urlscan.io logo urlscan.io
SecurityTrails logo

www.readingheadstart.com Open in urlscan Pro
146.66.99.105  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://affvips.readinghs.hop.clickbank.net/?pid=noexit
Effective URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Submission: On September 13 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 53 HTTP transactions. The main IP is 146.66.99.105, located in Bulgaria and belongs to SINGLEHOP-LLC - SingleHop LLC, US. The main domain is www.readingheadstart.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on December 4th 2017. Valid for: 3 years.
This is the only time www.readingheadstart.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 50.112.29.80 16509 (AMAZON-02)
2 37 146.66.99.105 32475 (SINGLEHOP...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
53 10
2    50.112.29.80 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-50-112-29-80.us-west-2.compute.amazonaws.com
affvips.readinghs.hop.clickbank.net
37    146.66.99.105 (Bulgaria)

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: ip-146-66-99-105.siteground.com
www.readingheadstart.com
2    2a00:1450:4001:820::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2a00:1450:4001:820::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
2    2a00:1450:4001:816::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com
1    2a00:1450:4001:816::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2a00:1450:400c:c0c::9d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
3    2a03:2880:f12d:86:face:b00c:0:50fb (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    2a00:1450:4001:819::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
Domain Requested by
37 www.readingheadstart.com 2 redirects www.readingheadstart.com
3 www.facebook.com www.readingheadstart.com
2 www.youtube.com www.readingheadstart.com
2 connect.facebook.net www.readingheadstart.com
connect.facebook.net
2 www.google-analytics.com 1 redirects www.readingheadstart.com
2 fonts.googleapis.com www.readingheadstart.com
2 affvips.readinghs.hop.clickbank.net 2 redirects
1 ajax.googleapis.com www.readingheadstart.com
1 stats.g.doubleclick.net www.readingheadstart.com
1 fonts.gstatic.com www.readingheadstart.com
53 10

This site contains links to these domains. Also see Links.

Domain
8.readinghs.pay.clickbank.net
7.readinghs.pay.clickbank.net
1.readinghs.pay.clickbank.net
Subject Issuer Validity Valid
readingheadstart.com
COMODO RSA Domain Validation Secure Server CA		 2017-12-04 -
2020-12-03		 3 years crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-08-21 -
2018-11-13		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-08-21 -
2018-11-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2017-12-15 -
2019-03-22		 a year crt.sh
*.google.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-08-21 -
2018-11-13		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Frame ID: BCE07E677D8519E921E66F26A2E1B3A8
Requests: 44 HTTP requests in this frame

Frame: https://www.youtube.com/embed/vRG3u4nQEYY?rel=0&modestbranding=1&controls=0&showinfo=0&fs=0&wmode=transparent
Frame ID: D72A9E34916F41D6CECF1FBE93863AB8
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/MwyZCPnK0UI?rel=0&modestbranding=1&controls=0&showinfo=0&fs=0&wmode=transparent
Frame ID: 0BADB920F6BAAFC849A7F69611873A81
Requests: 1 HTTP requests in this frame

Frame: https://www.readingheadstart.com/salecounter.php
Frame ID: AA3E3471E3AE65AAFDF02E4C3C85CFCA
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://affvips.readinghs.hop.clickbank.net/?pid=noexit HTTP 301
    http://affvips.readinghs.hop.clickbank.net/hop/?CBRehoppp2=https%3A%2F%2Fwww.readingheadstart.com%2Fmultipage.php%3Fhop... HTTP 301
    https://www.readingheadstart.com/multipage.php?hop=affvips&pid=noexit HTTP 302
    https://www.readingheadstart.com/noexitintent?hop=affvips&pid=noexit HTTP 301
    https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^twemoji$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

53
Requests

91 %
HTTPS

80 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

633 kB
Transfer

1521 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://affvips.readinghs.hop.clickbank.net/?pid=noexit HTTP 301
    http://affvips.readinghs.hop.clickbank.net/hop/?CBRehoppp2=https%3A%2F%2Fwww.readingheadstart.com%2Fmultipage.php%3Fhop%3Daffvips&hstr=1536851902123%7Caffvips%7C%7Ca5399789-9d65-4f78-91db-1d5b75736a46%7C%7Creadinghs&code=%7B0%2C+7%7D&key=DE1882F8&parms=pid%3Dnoexit&s=default&ds=2&ts=01.973A8FCD252B0BFCD3272931FDF46E2DCBE13721 HTTP 301
    https://www.readingheadstart.com/multipage.php?hop=affvips&pid=noexit HTTP 302
    https://www.readingheadstart.com/noexitintent?hop=affvips&pid=noexit HTTP 301
    https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1891084761&t=pageview&_s=1&dl=https%3A%2F%2Fwww.readingheadstart.com%2Fnoexitintent%2F%3Fhop%3Daffvips%26pid%3Dnoexit&ul=en-us&de=UTF-8&dt=LIVE%3A%20Reading%20Head%20Start%20%7C%20Teach%20Your%20Child%20To%20Read%20(noexit)%20%E2%80%93%20Reading%20Head%20Start&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=783111736&gjid=657988599&cid=2010706737.1536851905&tid=UA-82886057-1&_gid=231986136.1536851905&_r=1&z=751927151 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-82886057-1&cid=2010706737.1536851905&jid=783111736&_gid=231986136.1536851905&gjid=657988599&_v=j68&z=751927151

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.readingheadstart.com/noexitintent/
Redirect Chain
  • http://affvips.readinghs.hop.clickbank.net/?pid=noexit
  • http://affvips.readinghs.hop.clickbank.net/hop/?CBRehoppp2=https%3A%2F%2Fwww.readingheadstart.com%2Fmultipage.php%3Fhop%3Daffvips&hstr=1536851902123%7Caffvips%7C%7Ca5399789-9d65-4f78-91db-1d5b75736...
  • https://www.readingheadstart.com/multipage.php?hop=affvips&pid=noexit
  • https://www.readingheadstart.com/noexitintent?hop=affvips&pid=noexit
  • https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
78 KB
78 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
bf0f093691353b1504627eeb79393f1d4b3812430bf57d0a2290d99006522ab3

Request headers

:method
GET
:authority
www.readingheadstart.com
:scheme
https
:path
/noexitintent/?hop=affvips&pid=noexit
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
BCE07E677D8519E921E66F26A2E1B3A8

Response headers

status
200
server
nginx
date
Thu, 13 Sep 2018 15:18:24 GMT
content-type
text/html; charset=UTF-8
x-cache-enabled
True
set-cookie
wpSGCacheBypass=0; expires=Thu, 13-Sep-2018 14:18:24 GMT; Max-Age=-3600; path=/
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS

Redirect headers

status
301
server
nginx
date
Thu, 13 Sep 2018 15:18:23 GMT
content-type
text/html; charset=UTF-8
x-cache-enabled
True
set-cookie
wpSGCacheBypass=0; expires=Thu, 13-Sep-2018 14:18:23 GMT; Max-Age=-3600; path=/
location
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
blank_v2.css
www.readingheadstart.com/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/ 		0
171 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/blank_v2.css?ver=2.0.48
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/blank_v2.css?ver=2.0.48
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
last-modified
Tue, 11 Sep 2018 19:04:50 GMT
server
nginx
etag
"0-5759d25ec3d79"
content-type
text/css
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
styles.css
www.readingheadstart.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
894 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.4
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
a559ba07f12aeda335ca811bb96b6f57b555815a835fe5f86ad6e7f166190e6d

Request headers

:path
/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.4
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
content-encoding
gzip
last-modified
Thu, 06 Sep 2018 18:46:58 GMT
server
nginx
etag
"6cf-5753850d0af2e-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
671
x-proxy-cache
HIT
thrive_flat.css
www.readingheadstart.com/wp-content/plugins/thrive-visual-editor/editor/css/ 		406 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css?ver=2.0.48
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
c15ba5439622e8e3cee27b46c1f810ce88193352480428c5841c029a83ae0b96

Request headers

:path
/wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css?ver=2.0.48
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
content-encoding
gzip
last-modified
Tue, 11 Sep 2018 19:04:50 GMT
server
nginx
etag
"65995-5759d25efb81b-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
47651
x-proxy-cache
HIT
holler-frontend.min.css
www.readingheadstart.com/wp-content/plugins/holler-box/assets/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-content/plugins/holler-box/assets/css/holler-frontend.min.css?ver=1.4.2
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
68863efede7556828ac4dcebc1f44a18e643d07a4e9309395cb6e2a251b74df0

Request headers

:path
/wp-content/plugins/holler-box/assets/css/holler-frontend.min.css?ver=1.4.2
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
content-encoding
gzip
last-modified
Thu, 06 Sep 2018 18:47:02 GMT
server
nginx
etag
"29a5-575385118d022-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
2527
x-proxy-cache
HIT
style.css
www.readingheadstart.com/wp-content/themes/rise/ 		320 B
433 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-content/themes/rise/style.css?ver=4.9.8
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
dff05780e1a334c1b245b2f6730d052e42ea003230decc9e3d25aa1451b6688a

Request headers

:path
/wp-content/themes/rise/style.css?ver=4.9.8
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
content-encoding
gzip
last-modified
Mon, 20 Aug 2018 15:25:06 GMT
server
nginx
etag
"140-573df83a1dd4e-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
211
x-proxy-cache
HIT
reset.css
www.readingheadstart.com/wp-content/themes/rise/css/ 		2 KB
990 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-content/themes/rise/css/reset.css?v=1.400.4
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
448f7fce1f8ad3b98978fb25448894a99cb98798df975d506af4e0ede89ff9bb

Request headers

:path
/wp-content/themes/rise/css/reset.css?v=1.400.4
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
content-encoding
gzip
last-modified
Mon, 20 Aug 2018 15:25:06 GMT
server
nginx
etag
"7de-573df83a1fc8f-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
768
x-proxy-cache
HIT
main_blue.css
www.readingheadstart.com/wp-content/themes/rise/css/ 		178 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-content/themes/rise/css/main_blue.css?v=1.400.4
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
1e880b227db116413b2006b0ff63bfb25dbdb38f07e8a1635d30f06b9949749a

Request headers

:path
/wp-content/themes/rise/css/main_blue.css?v=1.400.4
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
content-encoding
gzip
last-modified
Mon, 20 Aug 2018 15:25:06 GMT
server
nginx
etag
"2c83c-573df83a1f8a7-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
28819
x-proxy-cache
HIT
jquery.js
www.readingheadstart.com/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-includes/js/jquery/jquery.js?v=1.400.4
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

:path
/wp-includes/js/jquery/jquery.js?v=1.400.4
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
content-encoding
gzip
last-modified
Thu, 23 Feb 2017 06:00:00 GMT
server
nginx
etag
"17ba0-5492c52cb5800-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
33766
x-proxy-cache
HIT
jquery-migrate.min.js
www.readingheadstart.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-includes/js/jquery/jquery-migrate.min.js?v=1.400.4
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?v=1.400.4
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
content-encoding
gzip
last-modified
Thu, 23 Feb 2017 06:00:00 GMT
server
nginx
etag
"2748-5492c52cb5800-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
4014
x-proxy-cache
HIT
css
fonts.googleapis.com/ 		2 KB
605 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,&subset=latin
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
622ce8b8df77abe82eab9649153b57d5a36fed18e6e323cfda838d7deee021f6
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400
content-encoding
gzip
last-modified
Thu, 13 Sep 2018 15:18:24 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 13 Sep 2018 15:18:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Thu, 13 Sep 2018 15:18:24 GMT
css
fonts.googleapis.com/ 		3 KB
635 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:400&subset=latin
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
c7f5b84d1b7a1a4a7a02615bff422a8fff122e14019407d361c2e81b65c8587a
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400
content-encoding
gzip
last-modified
Thu, 13 Sep 2018 15:18:24 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 13 Sep 2018 15:18:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Thu, 13 Sep 2018 15:18:24 GMT
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
6624
date
Thu, 13 Sep 2018 13:28:00 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14386
expires
Thu, 13 Sep 2018 15:28:00 GMT
wp-emoji-release.min.js
www.readingheadstart.com/wp-includes/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
pragma
no-cache
cookie
_ga=GA1.2.2010706737.1536851905; _gid=GA1.2.231986136.1536851905; _gat=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
content-encoding
gzip
last-modified
Thu, 02 Aug 2018 23:21:14 GMT
server
nginx
etag
"2efa-5727c113a3669-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
4382
x-proxy-cache
HIT
clear-pixel-150x132.png
www.readingheadstart.com/wp-content/uploads/2017/12/ 		117 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.readingheadstart.com/wp-content/uploads/2017/12/clear-pixel-150x132.png
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
3128a28a56c5a39e41fdf8bd7a83eaf3dae054011a65c303b005cc6f86d0b08c

Request headers

:path
/wp-content/uploads/2017/12/clear-pixel-150x132.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
last-modified
Mon, 04 Dec 2017 06:00:00 GMT
server
nginx
etag
"75-55f7d6db9d800"
content-type
image/png
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
117
x-proxy-cache
HIT
act-fast.gif
www.readingheadstart.com/wp-content/uploads/2016/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.readingheadstart.com/wp-content/uploads/2016/10/act-fast.gif
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
1e73d3cfaa0cb1ffc6a86017760a5f62c467781fbcc2702ca5df03f864ce833a

Request headers

:path
/wp-content/uploads/2016/10/act-fast.gif
pragma
no-cache
cookie
_ga=GA1.2.2010706737.1536851905; _gid=GA1.2.231986136.1536851905; _gat=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
last-modified
Mon, 24 Oct 2016 05:00:00 GMT
server
nginx
etag
"f68-53f954393f400"
content-type
image/gif
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
3944
x-proxy-cache
HIT
guarantee-1-1.jpg
www.readingheadstart.com/wp-content/uploads/2016/10/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.readingheadstart.com/wp-content/uploads/2016/10/guarantee-1-1.jpg
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
09b2d1e6992cb7bd177cb646468ff0aee5191bc54a51270b9d3fbfc3b13dac6f

Request headers

:path
/wp-content/uploads/2016/10/guarantee-1-1.jpg
pragma
no-cache
cookie
_ga=GA1.2.2010706737.1536851905; _gid=GA1.2.231986136.1536851905; _gat=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
last-modified
Thu, 13 Oct 2016 05:00:00 GMT
server
nginx
etag
"14a2-53eb7fb52d400"
content-type
image/jpeg
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
5282
x-proxy-cache
HIT
guarantee-2-1.jpg
www.readingheadstart.com/wp-content/uploads/2016/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.readingheadstart.com/wp-content/uploads/2016/10/guarantee-2-1.jpg
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
bdf5e72b661a2669c13e52be529e33c2c1f34482882bd3216dd1e71e1aa16c4b

Request headers

:path
/wp-content/uploads/2016/10/guarantee-2-1.jpg
pragma
no-cache
cookie
_ga=GA1.2.2010706737.1536851905; _gid=GA1.2.231986136.1536851905; _gat=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
last-modified
Thu, 13 Oct 2016 05:00:00 GMT
server
nginx
etag
"1098-53eb7fb52d400"
content-type
image/jpeg
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
4248
x-proxy-cache
HIT
guarantee-4-1.jpg
www.readingheadstart.com/wp-content/uploads/2016/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.readingheadstart.com/wp-content/uploads/2016/10/guarantee-4-1.jpg
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
2e5144cf559256b41d0767b1047eb0a35fd24bb2327269ab18f1f7868d849387

Request headers

:path
/wp-content/uploads/2016/10/guarantee-4-1.jpg
pragma
no-cache
cookie
_ga=GA1.2.2010706737.1536851905; _gid=GA1.2.231986136.1536851905; _gat=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
last-modified
Thu, 13 Oct 2016 05:00:00 GMT
server
nginx
etag
"e52-53eb7fb52d400"
content-type
image/jpeg
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
3666
x-proxy-cache
HIT
guarantee-3-1.jpg
www.readingheadstart.com/wp-content/uploads/2016/10/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.readingheadstart.com/wp-content/uploads/2016/10/guarantee-3-1.jpg
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
f6d32b7374c22750a45849cc1a5df5adad76c2fa80dc209aeb057494466e97d2

Request headers

:path
/wp-content/uploads/2016/10/guarantee-3-1.jpg
pragma
no-cache
cookie
_ga=GA1.2.2010706737.1536851905; _gid=GA1.2.231986136.1536851905; _gat=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
last-modified
Thu, 13 Oct 2016 05:00:00 GMT
server
nginx
etag
"13cd-53eb7fb52d400"
content-type
image/jpeg
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
5069
x-proxy-cache
HIT
thebestthereis.png
www.readingheadstart.com/wp-content/uploads/2017/10/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.readingheadstart.com/wp-content/uploads/2017/10/thebestthereis.png
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
92a1cdb784f712d30749e2ef5996a385e15090bd2cafb71bc81079ca66980e73

Request headers

:path
/wp-content/uploads/2017/10/thebestthereis.png
pragma
no-cache
cookie
_ga=GA1.2.2010706737.1536851905; _gid=GA1.2.231986136.1536851905; _gat=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
last-modified
Wed, 11 Oct 2017 05:00:00 GMT
server
nginx
etag
"7d8e-55b3e4bb7f400"
content-type
image/png
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
32142
x-proxy-cache
HIT
3-4.png
www.readingheadstart.com/wp-content/uploads/2017/10/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.readingheadstart.com/wp-content/uploads/2017/10/3-4.png
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
3b7fda64e3ae7cc40df7ff491dc978453c5b9921b0d33fca88545361df20c03e

Request headers

:path
/wp-content/uploads/2017/10/3-4.png
pragma
no-cache
cookie
_ga=GA1.2.2010706737.1536851905; _gid=GA1.2.231986136.1536851905; _gat=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
last-modified
Wed, 11 Oct 2017 05:00:00 GMT
server
nginx
etag
"dd07-55b3e4bb7f400"
content-type
image/png
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
56583
x-proxy-cache
HIT
2-3.png
www.readingheadstart.com/wp-content/uploads/2017/10/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.readingheadstart.com/wp-content/uploads/2017/10/2-3.png
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
360de2887388dadba82989b5e324ef3c7d9058c296864af460523cad17b65d38

Request headers

:path
/wp-content/uploads/2017/10/2-3.png
pragma
no-cache
cookie
_ga=GA1.2.2010706737.1536851905; _gid=GA1.2.231986136.1536851905; _gat=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
last-modified
Wed, 11 Oct 2017 05:00:00 GMT
server
nginx
etag
"10242-55b3e4bb7f400"
content-type
image/png
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
66114
x-proxy-cache
HIT
guaranteebadge.gif
www.readingheadstart.com/wp-content/uploads/2017/11/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.readingheadstart.com/wp-content/uploads/2017/11/guaranteebadge.gif
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
c9bd81940b5b9f61c2828334fb3d3d6f00e56965475b564065f857e5ca6e61ed

Request headers

:path
/wp-content/uploads/2017/11/guaranteebadge.gif
pragma
no-cache
cookie
_ga=GA1.2.2010706737.1536851905; _gid=GA1.2.231986136.1536851905; _gat=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
last-modified
Thu, 23 Nov 2017 06:00:00 GMT
server
nginx
etag
"1d74-55ea02578b800"
content-type
image/gif
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
7540
x-proxy-cache
HIT
no-campaign.min.js
www.readingheadstart.com/wp-content/plugins/thrive-ultimatum/js/dist/ 		480 B
546 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-content/plugins/thrive-ultimatum/js/dist/no-campaign.min.js?v=2.0.50
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
2e6f0e80227273368751f5db6d7d498cb031db74b4016f7ce4766f24153dbbc7

Request headers

:path
/wp-content/plugins/thrive-ultimatum/js/dist/no-campaign.min.js?v=2.0.50
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
content-encoding
gzip
last-modified
Tue, 11 Sep 2018 19:05:04 GMT
server
nginx
etag
"1e0-5759d26c2f2a8-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
315
x-proxy-cache
HIT
scripts.js
www.readingheadstart.com/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.4
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
2abe34835f5555333edccab5786c3fb72eb1755110f38d2fdb2c0ae7ed4db6ed

Request headers

:path
/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.4
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
content-encoding
gzip
last-modified
Thu, 06 Sep 2018 18:46:58 GMT
server
nginx
etag
"3976-5753850d0ab46-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
4047
x-proxy-cache
HIT
imagesloaded.min.js
www.readingheadstart.com/wp-includes/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-includes/js/imagesloaded.min.js?ver=3.2.0
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
854d677b850907cd851eac7e3f02f05a1e056f05bd5563199c5d93044ff16840

Request headers

:path
/wp-includes/js/imagesloaded.min.js?ver=3.2.0
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
content-encoding
gzip
last-modified
Thu, 23 Feb 2017 06:00:00 GMT
server
nginx
etag
"1f3a-5492c52cb5800-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
2477
x-proxy-cache
HIT
masonry.min.js
www.readingheadstart.com/wp-includes/js/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-includes/js/masonry.min.js?ver=3.3.2
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
3ca3e467b7d4d6b403aa4619019d9250b11449c8ee9c91c90bcbc9acdd64fea2

Request headers

:path
/wp-includes/js/masonry.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
content-encoding
gzip
last-modified
Thu, 23 Feb 2017 06:00:00 GMT
server
nginx
etag
"711a-5492c52cb5800-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
8525
x-proxy-cache
HIT
jquery.masonry.min.js
www.readingheadstart.com/wp-includes/js/jquery/ 		2 KB
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-includes/js/jquery/jquery.masonry.min.js?v=1.400.4
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

:path
/wp-includes/js/jquery/jquery.masonry.min.js?v=1.400.4
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
content-encoding
gzip
last-modified
Thu, 23 Feb 2017 06:00:00 GMT
server
nginx
etag
"71b-5492c52cb5800-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
716
x-proxy-cache
HIT
frontend.min.js
www.readingheadstart.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/ 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/frontend.min.js?ver=2.0.48
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
0340595e9a7ce8ef2a2a49500ad0436a3d0ed76f359099db0716e7da4f6baa22

Request headers

:path
/wp-content/plugins/thrive-visual-editor/editor/js/dist/frontend.min.js?ver=2.0.48
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
content-encoding
gzip
last-modified
Tue, 11 Sep 2018 19:04:50 GMT
server
nginx
etag
"f616-5759d25ee2d92-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
18004
x-proxy-cache
HIT
holler-frontend.min.js
www.readingheadstart.com/wp-content/plugins/holler-box/assets/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-content/plugins/holler-box/assets/js/holler-frontend.min.js?ver=1.4.2
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
5b4a20b72d0dd46fd68495a1afceb4e5deacaabd68149c9701dc22b177bc37d6

Request headers

:path
/wp-content/plugins/holler-box/assets/js/holler-frontend.min.js?ver=1.4.2
pragma
no-cache
cookie
_ga=GA1.2.2010706737.1536851905; _gid=GA1.2.231986136.1536851905; _gat=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
content-encoding
gzip
last-modified
Thu, 06 Sep 2018 18:47:02 GMT
server
nginx
etag
"34ee-575385118bc9a-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
3893
x-proxy-cache
HIT
script.js
www.readingheadstart.com/wp-content/themes/rise/js/ 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-content/themes/rise/js/script.js?v=1.400.4
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
c21ea4c50b2eff41a7b9cd7ae0ebd3a348777dec202d9b4477ea5a6532c749eb

Request headers

:path
/wp-content/themes/rise/js/script.js?v=1.400.4
pragma
no-cache
cookie
_ga=GA1.2.2010706737.1536851905; _gid=GA1.2.231986136.1536851905; _gat=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
content-encoding
gzip
last-modified
Mon, 20 Aug 2018 15:25:06 GMT
server
nginx
etag
"9864-573df83a1dd4e-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
10037
x-proxy-cache
HIT
frontend.min.js
www.readingheadstart.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=2.0.57
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
2c5e6db8c18026100a6142e66bbbaaab2fc3c51d7439be5835dbe1c40ce412b8

Request headers

:path
/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=2.0.57
pragma
no-cache
cookie
_ga=GA1.2.2010706737.1536851905; _gid=GA1.2.231986136.1536851905; _gat=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
content-encoding
gzip
last-modified
Tue, 11 Sep 2018 19:04:50 GMT
server
nginx
etag
"728-5759d25ead231-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
908
x-proxy-cache
HIT
wp-embed.min.js
www.readingheadstart.com/wp-includes/js/ 		1 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-includes/js/wp-embed.min.js?ver=4.9.8
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=4.9.8
pragma
no-cache
cookie
_ga=GA1.2.2010706737.1536851905; _gid=GA1.2.231986136.1536851905; _gat=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
content-encoding
gzip
last-modified
Thu, 23 Feb 2017 06:00:00 GMT
server
nginx
etag
"576-5492c52cb5800-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
751
x-proxy-cache
HIT
fbevents.js
connect.facebook.net/en_US/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
167cbde7e21233e046dd224a44e9b519057eb04c1fed9995afd48e715503b911
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
13685
x-xss-protection
0
pragma
public
x-fb-debug
cYXykxHu0Z09icjzvcU/XARLD69R7m4ynsBksVboIDpWpg0oKRP2KbjIacZRdT2I9pvthCGiXSb34KPP32xLJA==
x-frame-options
DENY
date
Thu, 13 Sep 2018 15:18:24 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
vRG3u4nQEYY
www.youtube.com/embed/ Frame D72A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/vRG3u4nQEYY?rel=0&modestbranding=1&controls=0&showinfo=0&fs=0&wmode=transparent
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/vRG3u4nQEYY?rel=0&modestbranding=1&controls=0&showinfo=0&fs=0&wmode=transparent
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
BCE07E677D8519E921E66F26A2E1B3A8
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit

Response headers

status
200
expires
Tue, 27 Apr 1971 19:44:06 EST
x-xss-protection
1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
content-type
text/html; charset=utf-8
cache-control
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date
Thu, 13 Sep 2018 15:18:24 GMT
server
YouTube Frontend Proxy
set-cookie
VISITOR_INFO1_LIVE=addEn4SNaFU; path=/; domain=.youtube.com; expires=Tue, 12-Mar-2019 15:18:24 GMT; httponly VISITOR_INFO1_LIVE=addEn4SNaFU; path=/; domain=.youtube.com; expires=Tue, 12-Mar-2019 15:18:24 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Wed, 15-May-2019 03:11:24 GMT YSC=u3OiP6nfm6o; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Thu, 13-Sep-2018 15:48:24 GMT
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
MwyZCPnK0UI
www.youtube.com/embed/ Frame 0BAD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/MwyZCPnK0UI?rel=0&modestbranding=1&controls=0&showinfo=0&fs=0&wmode=transparent
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/MwyZCPnK0UI?rel=0&modestbranding=1&controls=0&showinfo=0&fs=0&wmode=transparent
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
BCE07E677D8519E921E66F26A2E1B3A8
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit

Response headers

status
200
x-content-type-options
nosniff
cache-control
no-cache
expires
Tue, 27 Apr 1971 19:44:06 EST
x-xss-protection
1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
strict-transport-security
max-age=31536000
content-encoding
gzip
content-type
text/html; charset=utf-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date
Thu, 13 Sep 2018 15:18:24 GMT
server
YouTube Frontend Proxy
set-cookie
VISITOR_INFO1_LIVE=qp78Mh7XBts; path=/; domain=.youtube.com; expires=Tue, 12-Mar-2019 15:18:24 GMT; httponly VISITOR_INFO1_LIVE=qp78Mh7XBts; path=/; domain=.youtube.com; expires=Tue, 12-Mar-2019 15:18:24 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Thu, 13-Sep-2018 15:48:24 GMT PREF=f1=50000000; path=/; domain=.youtube.com; expires=Wed, 15-May-2019 03:11:24 GMT YSC=FV0AfKtgGNE; path=/; domain=.youtube.com; httponly
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
salecounter.php
www.readingheadstart.com/ Frame AA3E 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/salecounter.php
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
a68655a25df47d1fff564bb8afa40f3c2815c7cbda145f449eeb5c66551e6f2b

Request headers

:method
GET
:authority
www.readingheadstart.com
:scheme
https
:path
/salecounter.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
BCE07E677D8519E921E66F26A2E1B3A8
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit

Response headers

status
200
server
nginx
date
Thu, 13 Sep 2018 15:18:24 GMT
content-type
text/html; charset=UTF-8
host-header
192fc2e7e50945beb8231a492d6a8024
x-proxy-cache
MISS
testbg.gif
www.readingheadstart.com/wp-content/uploads/2016/04/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.readingheadstart.com/wp-content/uploads/2016/04/testbg.gif
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
6b4d0a667f6651e93b140103004cc86bac5f4dc480965f55ba7307ea5ec00e52

Request headers

:path
/wp-content/uploads/2016/04/testbg.gif
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
last-modified
Mon, 11 Apr 2016 05:00:00 GMT
server
nginx
etag
"6c6a-5302e6aae7400"
content-type
image/gif
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
27754
x-proxy-cache
HIT
VSL-BG-3.png
www.readingheadstart.com/wp-content/uploads/2017/09/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.readingheadstart.com/wp-content/uploads/2017/09/VSL-BG-3.png
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
e34a259fa5f8a508c5fac3c952c16a6cc20fe991ab7b0065b557f8eb5154783e

Request headers

:path
/wp-content/uploads/2017/09/VSL-BG-3.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.readingheadstart.com
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
:scheme
https
:method
GET
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
last-modified
Sun, 17 Sep 2017 05:00:00 GMT
server
nginx
etag
"13f58-5595b7f86f400"
content-type
image/png
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
81752
x-proxy-cache
HIT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,&subset=latin
Origin
https://www.readingheadstart.com

Response headers

date
Sun, 26 Aug 2018 07:41:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
1582627
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10748
x-xss-protection
1; mode=block
expires
Mon, 26 Aug 2019 07:41:17 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1891084761&t=pageview&_s=1&dl=https%3A%2F%2Fwww.readingheadstart.com%2Fnoexitintent%2F%3Fhop%3Daffvips%26pid%3Dnoexit&ul=en-us&de=UTF-8&dt=LI...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-82886057-1&cid=2010706737.1536851905&jid=783111736&_gid=231986136.1536851905&gjid=657988599&_v=j68&z=751927151
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-82886057-1&cid=2010706737.1536851905&jid=783111736&_gid=231986136.1536851905&gjid=657988599&_v=j68&z=751927151
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400c:c0c::9d , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 13 Sep 2018 15:18:24 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Sep 2018 15:18:24 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-82886057-1&cid=2010706737.1536851905&jid=783111736&_gid=231986136.1536851905&gjid=657988599&_v=j68&z=751927151
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
416
expires
Fri, 01 Jan 1990 00:00:00 GMT
198870094291637
connect.facebook.net/signals/config/ 		83 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/198870094291637?v=2.8.27&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
fb50a508ce8470bb052129640aec8f69362a3101538088f4320857c017ac70b3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
89R/3OkxrOXX+U7nJ8cR5sJLVTz6A3KJC+u8xx+21Xt0hYMHgoCLCFndl5iZNXe4hLKIjHLqjfOWEgE0CBC5BA==
x-frame-options
DENY
date
Thu, 13 Sep 2018 15:18:24 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=198870094291637&ev=PageView&dl=https%3A%2F%2Fwww.readingheadstart.com%2Fnoexitintent%2F%3Fhop%3Daffvips%26pid%3Dnoexit&rl=&if=false&ts=1536851904654&sw=1600&sh=1200&v=2.8.27&r=stable&ec=0&o=28&it=1536851904608
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:86:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 13 Sep 2018 15:18:24 GMT
/
www.facebook.com/tr/ 		44 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=198870094291637&ev=Lead&dl=https%3A%2F%2Fwww.readingheadstart.com%2Fnoexitintent%2F%3Fhop%3Daffvips%26pid%3Dnoexit&rl=&if=false&ts=1536851904656&sw=1600&sh=1200&v=2.8.27&r=stable&ec=1&o=28&it=1536851904608
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:86:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:24 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 13 Sep 2018 15:18:24 GMT
bootstrap.min.css
www.readingheadstart.com/css/ Frame AA3E 		0
0
odometer-theme-minimal.css
www.readingheadstart.com/css/ Frame AA3E 		0
0
theme-321.css
www.readingheadstart.com/css/ Frame AA3E 		0
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame AA3E 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/salecounter.php
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.readingheadstart.com/salecounter.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 29 Aug 2018 18:12:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1285529
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
33434
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Aug 2019 18:12:55 GMT
odometer.js
www.readingheadstart.com/js/ Frame AA3E 		0
0
main.js
www.readingheadstart.com/js/ Frame AA3E 		0
0
admin-ajax.php
www.readingheadstart.com/wp-admin/ 		45 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.readingheadstart.com/wp-admin/admin-ajax.php
Requested by
Host: www.readingheadstart.com
URL: https://www.readingheadstart.com/wp-includes/js/jquery/jquery.js?v=1.400.4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.66.99.105 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
ip-146-66-99-105.siteground.com
Software
nginx /
Resource Hash
dcd8c5494dcac3c1b8192d6fb0c5df48f4aeec9f7313495529eddd2e0a252b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/wp-admin/admin-ajax.php
pragma
no-cache
cookie
_ga=GA1.2.2010706737.1536851905; _gid=GA1.2.231986136.1536851905; _gat=1
origin
https://www.readingheadstart.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
www.readingheadstart.com
x-requested-with
XMLHttpRequest
:scheme
https
referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
content-length
161
:method
POST
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
Origin
https://www.readingheadstart.com
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 13 Sep 2018 15:18:25 GMT
x-content-type-options
nosniff
x-cache-enabled
True
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.readingheadstart.com
cache-control
no-cache, must-revalidate, max-age=0, no-store
access-control-allow-credentials
true
set-cookie
wpSGCacheBypass=0; expires=Thu, 13-Sep-2018 14:18:25 GMT; Max-Age=-3600; path=/
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=198870094291637&ev=Microdata&dl=https%3A%2F%2Fwww.readingheadstart.com%2Fnoexitintent%2F%3Fhop%3Daffvips%26pid%3Dnoexit&rl=&if=false&ts=1536851906157&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22LIVE%3A%20Reading%20Head%20Start%20%7C%20Teach%20Your%20Child%20To%20Read%20(noexit)%20%E2%80%93%20Reading%20Head%20Start%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&v=2.8.27&r=stable&ec=2&o=28&it=1536851904608&es=automatic
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:86:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://www.readingheadstart.com/noexitintent/?hop=affvips&pid=noexit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Sep 2018 15:18:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 13 Sep 2018 15:18:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.readingheadstart.com
URL
https://www.readingheadstart.com/css/bootstrap.min.css
Domain
www.readingheadstart.com
URL
https://www.readingheadstart.com/css/odometer-theme-minimal.css
Domain
www.readingheadstart.com
URL
https://www.readingheadstart.com/css/theme-321.css?v=2
Domain
www.readingheadstart.com
URL
https://www.readingheadstart.com/js/odometer.js
Domain
www.readingheadstart.com
URL
https://www.readingheadstart.com/js/main.js

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| GoogleAnalyticsObject function| ga object| _wpemojiSettings undefined| $ function| jQuery function| fbq function| _fbq object| TVE_Ult_Data object| gaplugins object| gaGlobal object| gaData object| ThriveGlobal object| TVE_Event_Manager_Registered_Callbacks object| wpcf7 function| EventEmitter object| eventie function| imagesLoaded function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| tve_frontend_options undefined| __thrive_$oJ object| TVE_jQFn object| TCB_Front function| isExternal function| tve_unserialize object| hollerVars object| jQuery1124017659404969801096 object| hollerbox object| ThriveApp number| _isAdmin number| _is_blankPage object| _overlayElement object| tve_dash_front object| TVE_Dash object| wp object| tcb_autofill number| TCB_PAGE_INDEX object| twemoji

9 Cookies

Domain/Path Name / Value
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: qp78Mh7XBts
.youtube.com/ Name: GPS
Value: 1
.youtube.com/ Name: YSC
Value: FV0AfKtgGNE
.readingheadstart.com/ Name: _ga
Value: GA1.2.2010706737.1536851905
www.readingheadstart.com/ Name: hwp_new
Value: true
www.readingheadstart.com/ Name: hwp_visit
Value: 1536851905503
.readingheadstart.com/ Name: _gat
Value: 1
.youtube.com/ Name: PREF
Value: f1=50000000
.readingheadstart.com/ Name: _gid
Value: GA1.2.231986136.1536851905

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.readingheadstart.com/wp-includes/js/jquery/jquery-migrate.min.js?v=1.400.4(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affvips.readinghs.hop.clickbank.net
ajax.googleapis.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.readingheadstart.com
www.youtube.com
www.readingheadstart.com
146.66.99.105
2a00:1450:4001:816::2003
2a00:1450:4001:816::200e
2a00:1450:4001:819::200a
2a00:1450:4001:820::200a
2a00:1450:4001:820::200e
2a00:1450:400c:c0c::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:86:face:b00c:0:50fb
50.112.29.80
0340595e9a7ce8ef2a2a49500ad0436a3d0ed76f359099db0716e7da4f6baa22
09b2d1e6992cb7bd177cb646468ff0aee5191bc54a51270b9d3fbfc3b13dac6f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
167cbde7e21233e046dd224a44e9b519057eb04c1fed9995afd48e715503b911
1e73d3cfaa0cb1ffc6a86017760a5f62c467781fbcc2702ca5df03f864ce833a
1e880b227db116413b2006b0ff63bfb25dbdb38f07e8a1635d30f06b9949749a
2abe34835f5555333edccab5786c3fb72eb1755110f38d2fdb2c0ae7ed4db6ed
2c5e6db8c18026100a6142e66bbbaaab2fc3c51d7439be5835dbe1c40ce412b8
2e5144cf559256b41d0767b1047eb0a35fd24bb2327269ab18f1f7868d849387
2e6f0e80227273368751f5db6d7d498cb031db74b4016f7ce4766f24153dbbc7
3128a28a56c5a39e41fdf8bd7a83eaf3dae054011a65c303b005cc6f86d0b08c
360de2887388dadba82989b5e324ef3c7d9058c296864af460523cad17b65d38
3b7fda64e3ae7cc40df7ff491dc978453c5b9921b0d33fca88545361df20c03e
3ca3e467b7d4d6b403aa4619019d9250b11449c8ee9c91c90bcbc9acdd64fea2
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
448f7fce1f8ad3b98978fb25448894a99cb98798df975d506af4e0ede89ff9bb
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5b4a20b72d0dd46fd68495a1afceb4e5deacaabd68149c9701dc22b177bc37d6
622ce8b8df77abe82eab9649153b57d5a36fed18e6e323cfda838d7deee021f6
68863efede7556828ac4dcebc1f44a18e643d07a4e9309395cb6e2a251b74df0
6b4d0a667f6651e93b140103004cc86bac5f4dc480965f55ba7307ea5ec00e52
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854d677b850907cd851eac7e3f02f05a1e056f05bd5563199c5d93044ff16840
92a1cdb784f712d30749e2ef5996a385e15090bd2cafb71bc81079ca66980e73
a559ba07f12aeda335ca811bb96b6f57b555815a835fe5f86ad6e7f166190e6d
a68655a25df47d1fff564bb8afa40f3c2815c7cbda145f449eeb5c66551e6f2b
bdf5e72b661a2669c13e52be529e33c2c1f34482882bd3216dd1e71e1aa16c4b
bf0f093691353b1504627eeb79393f1d4b3812430bf57d0a2290d99006522ab3
c15ba5439622e8e3cee27b46c1f810ce88193352480428c5841c029a83ae0b96
c21ea4c50b2eff41a7b9cd7ae0ebd3a348777dec202d9b4477ea5a6532c749eb
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c7f5b84d1b7a1a4a7a02615bff422a8fff122e14019407d361c2e81b65c8587a
c9bd81940b5b9f61c2828334fb3d3d6f00e56965475b564065f857e5ca6e61ed
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
dcd8c5494dcac3c1b8192d6fb0c5df48f4aeec9f7313495529eddd2e0a252b94
dff05780e1a334c1b245b2f6730d052e42ea003230decc9e3d25aa1451b6688a
e34a259fa5f8a508c5fac3c952c16a6cc20fe991ab7b0065b557f8eb5154783e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6d32b7374c22750a45849cc1a5df5adad76c2fa80dc209aeb057494466e97d2
fb50a508ce8470bb052129640aec8f69362a3101538088f4320857c017ac70b3
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e