e2e2
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Thu, 12 Oct 2023 09:42:42 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1d9fcf0720dd784"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
644
X-XSS-Protection
1; mode=block
download.png
ha-web-us-live.azurewebsites.net/media/cxghwunn/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ha-web-us-live.azurewebsites.net/media/cxghwunn/download.png
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c06bb1f07e9d21c4c7ff18dcd004c6c8bdfbde5b367a208769b3564c568ed8a6
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Thu, 30 Nov 2023 12:36:10 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1da2389cbf2c2d0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
39888
X-XSS-Protection
1; mode=block
jquery-3.7.0.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.7.0.min.js
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

Referer
https://ha-web-us-live.azurewebsites.net/
Origin
https://ha-web-us-live.azurewebsites.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 14:47:31 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
6812653
x-cache
HIT, HIT
content-length
30308
x-served-by
cache-lga13623-LGA, cache-ewr18172-EWR
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1701614851.328144,VS0,VE0
etag
W/"28feccc0-155a6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
35, 14136
theme.js
ha-web-us-live.azurewebsites.net/js/ 		378 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ha-web-us-live.azurewebsites.net/js/theme.js?v=20231201c
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bdc08aa29e452d0d815d011c42d7a2deb47b917206d23460c5b269379ca750b7
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2592000
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Fri, 01 Dec 2023 17:18:57 GMT
ETag
"1da247a777f308b"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
recaptcha__en.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 		465 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcdNPAUAAAAAIrG2krOiypxdFlG9ovwWChRwC0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1::5e Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ha-web-us-live.azurewebsites.net/
Origin
https://ha-web-us-live.azurewebsites.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 14:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88524
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190682
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Dec 2024 14:12:07 GMT
gtm.js
www.googletagmanager.com/ 		288 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PKV2FD5
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1::61 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
071d858d4fa215adefbf884d9ddd031ee8823bad3db0dc00f23f93c6f2ff3283
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 14:47:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98022
x-xss-protection
0
last-modified
Sun, 03 Dec 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 03 Dec 2023 14:47:31 GMT
svg-sprites.svg
ha-web-us-live.azurewebsites.net/img/ 		40 KB
40 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ha-web-us-live.azurewebsites.net/img/svg-sprites.svg
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
430cfb13fad0fa1d43587ae649de90b2cc8e16ee33c72c7e1dcfe4970dbfdf0e
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Mon, 20 Mar 2023 11:04:26 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1d95b1bbbf8c79a"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
40602
X-XSS-Protection
1; mode=block
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
DINNextSlabPro-Regular.woff
ha-web-us-live.azurewebsites.net/css/fonts/din-next-slab/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ha-web-us-live.azurewebsites.net/css/fonts/din-next-slab/DINNextSlabPro-Regular.woff
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/css/theme.css?v=20231121
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b1e7056c65dd7699926686f8c355cf0cf372fc61c6585f066bdd32ff501a6167
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ha-web-us-live.azurewebsites.net/
Origin
https://ha-web-us-live.azurewebsites.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Mon, 18 May 2020 08:29:55 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1d62cee8211a9b4"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
43572
X-XSS-Protection
1; mode=block
icons-s711324b706.png
ha-web-us-live.azurewebsites.net/img/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ha-web-us-live.azurewebsites.net/img/icons-s711324b706.png
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/css/theme.css?v=20231121
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5d4e21b5f150808f20a36a57a706748bba9ea541b13ec1bae2585a6b1e35f6de
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Wed, 04 Oct 2023 11:14:13 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1d9f6b3e7a37914"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
35220
X-XSS-Protection
1; mode=block
DINNextLTPro-Bold.woff
ha-web-us-live.azurewebsites.net/css/fonts/din-next/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ha-web-us-live.azurewebsites.net/css/fonts/din-next/DINNextLTPro-Bold.woff
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/css/theme.css?v=20231121
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ec019e66fb65c9e14e9acdb080d70b7435f9060bd6327de65bfb4ee717453958
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ha-web-us-live.azurewebsites.net/
Origin
https://ha-web-us-live.azurewebsites.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Mon, 18 May 2020 08:29:55 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1d62cee8211c0c0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
49984
X-XSS-Protection
1; mode=block
DINNextSlabPro-Light.woff
ha-web-us-live.azurewebsites.net/css/fonts/din-next-slab/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ha-web-us-live.azurewebsites.net/css/fonts/din-next-slab/DINNextSlabPro-Light.woff
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/css/theme.css?v=20231121
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c17f599fbc7c93713e57c67c7ca76e15f9afaa94449a5bb324514b3689ea40fa
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ha-web-us-live.azurewebsites.net/
Origin
https://ha-web-us-live.azurewebsites.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Mon, 18 May 2020 08:29:55 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1d62cee8211a900"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
43648
X-XSS-Protection
1; mode=block
DINNextLTPro-Medium.woff
ha-web-us-live.azurewebsites.net/css/fonts/din-next/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ha-web-us-live.azurewebsites.net/css/fonts/din-next/DINNextLTPro-Medium.woff
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/css/theme.css?v=20231121
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abc22aa6ad81e5a5df26930d724a7563136f46949577c8c6eb7ee750decffd7b
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ha-web-us-live.azurewebsites.net/
Origin
https://ha-web-us-live.azurewebsites.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Mon, 18 May 2020 08:29:55 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1d62cee8211ed10"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
61072
X-XSS-Protection
1; mode=block
DINNextLTPro-Regular.woff
ha-web-us-live.azurewebsites.net/css/fonts/din-next/ 		60 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ha-web-us-live.azurewebsites.net/css/fonts/din-next/DINNextLTPro-Regular.woff
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/css/theme.css?v=20231121
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e32c7cd0740ae9f359bea9d90105d03c449486dcf44fffd9dfa655bec52e1730
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ha-web-us-live.azurewebsites.net/
Origin
https://ha-web-us-live.azurewebsites.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Mon, 18 May 2020 08:29:55 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1d62cee8211f304"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
61572
X-XSS-Protection
1; mode=block
DINNextSlabPro-Bold.woff
ha-web-us-live.azurewebsites.net/css/fonts/din-next-slab/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ha-web-us-live.azurewebsites.net/css/fonts/din-next-slab/DINNextSlabPro-Bold.woff
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/css/theme.css?v=20231121
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
82da591e185683fb95ff72b6b60c830d91f62d0259b0e56f93018c1cf5b71da6
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ha-web-us-live.azurewebsites.net/
Origin
https://ha-web-us-live.azurewebsites.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Mon, 18 May 2020 08:29:55 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1d62cee8211815c"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
33500
X-XSS-Protection
1; mode=block
israeli_attacks_on_gaza_continue-41.jpg
ha-web-us-live.azurewebsites.net/media/ffqfjw2e/ 		807 KB
808 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ha-web-us-live.azurewebsites.net/media/ffqfjw2e/israeli_attacks_on_gaza_continue-41.jpg?width=1600&height=787&rnd=133450419372230000
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0b057b92a3d77f16f7812427a42e0a2ea9d2821f6a0e68118c9f56d50bd994a8
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Thu, 30 Nov 2023 12:52:01 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1da238c02c5f242"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, immutable
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
826562
X-XSS-Protection
1; mode=block
getItemCount
ha-web-us-live.azurewebsites.net/api/cart/ 		1 B
873 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ha-web-us-live.azurewebsites.net/api/cart/getItemCount
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.7.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://ha-web-us-live.azurewebsites.net/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2592000
Referrer-Policy
strict-origin
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Vary
Accept-Encoding
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
X-XSS-Protection
1; mode=block
rs39651_img_3892.jpg
ha-web-us-live.azurewebsites.net/media/2qplrhbi/ 		346 KB
346 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ha-web-us-live.azurewebsites.net/media/2qplrhbi/rs39651_img_3892.jpg?width=1600&height=787&rnd=133457412719400000
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e352bfea90e41f5d6aad6aef1e39f88c02bdf5f7740d352bd1cbbe0adbbbe5a8
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Thu, 30 Nov 2023 12:52:34 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1da238c1671b35f"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, immutable
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
353887
X-XSS-Protection
1; mode=block
rs39651_img_3892.jpg
ha-web-us-live.azurewebsites.net/media/qmodn2uq/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ha-web-us-live.azurewebsites.net/media/qmodn2uq/rs39651_img_3892.jpg?width=838&height=414&rnd=133457494060930000
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
405a57374ec154cb4944bc2d1cbd500891ac91d1a0975cd071a8a8a83d8992b7
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Thu, 30 Nov 2023 12:52:35 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1da238c170c91c1"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, immutable
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
129601
X-XSS-Protection
1; mode=block
qurbani-olive-trees-usa.jpg
ha-web-us-live.azurewebsites.net/media/xinn0bwe/ 		176 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ha-web-us-live.azurewebsites.net/media/xinn0bwe/qurbani-olive-trees-usa.jpg?width=838&height=414&rnd=133450436355770000
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cc79063230ac56bd810f3e6c2b0c0d18155d74c0e7ba92d339fa207eb377f044
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Thu, 30 Nov 2023 12:52:30 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1da238c1410bb25"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, immutable
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
180261
X-XSS-Protection
1; mode=block
qurbani-zakat-1.jpg
ha-web-us-live.azurewebsites.net/media/fb2pne12/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ha-web-us-live.azurewebsites.net/media/fb2pne12/qurbani-zakat-1.jpg?width=838&height=414&rnd=133450436362700000
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d26d01d702061e2d957ac8b9f94f0afb336b33d5cf1f0a76dfa91180f5c965d0
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Thu, 30 Nov 2023 12:52:35 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1da238c170d0000"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, immutable
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
27520
X-XSS-Protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		244 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0BFS5HTRY1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKV2FD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1::61 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f3277dfb574be079af56d74a18c4274bb7615e5a40d4d17738120bf773a7d5fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 14:47:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86187
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 03 Dec 2023 14:47:31 GMT
roundtrip.js
s.adroll.com/j/ 		77 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKV2FD5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:e600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04973f96fb9c6e41af1fc9486d48e8936d01498f8eedb266616bacd866e2e6c5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

X-Amz-Version-Id
WR87b7q5q8oup3pL2O5SSN.NVO0Ke7cd
Content-Encoding
gzip
Via
1.1 8770cedbbb1c2feb157dc67ce83fe00c.cloudfront.net (CloudFront)
Date
Sun, 03 Dec 2023 14:20:42 GMT
Age
1611
X-Amz-Cf-Pop
JFK50-P1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 31 Oct 2023 15:28:28 GMT
Server
AmazonS3
Etag
W/"c7df5f519bb5d8f62bef23196a8ec659"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
qkuug260Gv7gY0kq257tZUhT1lWxFEh-TV5LueYi918R9gGbf8EZUA==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKV2FD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4024:c01::71 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 03 Dec 2023 14:00:59 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2793
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 03 Dec 2023 16:00:59 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10866715258/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10866715258/?random=1701614851861&cv=11&fst=1701614851861&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v857800643&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fha-web-us-live.azurewebsites.net%2F&hn=www.googleadservices.com&frm=0&tiba=Human%20Appeal%20USA%20Home%20%7C%20Human%20Appeal%20USA&auid=735122679.1701614852&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKV2FD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4024:c01::9d Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19bad55360c2117ec338a9929f07b585f17e3b841ab32661bef013125459ae06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 14:47:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1254
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 03 Dec 2023 14:47:32 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
qWPU9e4i5ZvV5LJk0hsbq1SRTsdn92mWxi6dyawB/OD5FqaTgLaiGoicaPhEzxOTuBO7rYMyxbhkFZAXy0EF2w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFJ3ENJC77U6J4U08ROG&lib=ttq
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.79 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-79.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
613c09406eaed0bd4a371f81d9efa101fa4c8164178a73c7e5311bb97a28ee1c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id
6c9f2079
date
Sun, 03 Dec 2023 14:47:32 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-54-64-143.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=12
content-length
1743
pragma
no-cache
server
nginx
x-tt-logid
20231203144732EAB3D3C98E1D3404936C
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
12,23.54.64.143
x-tt-trace-host
01090edc811cc9831b84fc502a11b0f4c78aef68147a21c2f3801a0373d25beeef9266967c730139abba57d9b0b6bac2cb243b67b88be23cbc35ffac02f688d5199c4b726d8389f89d3f64b3e44fb34450dc1dc49a8c0e924dfdbbeab8f5cf60c8
expires
Sun, 03 Dec 2023 14:47:32 GMT
klaviyo.js
static.klaviyo.com/onsite/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=UABqdp
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKV2FD5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a8e6b33c795ce56ce9f3fcca704b90c5601e3e459bac0d8daf653c4f87ad12fc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; report-uri /csp/

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; report-uri /csp/
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sun, 03 Dec 2023 14:47:32 GMT
age
136586
x-cache
HIT, HIT
content-length
1161
x-served-by
cache-lga13626-LGA, cache-ewr18164-EWR
server
nginx
x-timer
S1701614852.135767,VS0,VE1
etag
W/"1077aa033548ba4d0cfd0e898263a826"
allow
GET, OPTIONS
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=1, stale-while-revalidate=10800
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
9, 1
anchor
www.google.com/recaptcha/api2/ Frame F858 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdNPAUAAAAAIrG2krOiypxdFlG9ovwWChRwC0d&co=aHR0cHM6Ly9oYS13ZWItdXMtbGl2ZS5henVyZXdlYnNpdGVzLm5ldDo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=ta6vpsyadkal
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1::63 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
70b499b3aa9a3d5b02233ba5a8d1be8384f25649a9fbd44f7fb86700a76e73e0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-u205TeoAJQhGX56bW8jJuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ha-web-us-live.azurewebsites.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-u205TeoAJQhGX56bW8jJuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 14:47:31 GMT
expires
Sun, 03 Dec 2023 14:47:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dsc04924.jpg
ha-web-us-live.azurewebsites.net/media/tutjyfrb/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ha-web-us-live.azurewebsites.net/media/tutjyfrb/dsc04924.jpg?width=1600&height=787&rnd=133450432949400000
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
09584415c220b5163765b9a08230b7b75b7e21dbaa7df2d14e25b2a821aa937f
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:31 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Thu, 30 Nov 2023 12:52:39 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1da238c197d0b9e"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, immutable
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
1232414
X-XSS-Protection
1; mode=block
collect
www.google-analytics.com/g/ 		0
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0BFS5HTRY1&gtm=45je3bt0v892798679z8857800643&_p=1701614851310&gcd=11l1l1l1l1&dma=0&cid=175914073.1701614852&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701614852&sct=1&seg=0&dl=https%3A%2F%2Fha-web-us-live.azurewebsites.net%2F&dt=Human%20Appeal%20USA%20Home%20%7C%20Human%20Appeal%20USA&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1186
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0BFS5HTRY1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4024:c01::71 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 14:47:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ha-web-us-live.azurewebsites.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame F858 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdNPAUAAAAAIrG2krOiypxdFlG9ovwWChRwC0d&co=aHR0cHM6Ly9oYS13ZWItdXMtbGl2ZS5henVyZXdlYnNpdGVzLm5ldDo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=ta6vpsyadkal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023:1::5e Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 04:09:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 04:09:34 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame F858 		465 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdNPAUAAAAAIrG2krOiypxdFlG9ovwWChRwC0d&co=aHR0cHM6Ly9oYS13ZWItdXMtbGl2ZS5henVyZXdlYnNpdGVzLm5ldDo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=ta6vpsyadkal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023:1::5e Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 14:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190682
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Dec 2024 14:12:07 GMT
main.MTdjYzNiZDU2MQ.js
analytics.tiktok.com/i18n/pixel/static/ 		417 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFJ3ENJC77U6J4U08ROG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.79 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-79.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id
6c9f20c2
date
Sun, 03 Dec 2023 14:47:32 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2023110907313190E54AC27AC2B4E5D0C7
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-54-64-143.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01445886b1c8c3a23f797fb70b907a5162d2554e6768bfb4f6203eb7e32c5e293c807a7bc3111480134e1df4942c10abfaaff1b6b625900e783488a09d361c953cab37b32c54bcc34be8f258afa26befda356898aea2af144a7d23ee60df551f19
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=13
content-length
110059
/
www.google.com/pagead/1p-user-list/10866715258/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10866715258/?random=1701614851861&cv=11&fst=1701612000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v857800643&u_w=1600&u_h=1200&url=https%3A%2F%2Fha-web-us-live.azurewebsites.net%2F&frm=0&tiba=Human%20Appeal%20USA%20Home%20%7C%20Human%20Appeal%20USA&fmt=3&is_vtc=1&cid=CAQSGwDICaaNJ1AHQFFDrAML215n7NRLzgc6acG5Tg&random=2310579866&rmt_tld=0&ipr=y
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023:1::63 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 14:47:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
473778881326414
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/473778881326414?v=2.9.138&r=stable&domain=ha-web-us-live.azurewebsites.net
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e0eec50edb6fa9a748ef3b5fa3bb36b7a938831ff8bea38847cebbc48e31faab
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 03 Dec 2023 14:47:32 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
BSmvfk/U81OWgmeUvT1/1fF7If44PkcnI3YJnCGRNztj9HMRbVdUNFTHB8J/L+TamkfycDnPcDYryuSCTmb3QA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/U4PMR3EYKZAPNAVAAVHKJI/MZDCIW4TJ5BCXLVHXOL4TL/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
HTTP/1.1
Server
2600:9000:23cb:e600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date
Sat, 02 Dec 2023 18:14:22 GMT
Via
1.1 8770cedbbb1c2feb157dc67ce83fe00c.cloudfront.net (CloudFront)
Age
73990
X-Amz-Cf-Pop
JFK50-P1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
77eYrGuIzPcUQprtk9LBFZoGJMtWHoS7sm5txeRv3jhqmINyFkDUCQ==

Redirect headers

Date
Sat, 02 Dec 2023 18:26:23 GMT
Via
1.1 8770cedbbb1c2feb157dc67ce83fe00c.cloudfront.net (CloudFront)
Age
73268
X-Amz-Cf-Pop
JFK50-P1
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
MKATPW5LKoQg8UoAKB23yNjGix_-_o_ji95xzJaOo0VRcVIhAHA8oQ==
index.js
s.adroll.com/j/pre/U4PMR3EYKZAPNAVAAVHKJI/MZDCIW4TJ5BCXLVHXOL4TL/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/U4PMR3EYKZAPNAVAAVHKJI/MZDCIW4TJ5BCXLVHXOL4TL/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:e600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53ed652c4ef9ae06063e9e261d8dc730a32c7f94e5fc8e9c0cb7a5976e74f6b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

X-Amz-Version-Id
Zd7pyJuAprXlPZt..fcU7CFqVq9i9euS
Content-Encoding
gzip
Via
1.1 8770cedbbb1c2feb157dc67ce83fe00c.cloudfront.net (CloudFront)
Date
Sun, 03 Dec 2023 14:17:50 GMT
Age
2570
X-Amz-Cf-Pop
JFK50-P1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 29 Nov 2023 12:09:04 GMT
Server
AmazonS3
Etag
W/"459cb1a9305a91036e006846810993f6"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
_darK8eeKjglhOQdJRfw2cVPP6Y7HnMcB8ccnXLP1if3Y1M0yAee5g==
collect
www.google-analytics.com/j/ 		16 B
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1550474848&t=pageview&_s=1&dl=https%3A%2F%2Fha-web-us-live.azurewebsites.net%2F&ul=en-us&de=UTF-8&dt=Human%20Appeal%20USA%20Home%20%7C%20Human%20Appeal%20USA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=883549509&gjid=1786706181&cid=175914073.1701614852&tid=UA-48064480-5&_gid=1176306045.1701614852&_r=1&_slc=1&gtm=45He3bt0n81PKV2FD5v857800643&gcd=11l1l1l1l1&dma=0&z=1658628447
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4024:c01::71 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
11b409cc4fef15eb7f217dc237e12cad0f89eece391c16ae098efb99bb076433
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ha-web-us-live.azurewebsites.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 14:47:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ha-web-us-live.azurewebsites.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
fender_analytics.89f34df06656c3dc9d28.js
static-tracking.klaviyo.com/onsite/js/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tracking.klaviyo.com/onsite/js/fender_analytics.89f34df06656c3dc9d28.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=UABqdp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
73aafae1eeecc20073d809ed9e267a6e4a02ed205a262e0841ec90c7fb017c7e

Request headers

Referer
https://ha-web-us-live.azurewebsites.net/
Origin
https://ha-web-us-live.azurewebsites.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
fPTrWbuKN.iZ3tb8Xlagsf4qSwkCTQLU
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sun, 03 Dec 2023 14:47:32 GMT
x-amz-request-id
AS5JSHBQ4B2AEEV8
age
136609
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
11635
x-amz-id-2
2ZH3/XjxHpno7wb3JtF2ui7PNyu9QnGqBSKPDdLlSsN3zknkexl5VV0Jc8UXyguhvFjY1LURqOs=
x-served-by
cache-lga13626-LGA, cache-ewr18134-EWR
last-modified
Mon, 06 Nov 2023 18:18:30 GMT
server
AmazonS3
etag
"bb49f17f755f19e389ff56fdf58385b4"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a957c60a472df3e447f40628303353bdd959aba8
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
50, 78528
static.500134348b1f0969ffe3.js
static-tracking.klaviyo.com/onsite/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=UABqdp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

Referer
https://ha-web-us-live.azurewebsites.net/
Origin
https://ha-web-us-live.azurewebsites.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
a.8vL6w09uHoOx__c8l8Rss._YtP0zbq
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sun, 03 Dec 2023 14:47:32 GMT
x-amz-request-id
AS5HKYSNDWHFWQPJ
age
136609
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
985
x-amz-id-2
lb2mEKN6as878KkhLA8/+6rSwe2GSwSFSq6iDg+a3Gf6YOkZB1bMgWyDkQdIjlUEPhfTP4+Fl00=
x-served-by
cache-lga21976-LGA, cache-ewr18134-EWR
last-modified
Mon, 06 Nov 2023 18:18:30 GMT
server
AmazonS3
etag
"64de10774c3382fe4adddab07ea17f0d"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a957c60a472df3e447f40628303353bdd959aba8
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
55, 80215
runtime.d475a4bf5d580151a64e.js
static.klaviyo.com/onsite/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/runtime.d475a4bf5d580151a64e.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=UABqdp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05e64eb1a41777b3799018608f07170dc4f940c043b1d6bc33e2a0008fe00a22

Request headers

Referer
https://ha-web-us-live.azurewebsites.net/
Origin
https://ha-web-us-live.azurewebsites.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
lM839VchcRU1zliOKYV1Zm.1xKoA7YCn
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sun, 03 Dec 2023 14:47:32 GMT
x-amz-request-id
X71V7VPE2GE3TJFG
age
136609
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
8169
x-amz-id-2
7DueISHxV8ZQ43yLtKHUsHYSDGExolOcMpeMnqjIRS8dYXPm6/RfXjRs0Z0C8Mz4xyoccvSXL8Y=
x-served-by
cache-lga13626-LGA, cache-ewr18147-EWR
last-modified
Thu, 30 Nov 2023 20:34:36 GMT
server
AmazonS3
etag
"dea007a286991c20af82d8110d3440ce"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a833e5db385ebff4c67f32203df578fa8f6c54e4
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
1, 90085
sharedUtils.0c788129d9608099c20f.js
static.klaviyo.com/onsite/js/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/sharedUtils.0c788129d9608099c20f.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=UABqdp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6bdf2f8c72b77c5c55f4a1e81a2ad47f61bd229032039847e4b8524cf37ba409

Request headers

Referer
https://ha-web-us-live.azurewebsites.net/
Origin
https://ha-web-us-live.azurewebsites.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
kzc2e.TRnzsGRbze_RLkqvyXsDVzZ3a9
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sun, 03 Dec 2023 14:47:32 GMT
x-amz-request-id
5YJBDEBWDFSVBH33
age
136609
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
16779
x-amz-id-2
BsTTkdcDmEY4KQWDkecDeYkYel/T2i6XNfWBU1R3wWlrTf57l53tYjrONkFtut1F+4Z1BILXdYu4341XhZr59bvxkHIqEA7iUIuYbZlNNMY=
x-served-by
cache-lga21922-LGA, cache-ewr18147-EWR
last-modified
Thu, 30 Nov 2023 19:20:08 GMT
server
AmazonS3
etag
"ff7ef0581c0c014e4d5b98ed9f704873"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
bcf113fc86cc941cd04ad749b126dd7ee5ade03b
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
44, 90098
vendors~signup_forms.f3ed4b7e48b30a32dcaa.js
static.klaviyo.com/onsite/js/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/vendors~signup_forms.f3ed4b7e48b30a32dcaa.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=UABqdp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
179a471a9e859abc8338f104a5e367e7f724d9f540454ea0fd9c793324bb409c

Request headers

Referer
https://ha-web-us-live.azurewebsites.net/
Origin
https://ha-web-us-live.azurewebsites.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
ZhNogCIJONMuChXu.t4F7L2ie_KxJ_Pj
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sun, 03 Dec 2023 14:47:32 GMT
x-amz-request-id
AS5SV8VJ00WB1284
age
136609
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
11079
x-amz-id-2
Qo2u7ig/nyEMbWTjaKheHni/MZNLcdgdUFOZhBDbmfj2nrlOnSROg5xiwH4XZH89GwLRYWH/kBE=
x-served-by
cache-lga21980-LGA, cache-ewr18147-EWR
last-modified
Mon, 06 Nov 2023 18:18:30 GMT
server
AmazonS3
etag
"6dbcc92ef0da9f2c90a94133f8337b36"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a957c60a472df3e447f40628303353bdd959aba8
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
26, 64240
signup_forms.6b6e56a09642d38f8488.js
static.klaviyo.com/onsite/js/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/signup_forms.6b6e56a09642d38f8488.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=UABqdp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4198e21eba2642076c59a1ce77340760d8ecb314e0157ba47367ef792aeed10f

Request headers

Referer
https://ha-web-us-live.azurewebsites.net/
Origin
https://ha-web-us-live.azurewebsites.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
LD8OSYuAtJZ4f1_mBu6qMuC60KuOXi_G
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sun, 03 Dec 2023 14:47:32 GMT
x-amz-request-id
AS5JCDNP00R0N5PB
age
136609
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
12493
x-amz-id-2
tjaUjepAgu7LhHaZLIKHgbNEuzQZ0Zp76cECRJJxopOjfxzWOAueCbhY44ZoxEVBSHdrQtkamZk=
x-served-by
cache-lga21934-LGA, cache-ewr18147-EWR
last-modified
Mon, 06 Nov 2023 18:18:30 GMT
server
AmazonS3
etag
"578f9348a6d5bc33d09503783c7e2e6e"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a957c60a472df3e447f40628303353bdd959aba8
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
58, 64346
post_identification_sync.bd6c56cefa3b981da223.js
static-tracking.klaviyo.com/onsite/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tracking.klaviyo.com/onsite/js/post_identification_sync.bd6c56cefa3b981da223.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=UABqdp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d179a95f323fea709ddba50be80ca43e77c316ebd7dc18583bd42144efadfbe0

Request headers

Referer
https://ha-web-us-live.azurewebsites.net/
Origin
https://ha-web-us-live.azurewebsites.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
2f3x2Kg0SoVE_QC5dCYH1A9iCGL1U.pH
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sun, 03 Dec 2023 14:47:32 GMT
x-amz-request-id
QW09D22ENY5MA8KS
age
136609
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
2848
x-amz-id-2
5JudD2K3rFWifAmL1xF56KiP3JxqOdo+DoIJP1Z9WRX9szD7/QzVZSZtVDPeBZ4nYPT2PVPRkjY=
x-served-by
cache-lga21955-LGA, cache-ewr18134-EWR
last-modified
Mon, 06 Nov 2023 18:18:30 GMT
server
AmazonS3
etag
"2916019f5fdfcc69a8fbab0980b2506e"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a957c60a472df3e447f40628303353bdd959aba8
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
13, 14060
identify_bb163.js
analytics.tiktok.com/i18n/pixel/static/ 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.79 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-79.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id
6c9f2155
date
Sun, 03 Dec 2023 14:47:32 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202311090731330BDC067D885D70EA5EAF
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-54-64-143.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
012d976dc57ba3cb8c6ebae7ccbae4ba8e47a9f01258af3ff32d17bf111a7fc8dc6da184d34b6ee79e129119eaf9dd67d3ff4ce8d163e9421dd459a4c9b25a6aa20d9d8d955628811c91df6dd0afbbbbec7e484d41a19930f2d978fc24f23ae020
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length
35984
pixel
analytics.tiktok.com/api/v2/ 		0
646 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.79 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-79.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ha-web-us-live.azurewebsites.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
6c9f21ba
date
Sun, 03 Dec 2023 14:47:32 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-54-64-143.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
server-timing
inner; dur=36, cdn-cache; desc=MISS, edge; dur=5, origin; dur=45
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023120314473270F037D003D82EDED0BC
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
46,23.54.64.143
x-tt-trace-host
01090edc811cc9831b84fc502a11b0f4c78aef68147a21c2f3801a0373d25beeef752a604b5e6cd7cd1de3b54adfed08cda66f9b8e4d351feeed06e26e63a4c4f2999b18c51edb062c8420880eee504d6286fa87f8920da41e71d9d9e5d5709961
access-control-allow-headers
Authorization,*
expires
Sun, 03 Dec 2023 14:47:32 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-48064480-5&cid=175914073.1701614852&jid=883549509&gjid=1786706181&_gid=1176306045.1701614852&_u=YADAAEAAAAAAACAAI~&z=1691809907
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4024:c02::9a Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ha-web-us-live.azurewebsites.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 03 Dec 2023 14:47:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ha-web-us-live.azurewebsites.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		229 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YS8D08C7DR&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023:1::61 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1a43e86a2ab94e8f4af2911da8185a5572e9b633392a7bc92b39c8f002476713
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 14:47:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83139
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 03 Dec 2023 14:47:32 GMT
U4PMR3EYKZAPNAVAAVHKJI
d.adroll.com/consent/check/ 		485 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/U4PMR3EYKZAPNAVAAVHKJI?pv=3498555272.555137&arrfrr=https%3A%2F%2Fha-web-us-live.azurewebsites.net%2F&_s=15e50ff054e9c30cc6f4babb6f83f565&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:51d3:eac:22fa:45e6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
9253da695451f4aaf572a64e24a8f26fb3c7662ed1c69a97bef50d1ce4609d20

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
application/javascript
pragma
no-cache
date
Sun, 03 Dec 2023 14:47:32 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
485
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
onsite
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 		339 B
901 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=UABqdp
Requested by
Host: static-tracking.klaviyo.com
URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.89f34df06656c3dc9d28.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aa848458757e32f03a7896f63271b2fa0367aa385a4bd5f0a5f004f331c7172f
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 14:47:32 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=900
age
3909748
content-security-policy-report-only
base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; report-uri /csp/
x-cache
HIT, HIT
content-length
339
x-served-by
cache-bos4684-BOS, cache-ewr18160-EWR
server
nginx
allow
GET, HEAD, OPTIONS
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10
access-control-allow-credentials
true
access-control-max-age
86400
accept-ranges
bytes
access-control-allow-headers
vary
Cookie
x-cache-hits
2980, 1
full-forms
static-forms.klaviyo.com/forms/api/v7/UABqdp/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static-forms.klaviyo.com/forms/api/v7/UABqdp/full-forms
Requested by
Host: static-tracking.klaviyo.com
URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.89f34df06656c3dc9d28.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edf63dadb647eeb253d939817c97d819323f7bd30a1f4a037fcb3b98e1cc241a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
GK_9xK0bR880w25maFIdG17nTJikpwdj
content-encoding
gzip
via
1.1 varnish
date
Sun, 03 Dec 2023 14:47:32 GMT
x-amz-request-id
RZ3D6EWXTZGVVBYR
age
352488
x-amz-server-side-encryption
AES256
x-cache
HIT
client-geo-continent
NA
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
full-forms/shared full-forms/UABqdp custom-fonts/UABqdp
content-length
1835
x-amz-id-2
m4wkbpTF6viw0mrZjt1wXWnkyzQJHBu2zQAk3xVEB2qB4hjtPk/MAGjT3m4A7OJwS45F++zr88g=
x-served-by
cache-ewr18167-EWR
client-geo-country
US
last-modified
Wed, 11 Oct 2023 15:23:02 GMT
server
AmazonS3
x-timer
S1701614853.583709,VS0,VE5
etag
"70c74ebc6957ae2991b8af1792ad5dbb"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
client-geo-continent, client-geo-country
cache-control
max-age=5
accept-ranges
bytes
x-cache-hits
1
365694682237398
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/365694682237398?v=2.9.138&r=stable&domain=ha-web-us-live.azurewebsites.net
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dadb1faa639669121a562d60f9ee248964b0d5574427355b27f735932e66ea1c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 03 Dec 2023 14:47:32 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
25zZIv/AUFZeSUVbQZ/v1KV/9UiA2dnEzPtvuRhxNZrDpSCdVMVfWoriS85g3C0RI0TJw1n/buLcKNSsxHaDcg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=473778881326414&ev=PageView&dl=https%3A%2F%2Fha-web-us-live.azurewebsites.net%2F&rl=&if=false&ts=1701614852474&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1701614852473.794236934&ler=empty&it=1701614852192&coo=false&rqm=GET
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 03 Dec 2023 14:47:32 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F858 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023:1::5e Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 04:39:53 GMT
x-content-type-options
nosniff
age
209259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 08 Dec 2023 04:39:53 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F858 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdNPAUAAAAAIrG2krOiypxdFlG9ovwWChRwC0d&co=aHR0cHM6Ly9oYS13ZWItdXMtbGl2ZS5henVyZXdlYnNpdGVzLm5ldDo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=ta6vpsyadkal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4024:c01::5e Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 13:45:34 GMT
x-content-type-options
nosniff
age
435718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Nov 2024 13:45:34 GMT
collect
analytics.google.com/g/ 		0
266 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-YS8D08C7DR&_ono=1&gtm=45je3bt0v9139014300&_p=1701614851310&_gaz=1&gcd=11l1l1l1l2&dma=0&tcfd=10000&ul=en-us&sr=1600x1200&cid=175914073.1701614852&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fha-web-us-live.azurewebsites.net%2F&dt=Human%20Appeal%20USA%20Home%20%7C%20Human%20Appeal%20USA&sid=1701614852&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1750
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YS8D08C7DR&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 14:47:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ha-web-us-live.azurewebsites.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-YS8D08C7DR&cid=175914073.1701614852&gtm=45je3bt0v9139014300&aip=1&dma=0&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YS8D08C7DR&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4024:c02::9a Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 14:47:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ha-web-us-live.azurewebsites.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,900;1,400&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4024:c09::5f Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
07961177b476cab27e0a45363607abc3ae969d29ca7ed194b0d7fea7b9008366
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 03 Dec 2023 14:47:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 03 Dec 2023 14:47:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 03 Dec 2023 14:47:32 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
647 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.79 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-79.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ha-web-us-live.azurewebsites.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
6c9f227a
date
Sun, 03 Dec 2023 14:47:32 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-54-64-143.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
server-timing
inner; dur=31, cdn-cache; desc=MISS, edge; dur=6, origin; dur=40
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231203144732D22DFF1EC4F5CDD3D4AA
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
41,23.54.64.143
x-tt-trace-host
01090edc811cc9831b84fc502a11b0f4c78aef68147a21c2f3801a0373d25beeefcbe01f0f537d4c7d78230800dad262af5e73a3c8108df9870b7ee3d8abe690c01e8f6a14438ae6e888a5f19b33a7572c9b59f1ba0c4ee2061f370844e87e4b13
access-control-allow-headers
Authorization,*
expires
Sun, 03 Dec 2023 14:47:32 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=365694682237398&ev=PageView&dl=https%3A%2F%2Fha-web-us-live.azurewebsites.net%2F&rl=&if=false&ts=1701614852643&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1701614852473.794236934&ler=empty&it=1701614852192&coo=false&rqm=GET
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 03 Dec 2023 14:47:32 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFJ3ENJC77U6J4U08ROG&lib=ttq
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.79 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-79.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5d02f995bbeaf49b537c3be8dbed354f1a1b1db20cf8fe0685f254f44e624e34

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id
946c315f.6c9f22a2
date
Sun, 03 Dec 2023 14:47:32 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-54-64-143.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time
15,23.54.64.143
server-timing
cdn-cache; desc=MISS, edge; dur=8, origin; dur=7, inner; dur=3
pragma
no-cache
server
nginx
x-tt-logid
202312031447324585079179DBF1EFA30A
x-cache-remote
TCP_MISS from a23-220-107-4.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
7,23.220.107.4
x-tt-trace-host
01090edc811cc9831b84fc502a11b0f4c7e64787f7471b543a440c0d13e319f87e2bf7ca826a04274a7bc6b7c877e505ec8254a2ed24c76a2f06ee1b4f06cd334c8f591c72320ea70d2b921f2bdf672d04de08252f967c075a07bbf163e813546b5218749482605f3b4c97c2bacb44644f
expires
Sun, 03 Dec 2023 14:47:32 GMT
C3NLBWVWOVDWDOH5KRNS4Y.js
s.adroll.com/pixel/U4PMR3EYKZAPNAVAAVHKJI/MZDCIW4TJ5BCXLVHXOL4TL/
Redirect Chain
  • https://d.adroll.com/pixel/U4PMR3EYKZAPNAVAAVHKJI/MZDCIW4TJ5BCXLVHXOL4TL?adroll_fpc=7d5c187232365ada71ec22810fa93193-1701614852694&pv=3498555272.555137&arrfrr=https%3A%2F%2Fha-web-us-live.azurewebs...
  • https://s.adroll.com/pixel/U4PMR3EYKZAPNAVAAVHKJI/MZDCIW4TJ5BCXLVHXOL4TL/C3NLBWVWOVDWDOH5KRNS4Y.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/pixel/U4PMR3EYKZAPNAVAAVHKJI/MZDCIW4TJ5BCXLVHXOL4TL/C3NLBWVWOVDWDOH5KRNS4Y.js
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
HTTP/1.1
Server
2600:9000:23cb:e600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01d0c7d479bfbcd27a4321d46038f5eeafd9cbec759dc07e01eed2ced7ef8ae8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

X-Amz-Version-Id
xA4omaRsJBtEgnZzQca5.YRZUhsGB3Ge
Content-Encoding
gzip
Via
1.1 8770cedbbb1c2feb157dc67ce83fe00c.cloudfront.net (CloudFront)
Date
Sun, 03 Dec 2023 14:29:51 GMT
Age
1596
X-Amz-Cf-Pop
JFK50-P1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 29 Nov 2023 12:09:05 GMT
Server
AmazonS3
Etag
W/"d5165c8604e0a02252c4480639f49c79"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
XtbgNMga5Q_nlsrVYoZao2ir5KtZFIwVUCQycHyg5RfY_yGDg-4P4Q==

Redirect headers

date
Sun, 03 Dec 2023 14:47:32 GMT
x-segment-display-name
Visitors to Unsegmented Pages
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type
p
content-length
0
pragma
no-cache
x-conversion-value
0.00
server
nginx/1.22.1
x-rule
*
x-segment-eid
C3NLBWVWOVDWDOH5KRNS4Y
location
https://s.adroll.com/pixel/U4PMR3EYKZAPNAVAAVHKJI/MZDCIW4TJ5BCXLVHXOL4TL/C3NLBWVWOVDWDOH5KRNS4Y.js
cache-control
no-store, no-cache, must-revalidate
x-pixel-eid
MZDCIW4TJ5BCXLVHXOL4TL
x-segment-name
*
x-advertisable-eid
U4PMR3EYKZAPNAVAAVHKJI
x-conversion-currency
GBP
MZDCIW4TJ5BCXLVHXOL4TL
ipv4.d.adroll.com/px4/U4PMR3EYKZAPNAVAAVHKJI/ 		42 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipv4.d.adroll.com/px4/U4PMR3EYKZAPNAVAAVHKJI/MZDCIW4TJ5BCXLVHXOL4TL?adroll_fpc=7d5c187232365ada71ec22810fa93193-1701614852694&pv=3498555272.555137&arrfrr=https%3A%2F%2Fha-web-us-live.azurewebsites.net%2F&cookie=&adroll_s_ref=&keyw=&p0=1122
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.7.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-7-68.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 14:47:32 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
42
content-type
image/gif
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-48064480-5&cid=175914073.1701614852&jid=883549509&_u=YADAAEAAAAAAACAAI~&z=451611432
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023:1::63 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 14:47:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2502209660023213
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2502209660023213?v=2.9.138&r=stable&domain=ha-web-us-live.azurewebsites.net
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a84849c1ba520af828c4853a5188629a90ec5efec7bff313cc3a605eb45dac94
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 03 Dec 2023 14:47:32 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
RKrNzOqSt9oznH7wHrz2PkVsYflke+/vwivwD9bF+F+JXgiXXk7VSAdclrq6dgxh4RDZR6eRr7Mz9YxGDU0yHw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2502209660023213&ev=PageView&dl=https%3A%2F%2Fha-web-us-live.azurewebsites.net%2F&rl=&if=false&ts=1701614852880&cd[segment_eid]=C3NLBWVWOVDWDOH5KRNS4Y&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4125&fbp=fb.2.1701614852473.794236934&ler=empty&it=1701614852192&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Requested by
Host: ha-web-us-live.azurewebsites.net
URL: https://ha-web-us-live.azurewebsites.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 03 Dec 2023 14:47:32 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
sudan-hunger-1.jpg
ha-web-us-live.azurewebsites.net/media/0ujdh0c3/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ha-web-us-live.azurewebsites.net/media/0ujdh0c3/sudan-hunger-1.jpg?width=838&height=414&rnd=133450602256270000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
52d48eccabd63f007645ad278fe9c6d585b311bc472f228d6808ecb279987586
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:32 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Thu, 30 Nov 2023 13:24:55 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1da23909b607dcc"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, immutable
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
102476
X-XSS-Protection
1; mode=block
human-appeals-al-zohoor-town-idlib-northwest-syria-1-1.jpg
ha-web-us-live.azurewebsites.net/media/mbadpxf0/ 		237 KB
238 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ha-web-us-live.azurewebsites.net/media/mbadpxf0/human-appeals-al-zohoor-town-idlib-northwest-syria-1-1.jpg?width=838&height=414&rnd=133450602266800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c92f3dc7ff4ea08a2496bb66d0093beaea51497e585eb894c4046a23c1fd851d
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:32 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Thu, 30 Nov 2023 13:24:55 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1da23909b625ee4"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, immutable
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
242532
X-XSS-Protection
1; mode=block
yemen-emergency-usa-1.jpg
ha-web-us-live.azurewebsites.net/media/hh2brf45/ 		286 KB
287 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ha-web-us-live.azurewebsites.net/media/hh2brf45/yemen-emergency-usa-1.jpg?width=838&height=414&rnd=133450602273900000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.0.40 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f3f3895b32d6c14aa14a82ca7854fe083a72d4de3f2375f59acc3f5ac6a2312b
Security Headers
Name Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ha-web-us-live.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 14:47:32 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Thu, 30 Nov 2023 13:24:55 GMT
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
ETag
"1da23909b6594bb"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, immutable
Permissions-Policy
geolocation=(self "https://humanappealusa.org")
Accept-Ranges
bytes
Content-Length
293179
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture object| html5 object| themeConfig object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| dataLayer function| $ function| jQuery function| objectFitVideos function| objectFitImages function| debounce object| theme function| showErrorMessage object| termsModal object| termsLabel undefined| termsModalClose function| multiCurrency function| initAutocomplete function| initOrphanRendering function| renderOrphans object| orphansInBasket function| getOrphansInBasket function| UpdateOrphanSponsorshipFields function| quantity function| showLogins function| MyAccountLoginSubmitAfterRecaptcha function| MyAccountRegisterSubmitAfterRecaptcha function| MyAccountResetPasswordSubmitAfterRecaptcha function| svg4everybody function| Headroom object| plyr object| Stickyfill object| Chartist object| salvattore function| Cookies object| lazySizesConfig object| lazySizes function| isIE object| $form object| $submit object| google_tag_manager object| google_tag_data string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded string| GoogleAnalyticsObject function| ga object| GooglebQhCsO function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq object| recaptcha object| closure_lm_445718 function| onYouTubeIframeAPIReady object| gaGlobal string| adroll_sid object| adroll object| __adroll boolean| adroll_optout object| adroll_loaded object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback object| gaplugins object| gaData object| _learnq string| __klKey object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| __adroll_consent_data function| __cmp function| __tcfapi function| __gpp object| webpackChunk_klaviyo_onsite_modules object| core object| _klOnsite object| klaviyo object| adroll_exp_list boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_lex33_called object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars string| adroll_seg_eid boolean| adroll_sendrolling_cross_device object| adroll_form_fields object| adroll_third_party_forms object| adroll_third_party_detected object| adroll_snippet_errors string| adroll_rule_type

20 Cookies

Domain/Path Name / Value
ha-web-us-live.azurewebsites.net/ Name: .AspNetCore.Antiforgery.cdV5uW_Ejgc
Value: CfDJ8DpfddPyHz5Iv-ATIXiA17meF4yxdK7EyjZrj6xB9mgVqWjmNspeRHLjl_nRvA_RAmr6OvceuF-_J5Qsak69bq-WRVP16OyPenlrcAi4TRnn9Fo-t4jgNY9i_1odHqHAKtcU_WcCVg60wUn6-T0QlXM
.ha-web-us-live.azurewebsites.net/ Name: ARRAffinity
Value: c7d4370f84256f1cfdf76922256fe966a11505c83cd89b6692281e842f12d3ca
.ha-web-us-live.azurewebsites.net/ Name: ARRAffinitySameSite
Value: c7d4370f84256f1cfdf76922256fe966a11505c83cd89b6692281e842f12d3ca
.ha-web-us-live.azurewebsites.net/ Name: _gcl_au
Value: 1.1.735122679.1701614852
.ha-web-us-live.azurewebsites.net/ Name: _ga_0BFS5HTRY1
Value: GS1.1.1701614852.1.0.1701614852.0.0.0
.tiktok.com/ Name: _ttp
Value: 2Z2KhQrw7DAxHyFzoD8ZJnhusYG
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ha-web-us-live.azurewebsites.net/ Name: _ga
Value: GA1.3.175914073.1701614852
.ha-web-us-live.azurewebsites.net/ Name: _gid
Value: GA1.3.1176306045.1701614852
.ha-web-us-live.azurewebsites.net/ Name: _gat_UA-48064480-5
Value: 1
.ha-web-us-live.azurewebsites.net/ Name: _tt_enable_cookie
Value: 1
.ha-web-us-live.azurewebsites.net/ Name: _ttp
Value: lQDYaDTiU-Sj56yA8wUhJl0PJLJ
ha-web-us-live.azurewebsites.net/ Name: __kla_id
Value: eyJjaWQiOiJOemhqTmpjNE9ESXRPV015T0MwME16RXdMV0ZoT0dNdE1UWTJNRE00WkdGak1ERTIiLCIkcmVmZXJyZXIiOnsidHMiOjE3MDE2MTQ4NTIsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vaGEtd2ViLXVzLWxpdmUuYXp1cmV3ZWJzaXRlcy5uZXQvIn0sIiRsYXN0X3JlZmVycmVyIjp7InRzIjoxNzAxNjE0ODUyLCJ2YWx1ZSI6IiIsImZpcnN0X3BhZ2UiOiJodHRwczovL2hhLXdlYi11cy1saXZlLmF6dXJld2Vic2l0ZXMubmV0LyJ9fQ==
.ha-web-us-live.azurewebsites.net/ Name: _fbp
Value: fb.2.1701614852473.794236934
.d.adroll.com/ Name: __adroll
Value: 7fcdedae2e1d8f815c601a22d1dbc4c1-a_1701614852
.adroll.com/ Name: __adroll_shared
Value: 7fcdedae2e1d8f815c601a22d1dbc4c1-a_1701614852
.ha-web-us-live.azurewebsites.net/ Name: _ga_YS8D08C7DR
Value: GS1.3.1701614852.1.0.1701614852.60.0.0
.ha-web-us-live.azurewebsites.net/ Name: __adroll_fpc
Value: 7d5c187232365ada71ec22810fa93193-1701614852694
.ha-web-us-live.azurewebsites.net/ Name: __ar_v4
Value: %7CU4PMR3EYKZAPNAVAAVHKJI%3A20240002%3A1%7CMZDCIW4TJ5BCXLVHXOL4TL%3A20240002%3A1%7CC3NLBWVWOVDWDOH5KRNS4Y%3A20240002%3A1
ha-web-us-live.azurewebsites.net/ Name: sessionInitialLoad
Value: site loaded

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' https://fonts.googleapis.com/ https://services.postcodeanywhere.co.uk/ 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
analytics.tiktok.com
code.jquery.com
connect.facebook.net
d.adroll.com
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ha-web-us-live.azurewebsites.net
ipv4.d.adroll.com
s.adroll.com
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.klaviyo.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
151.101.194.133
151.101.66.133
20.119.0.40
23.47.144.79
2600:1f18:61c0:2205:51d3:eac:22fa:45e6
2600:9000:23cb:e600:6:9280:1080:93a1
2607:f8b0:4006:81d::200e
2607:f8b0:4023:1::5e
2607:f8b0:4023:1::61
2607:f8b0:4023:1::63
2607:f8b0:4024:c01::5e
2607:f8b0:4024:c01::71
2607:f8b0:4024:c01::9d
2607:f8b0:4024:c02::9a
2607:f8b0:4024:c09::5f
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42::649
35.173.7.68
01d0c7d479bfbcd27a4321d46038f5eeafd9cbec759dc07e01eed2ced7ef8ae8
03cda436b9b3593650ed22dbb3f12160d840c789239ba8b68a517ccd54fefbec
04973f96fb9c6e41af1fc9486d48e8936d01498f8eedb266616bacd866e2e6c5
05e64eb1a41777b3799018608f07170dc4f940c043b1d6bc33e2a0008fe00a22
071d858d4fa215adefbf884d9ddd031ee8823bad3db0dc00f23f93c6f2ff3283
07961177b476cab27e0a45363607abc3ae969d29ca7ed194b0d7fea7b9008366
09584415c220b5163765b9a08230b7b75b7e21dbaa7df2d14e25b2a821aa937f
0b057b92a3d77f16f7812427a42e0a2ea9d2821f6a0e68118c9f56d50bd994a8
11b409cc4fef15eb7f217dc237e12cad0f89eece391c16ae098efb99bb076433
179a471a9e859abc8338f104a5e367e7f724d9f540454ea0fd9c793324bb409c
19bad55360c2117ec338a9929f07b585f17e3b841ab32661bef013125459ae06
1a43e86a2ab94e8f4af2911da8185a5572e9b633392a7bc92b39c8f002476713
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
2b26b6a3a35e9495ee672fbfb362fa0eeea9ee678965f91193bdb14fccc571ce
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
405a57374ec154cb4944bc2d1cbd500891ac91d1a0975cd071a8a8a83d8992b7
4198e21eba2642076c59a1ce77340760d8ecb314e0157ba47367ef792aeed10f
430cfb13fad0fa1d43587ae649de90b2cc8e16ee33c72c7e1dcfe4970dbfdf0e
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
50a5c8399a3070c859bf559f60486bc26a6e83b3f9f7285d0f5b01138f8464fa
52d48eccabd63f007645ad278fe9c6d585b311bc472f228d6808ecb279987586
53ed652c4ef9ae06063e9e261d8dc730a32c7f94e5fc8e9c0cb7a5976e74f6b3
5d02f995bbeaf49b537c3be8dbed354f1a1b1db20cf8fe0685f254f44e624e34
5d4e21b5f150808f20a36a57a706748bba9ea541b13ec1bae2585a6b1e35f6de
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
613c09406eaed0bd4a371f81d9efa101fa4c8164178a73c7e5311bb97a28ee1c
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6bdf2f8c72b77c5c55f4a1e81a2ad47f61bd229032039847e4b8524cf37ba409
70b499b3aa9a3d5b02233ba5a8d1be8384f25649a9fbd44f7fb86700a76e73e0
73aafae1eeecc20073d809ed9e267a6e4a02ed205a262e0841ec90c7fb017c7e
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
817f627aafb15f42e31509426d0a97c03664d5b8e75a3635789307877f2facae
82da591e185683fb95ff72b6b60c830d91f62d0259b0e56f93018c1cf5b71da6
899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd
9253da695451f4aaf572a64e24a8f26fb3c7662ed1c69a97bef50d1ce4609d20
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a84849c1ba520af828c4853a5188629a90ec5efec7bff313cc3a605eb45dac94
a8e6b33c795ce56ce9f3fcca704b90c5601e3e459bac0d8daf653c4f87ad12fc
aa848458757e32f03a7896f63271b2fa0367aa385a4bd5f0a5f004f331c7172f
abc22aa6ad81e5a5df26930d724a7563136f46949577c8c6eb7ee750decffd7b
b1e7056c65dd7699926686f8c355cf0cf372fc61c6585f066bdd32ff501a6167
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdc08aa29e452d0d815d011c42d7a2deb47b917206d23460c5b269379ca750b7
c06bb1f07e9d21c4c7ff18dcd004c6c8bdfbde5b367a208769b3564c568ed8a6
c17f599fbc7c93713e57c67c7ca76e15f9afaa94449a5bb324514b3689ea40fa
c92f3dc7ff4ea08a2496bb66d0093beaea51497e585eb894c4046a23c1fd851d
cc79063230ac56bd810f3e6c2b0c0d18155d74c0e7ba92d339fa207eb377f044
d179a95f323fea709ddba50be80ca43e77c316ebd7dc18583bd42144efadfbe0
d26d01d702061e2d957ac8b9f94f0afb336b33d5cf1f0a76dfa91180f5c965d0
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
dadb1faa639669121a562d60f9ee248964b0d5574427355b27f735932e66ea1c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0eec50edb6fa9a748ef3b5fa3bb36b7a938831ff8bea38847cebbc48e31faab
e32c7cd0740ae9f359bea9d90105d03c449486dcf44fffd9dfa655bec52e1730
e352bfea90e41f5d6aad6aef1e39f88c02bdf5f7740d352bd1cbbe0adbbbe5a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec019e66fb65c9e14e9acdb080d70b7435f9060bd6327de65bfb4ee717453958
edf63dadb647eeb253d939817c97d819323f7bd30a1f4a037fcb3b98e1cc241a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e75321f82264e1224da5626bbb78edf7f837ee22df3c4a0a665e6fa926e2e2
f3277dfb574be079af56d74a18c4274bb7615e5a40d4d17738120bf773a7d5fb
f3f3895b32d6c14aa14a82ca7854fe083a72d4de3f2375f59acc3f5ac6a2312b