urlscan.io logo urlscan.io
SecurityTrails logo

bahighlife.com Open in urlscan Pro
78.136.60.42  Public Scan

Go To Rescan Add Verdict Report
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign...
Submission: On June 02 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 13 domains to perform 85 HTTP transactions. The main IP is 78.136.60.42, located in United Kingdom and belongs to RACKSPACE-LON, GB. The main domain is bahighlife.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 31st 2020. Valid for: a year.
This is the only time bahighlife.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

20    78.136.60.42 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)
bahighlife.com
1    2a04:4e42::621 (United States)

ASN54113 (FASTLY, US)
polyfill.io
5    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
4    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
app.ex.co
embed.ex.co
pixel.ex.co
1    2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
12    2.16.186.146 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-146.deploy.static.akamaitechnologies.com
pb-story.ex.co
cdn.ex.co
img.ex.co
3    3.208.219.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-219-24.compute-1.amazonaws.com
prd-collector-platform.ex.co
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
14    2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
Domain Requested by
20 bahighlife.com bahighlife.com
14 s0.2mdn.net 9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com
s0.2mdn.net
6 img.ex.co
5 pb-story.ex.co embed.ex.co
pb-story.ex.co
5 securepubads.g.doubleclick.net bahighlife.com
securepubads.g.doubleclick.net
9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com
www.googletagservices.com
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
4 www.google-analytics.com bahighlife.com
www.google-analytics.com
3 prd-collector-platform.ex.co embed.ex.co
bahighlife.com
pb-story.ex.co
3 embed.ex.co app.ex.co
embed.ex.co
pb-story.ex.co
2 pixel.ex.co cdn.ex.co
2 www.googletagservices.com securepubads.g.doubleclick.net
9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com
2 9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.google.com bahighlife.com
tpc.googlesyndication.com
1 cdn.ex.co embed.ex.co
1 fonts.googleapis.com embed.ex.co
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.fr securepubads.g.doubleclick.net
1 www.google.de bahighlife.com
1 stats.g.doubleclick.net www.google-analytics.com
1 app.ex.co bahighlife.com
1 unpkg.com bahighlife.com
1 polyfill.io bahighlife.com
85 23

This site contains links to these domains. Also see Links.

Domain
entertainment.ba.com
www.britishairways.com
Subject Issuer Validity Valid
bahighlife.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-31 -
2021-07-31		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-05-18 -
2022-03-26		 10 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-02 -
2021-08-02		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2020-12-27 -
2022-01-28		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Frame ID: C447CB10B685BB85AB4806DFADFE0BB7
Requests: 38 HTTP requests in this frame

Frame: https://app.ex.co/iframe/6e823961-f586-46f6-b667-c263f3989b32
Frame ID: A57A351297D42A047703F45016558435
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Poppins&family=Roboto&display=swap
Frame ID: ECCB84359A8A19B9072288C58E98D5EE
Requests: 17 HTTP requests in this frame

Frame: https://9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C12D9E0BE2FBDE7E0DE0F4BF8661D5CE
Requests: 8 HTTP requests in this frame

Frame: https://embed.ex.co/xdomain_cookie.html
Frame ID: 12EB1DF9194DAB0E8C9CB58D737ECC62
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: BE55B815460DE1917142B867F8A02282
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 19CF10B53CAE903299182F36856F0218
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
Frame ID: 0EC590AF22D47DBE9A32CAB4B3A86800
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/polyfill\.min\.js/i

Page Statistics

85
Requests

100 %
HTTPS

74 %
IPv6

13
Domains

23
Subdomains

19
IPs

4
Countries

1637 kB
Transfer

3630 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

85 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bahighlife.com/2021/june/which-holiday-location-best-suits-you/ 		53 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.136.60.42 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
c5460bd74926641b3f399c35793acbe5c864029d848390a5ae4859bc6db08baa

Request headers

Host
bahighlife.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Date
Wed, 02 Jun 2021 10:45:29 GMT
Content-Length
12151
main.css
bahighlife.com/styles/720027273/ 		46 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bahighlife.com/styles/720027273/main.css
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.136.60.42 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
481c441a78260407e70b189866ac1267070996ce0e699cd3f753db1650d39d8f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bahighlife.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Connection
keep-alive
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 10:45:29 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
Cache-Control
max-age=5184000
Content-Length
12139
Vary
Accept-Encoding
Content-Type
text/css
MyliusModern-Light.woff2
bahighlife.com/fonts/ 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bahighlife.com/fonts/MyliusModern-Light.woff2
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.136.60.42 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
c8fe255a9b8a642674d5141db5197be807181a2bcf81ee73bec30c2494da3bb7

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://bahighlife.com
Accept-Encoding
gzip, deflate, br
Host
bahighlife.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Connection
keep-alive
Origin
https://bahighlife.com
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 10:45:29 GMT
Cache-Control
max-age=5184000
Last-Modified
Mon, 19 Apr 2021 13:29:56 GMT
Accept-Ranges
bytes
ETag
"63289e162035d71:0"
Content-Length
58172
Content-Type
application/x-font-woff2
MyliusModern-Bold.woff2
bahighlife.com/fonts/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bahighlife.com/fonts/MyliusModern-Bold.woff2
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.136.60.42 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
11a802f7044a2a8f23c08eac04dfe027032be9b43d115699d04ec707aeedd4f0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://bahighlife.com
Accept-Encoding
gzip, deflate, br
Host
bahighlife.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Connection
keep-alive
Origin
https://bahighlife.com
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 10:45:29 GMT
Cache-Control
max-age=5184000
Last-Modified
Mon, 19 Apr 2021 13:29:56 GMT
Accept-Ranges
bytes
ETag
"57d99d162035d71:0"
Content-Length
42536
Content-Type
application/x-font-woff2
LeituraTwo-Roman.woff2
bahighlife.com/fonts/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bahighlife.com/fonts/LeituraTwo-Roman.woff2
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.136.60.42 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
be145f66cf172cb01c5637be6c7f62c28873b78d2e41f6c4c98247355f829e03

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://bahighlife.com
Accept-Encoding
gzip, deflate, br
Host
bahighlife.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Connection
keep-alive
Origin
https://bahighlife.com
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 10:45:29 GMT
Cache-Control
max-age=5184000
Last-Modified
Mon, 19 Apr 2021 13:29:56 GMT
Accept-Ranges
bytes
ETag
"52429d162035d71:0"
Content-Length
26080
Content-Type
application/x-font-woff2
polyfill.min.js
polyfill.io/v3/ 		72 B
536 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=Array.from%2CPromise%2CObject.assign
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bahighlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
440882
detected-user-agent
Chrome Mobile/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Fri, 28 May 2021 01:32:36 GMT
date
Wed, 02 Jun 2021 10:45:30 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
main.js
bahighlife.com/js/720114109/ 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bahighlife.com/js/720114109/main.js
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.136.60.42 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
f8536cb50ddc349a30efc638c8d2284f0704ca3b0561a04d3bd82b699ca8d00e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bahighlife.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Connection
keep-alive
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 10:45:29 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
Cache-Control
max-age=5184000
Content-Length
11491
Vary
Accept-Encoding
Content-Type
application/javascript
autotrack.custom.js
bahighlife.com/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bahighlife.com/js/autotrack.custom.js
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.136.60.42 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
f0012b6395d041561daf2e79ca7ac163de1236ced15bc7a92462567dfd883e4e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bahighlife.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Connection
keep-alive
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 10:45:29 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
Cache-Control
max-age=5184000
Content-Length
2638
Vary
Accept-Encoding
Content-Type
application/javascript
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
c75be43e16395447b536a5446e18982c9a1a93b2e3c5833c69bf6b9c13686537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bahighlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"890 / 4 of 1000 / last-modified: 1622626637"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21247
x-xss-protection
0
expires
Wed, 02 Jun 2021 10:45:30 GMT
logo-ba-small.svg
bahighlife.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bahighlife.com/images/logo-ba-small.svg
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.136.60.42 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
77f0c1c2df2e3368c138aeceb0f2375533a547c0153c5c041e8fb8327b78a28f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bahighlife.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Connection
keep-alive
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 10:45:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Mar 2021 09:27:19 GMT
ETag
"39193e14625d71:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
922
logo-ba.svg
bahighlife.com/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bahighlife.com/images/logo-ba.svg
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.136.60.42 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
ad75857db09951f390660f90aa509b7cf8877a5a266a5d76d6509e1d6ef9a151

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bahighlife.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Cookie
_ga=GA1.2.1363992231.1622630731; _gid=GA1.2.1057238567.1622630731
Connection
keep-alive
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 10:45:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Mar 2021 09:27:19 GMT
ETag
"80b562e14625d71:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1818
logo-highlife.svg
bahighlife.com/images/ 		1 KB
779 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bahighlife.com/images/logo-highlife.svg
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.136.60.42 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
f3adb7da5cfd8d1e85116d53fae99c4ce2d28e2d1f598ae7985d1a6e8a0c1ad1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bahighlife.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Cookie
_ga=GA1.2.1363992231.1622630731; _gid=GA1.2.1057238567.1622630731
Connection
keep-alive
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 10:45:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Mar 2021 09:27:19 GMT
ETag
"542893e14625d71:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
531
logo-ba-small-negative.svg
bahighlife.com/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bahighlife.com/images/logo-ba-small-negative.svg
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.136.60.42 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
3ab10ef1dafda07fde7a45aa4538f721abe9c34967dc7ba7d7a5f41e9ee92a5c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bahighlife.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Cookie
_ga=GA1.2.1363992231.1622630731; _gid=GA1.2.1057238567.1622630731
Connection
keep-alive
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 10:45:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Mar 2021 09:27:19 GMT
ETag
"39193e14625d71:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1049
focus-visible.min.js
unpkg.com/focus-visible@5.1.0/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/focus-visible@5.1.0/dist/focus-visible.min.js
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6abe5b4a45660d2e1c1a6f439d996d8a69a7a1a472be169c3121ade517b7ab05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://bahighlife.com
Referer
https://bahighlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:45:30 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
3471849
fly-request-id
01F3YP7J2A49M7NR67NS1GH1P5
content-encoding
br
vary
Accept-Encoding
cf-request-id
0a6ded230900004dc43ab21000000001
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"beb-P2d7bY1J9dMwzvFygjaCFAK0aMA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
659017b1afa24dc4-FRA
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bahighlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5647
date
Wed, 02 Jun 2021 09:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 02 Jun 2021 11:11:23 GMT
6e823961-f586-46f6-b667-c263f3989b32
app.ex.co/iframe/ Frame A57A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.ex.co/iframe/6e823961-f586-46f6-b667-c263f3989b32
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
72c3f77b433afa75a1b87848e9c8c4566f98dbd16ec219589696bd943c0b345a

Request headers

:method
GET
:authority
app.ex.co
:scheme
https
:path
/iframe/6e823961-f586-46f6-b667-c263f3989b32
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bahighlife.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bahighlife.com/

Response headers

content-type
text/html; charset=utf-8
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, X-PB-Referer
access-control-allow-methods
GET, POST, PUT, DELETE
access-control-max-age
600
etag
W/"d6a-AsP+0xBEJ++Xpakt8jaFj5Si0vY"
content-encoding
gzip
accept-ranges
bytes
date
Wed, 02 Jun 2021 10:45:30 GMT
via
1.1 varnish
age
5170
x-served-by
cache-cdg20725-CDG
x-cache
HIT
x-cache-hits
1
x-timer
S1622630731.543561,VS0,VE3
vary
X-PB-Campaign,X-PB-Os,X-PB-Platform,X-PB-Browser, Accept-Encoding
content-length
1285
pets-00-hero-rosewood-hong-kong-v2.jpg
bahighlife.com/media/2889/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bahighlife.com/media/2889/pets-00-hero-rosewood-hong-kong-v2.jpg?center=0.2857142857142857,0.52071005917159763&mode=crop&width=256&height=313&rnd=132652006470000000
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.136.60.42 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
c2254a087d0b6d55cd365b37a84a960b84b5cc896a61e359f72a54893fac7966

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bahighlife.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Cookie
_ga=GA1.2.1363992231.1622630731; _gid=GA1.2.1057238567.1622630731
Connection
keep-alive
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 10:45:29 GMT
Last-Modified
Tue, 11 May 2021 13:09:46 GMT
ImageProcessedBy
ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
ETag
"8a9591ea6646d71:0"
DCX-Kraken
TRUE
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, immutable, max-age=604800
Accept-Ranges
bytes
Content-Length
31452
Expires
Wed, 09 Jun 2021 10:45:30 GMT
road-trips-00-hero-credit-getty-images.jpg
bahighlife.com/media/2858/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bahighlife.com/media/2858/road-trips-00-hero-credit-getty-images.jpg?anchor=center&mode=crop&width=256&height=313&rnd=132647058330000000
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.136.60.42 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
90c1d945e4531ff909f26332b1d0c41ac50150c7f29742e689cd7ce25dd09445

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bahighlife.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Cookie
_ga=GA1.2.1363992231.1622630731; _gid=GA1.2.1057238567.1622630731
Connection
keep-alive
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 10:45:29 GMT
Last-Modified
Thu, 06 May 2021 13:49:17 GMT
ImageProcessedBy
ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
ETag
"49fd9f9b7e42d71:0"
DCX-Kraken
TRUE
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, immutable, max-age=604800
Accept-Ranges
bytes
Content-Length
45088
Expires
Wed, 09 Jun 2021 10:45:30 GMT
picnic-spots-00-hero-new-york-belvedere-castle-central-park-credit-alamy.jpg
bahighlife.com/media/2828/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bahighlife.com/media/2828/picnic-spots-00-hero-new-york-belvedere-castle-central-park-credit-alamy.jpg?center=0.64210526315789473,0.38421052631578945&mode=crop&width=256&height=313&rnd=132666004070000000
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.136.60.42 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
8a8193adcab4bd033a2320a67a61c3bbc96b247f0d5496f7ff86153a29049eae

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bahighlife.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Cookie
_ga=GA1.2.1363992231.1622630731; _gid=GA1.2.1057238567.1622630731
Connection
keep-alive
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 10:45:29 GMT
Last-Modified
Thu, 27 May 2021 13:51:16 GMT
ImageProcessedBy
ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
ETag
"1171a5dff52d71:0"
DCX-Kraken
TRUE
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, immutable, max-age=604800
Accept-Ranges
bytes
Content-Length
30894
Expires
Wed, 09 Jun 2021 10:45:30 GMT
happiest-places-00-hero-sardinia-credit-adobe-stock-gt-alt.jpg
bahighlife.com/media/2809/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bahighlife.com/media/2809/happiest-places-00-hero-sardinia-credit-adobe-stock-gt-alt.jpg?anchor=center&mode=crop&width=256&height=313&rnd=132635829570000000
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.136.60.42 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
4e636b34f1291c2d9c4f48000be72082befc05f71955b506e11d966bcf5c8472

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bahighlife.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Cookie
_ga=GA1.2.1363992231.1622630731; _gid=GA1.2.1057238567.1622630731
Connection
keep-alive
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 10:45:29 GMT
Last-Modified
Thu, 22 Apr 2021 19:58:44 GMT
ImageProcessedBy
ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
ETag
"bd60a7e6b137d71:0"
DCX-Kraken
TRUE
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, immutable, max-age=604800
Accept-Ranges
bytes
Content-Length
29728
Expires
Wed, 09 Jun 2021 10:45:30 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=327299579&t=pageview&_s=1&dl=https%3A%2F%2Fbahighlife.com%2F2021%2Fjune%2Fwhich-holiday-location-best-suits-you%2F%3FDM1_mktgCat%3DEmail%26DM1_MktgSubCat%3D2%26DM1_Campaign%3DPR-19232SOLVE00619%26DM1_Chksm%3D101908147060%26DM1_SRC%3D%26DM1_Channel%3DEmail%26utm_source%3DeD%26utm_medium%3DEmail%26utm_campaign%3DEmail%26utm_term%3DSOLVE00619%26utm_content%3DPR-19232%26propositionid%3DSOLHE01541&ul=en-us&de=UTF-8&dt=Which%20holiday%20location%20best%20suits%20you%20%7C%20High%20Life%20Magazine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEADAAAAAC~&jid=2042358705&gjid=1926876721&cid=1363992231.1622630731&tid=UA-5828408-4&_gid=1057238567.1622630731&_r=1&_slc=1&_av=2.4.1&_au=22&did=i5iSjo&z=1423435910
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bahighlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 10:45:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bahighlife.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=327299579&t=event&_s=2&dl=https%3A%2F%2Fbahighlife.com%2F2021%2Fjune%2Fwhich-holiday-location-best-suits-you%2F%3FDM1_mktgCat%3DEmail%26DM1_MktgSubCat%3D2%26DM1_Campaign%3DPR-19232SOLVE00619%26DM1_Chksm%3D101908147060%26DM1_SRC%3D%26DM1_Channel%3DEmail%26utm_source%3DeD%26utm_medium%3DEmail%26utm_campaign%3DEmail%26utm_term%3DSOLVE00619%26utm_content%3DPR-19232%26propositionid%3DSOLHE01541&ul=en-us&de=UTF-8&dt=Which%20holiday%20location%20best%20suits%20you%20%7C%20High%20Life%20Magazine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Tag%20views&ea=Inspiration&_u=aGBAAEADAAAAAC~&jid=&gjid=&cid=1363992231.1622630731&tid=UA-5828408-4&_gid=1057238567.1622630731&_av=2.4.1&_au=22&did=i5iSjo&z=560838656
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bahighlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 23:29:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40578
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021052601.js
securepubads.g.doubleclick.net/gpt/ 		311 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bahighlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 May 2021 08:37:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111649
x-xss-protection
0
expires
Wed, 02 Jun 2021 10:45:30 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-5828408-4&cid=1363992231.1622630731&jid=2042358705&gjid=1926876721&_gid=1057238567.1622630731&_u=aGBAAEACAAAAAC~&z=1131785104
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bahighlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 02 Jun 2021 10:45:30 GMT
content-type
text/plain
access-control-allow-origin
https://bahighlife.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
embed.ex.co/ Frame A57A 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.ex.co/sdk.js
Requested by
Host: app.ex.co
URL: https://app.ex.co/iframe/6e823961-f586-46f6-b667-c263f3989b32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
93f0b084014ee73cfd4b13ceb982d2dc87277d4e9fc97057e4b28480db014c87

Request headers

Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:45:30 GMT
content-encoding
gzip
age
176320
x-cache
HIT, HIT
access-control-max-age
600
x-surrogate-key
SDK-for-external-purge
content-length
12031
x-served-by
cache-bwi5144-BWI, cache-cdg20725-CDG
access-control-allow-origin
*
server
nginx
x-timer
S1622630731.725467,VS0,VE1
etag
W/"c010-7z+ncFTxqs22Ze5Y7ISCamXsIr4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type, X-PB-Referer
x-cache-hits
1, 1
main.css
bahighlife.com/styles/ 		46 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bahighlife.com/styles/main.css
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/js/720114109/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.136.60.42 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
481c441a78260407e70b189866ac1267070996ce0e699cd3f753db1650d39d8f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bahighlife.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Cookie
_ga=GA1.2.1363992231.1622630731; _gid=GA1.2.1057238567.1622630731; _gat=1
Connection
keep-alive
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 10:45:29 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
Cache-Control
max-age=5184000
Content-Length
12139
Vary
Accept-Encoding
Content-Type
text/css
styles.e37fefbe.chunk.js
bahighlife.com/js/ 		759 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bahighlife.com/js/styles.e37fefbe.chunk.js
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/js/720114109/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.136.60.42 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
2aea6de371df6e244a43d30d19f09c1c51596bb58436967049e24d2437069a18

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bahighlife.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Cookie
_ga=GA1.2.1363992231.1622630731; _gid=GA1.2.1057238567.1622630731; _gat=1
Connection
keep-alive
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 10:45:29 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
Cache-Control
max-age=5184000
Content-Length
242
Vary
Accept-Encoding
Content-Type
application/javascript
31.e37fefbe.chunk.js
bahighlife.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bahighlife.com/js/31.e37fefbe.chunk.js
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/js/720114109/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.136.60.42 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
766e715663047135bb6cd3af25cc68ab2352aa765e561d54d55e16bc95b2a602

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bahighlife.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Cookie
_ga=GA1.2.1363992231.1622630731; _gid=GA1.2.1057238567.1622630731; _gat=1
Connection
keep-alive
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 10:45:29 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
Cache-Control
max-age=5184000
Content-Length
1246
Vary
Accept-Encoding
Content-Type
application/javascript
1.e37fefbe.chunk.js
bahighlife.com/js/ 		34 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bahighlife.com/js/1.e37fefbe.chunk.js
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/js/720114109/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.136.60.42 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
fd69e58b0334ee241c5c22bfd77fb4aeccac75cc0faf60f287e55d45b27b9480

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bahighlife.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Cookie
_ga=GA1.2.1363992231.1622630731; _gid=GA1.2.1057238567.1622630731; _gat=1
Connection
keep-alive
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 10:45:29 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
Cache-Control
max-age=5184000
Content-Length
17331
Vary
Accept-Encoding
Content-Type
application/javascript
27.e37fefbe.chunk.js
bahighlife.com/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bahighlife.com/js/27.e37fefbe.chunk.js
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/js/720114109/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.136.60.42 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
e69c1a96e930d97194c94c282692d598a28be9f8a42477f4e6f32855df5c5893

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bahighlife.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Cookie
_ga=GA1.2.1363992231.1622630731; _gid=GA1.2.1057238567.1622630731; _gat=1
Connection
keep-alive
Referer
https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 10:45:29 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
Cache-Control
max-age=5184000
Content-Length
2331
Vary
Accept-Encoding
Content-Type
application/javascript
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5828408-4&cid=1363992231.1622630731&jid=2042358705&_u=aGBAAEACAAAAAC~&z=956021522
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bahighlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 10:45:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5828408-4&cid=1363992231.1622630731&jid=2042358705&_u=aGBAAEACAAAAAC~&z=956021522
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bahighlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 10:45:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
story-viewer.js
pb-story.ex.co/production/1de4213d518c76a2c53fb91ebaccb2327ffe5e9d-2021-05-30-09-25-36/ Frame A57A 		639 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pb-story.ex.co/production/1de4213d518c76a2c53fb91ebaccb2327ffe5e9d-2021-05-30-09-25-36/story-viewer.js
Requested by
Host: embed.ex.co
URL: https://embed.ex.co/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a0fc484d85341883e9d99cdaeb270493f3e19000547ac67573b6791c1f121d95

Request headers

Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:45:30 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
146466
last-modified
Sun, 30 May 2021 09:25:37 GMT
server
AmazonS3
etag
"1f93d52be0c99ea90cac682381b8055b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 09 Jun 2021 10:45:30 GMT
events
prd-collector-platform.ex.co/main/ Frame A57A 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-platform.ex.co/main/events
Requested by
Host: embed.ex.co
URL: https://embed.ex.co/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.219.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-219-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://app.ex.co
date
Wed, 02 Jun 2021 10:45:31 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
html
embed.ex.co/ Frame A57A 		165 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed.ex.co/html?id=6e823961-f586-46f6-b667-c263f3989b32
Requested by
Host: embed.ex.co
URL: https://embed.ex.co/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3bcc60eba3866e8f9d2880b1150f7644410fbca17c14c2af105396ce06456b59

Request headers

Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:45:30 GMT
content-encoding
gzip
etag
W/"29568-ukoNh3IxiV8W2WyNWitg7ANf3a4"
age
5170
x-cache
HIT, HIT
x-pb-os
windows
access-control-max-age
600
x-pb-platform
desktop
x-surrogate-key
6e823961-f586-46f6-b667-c263f3989b32 story 53c9f737-f545-42a7-b5c5-c6c90ef33a36 fe90ccef-12ec-4bfd-a415-0778422ce000 app.ex.co playbuzz1
content-length
31839
x-served-by
cache-bwi5120-BWI, cache-cdg20771-CDG
access-control-allow-origin
*
server
nginx
x-timer
S1622630731.831010,VS0,VE1
x-pb-browser
chrome
vary
X-PB-Campaign,X-PB-Os,X-PB-Platform,X-PB-Browser, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/html; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type, X-PB-Referer
x-cache-hits
2, 1
integrator.js
adservice.google.fr/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=bahighlife.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bahighlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 10:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bahighlife.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bahighlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 10:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3142604448601224&correlator=2883710803633980&output=ldjh&impl=fifs&eid=22316437%2C31061142%2C21066612%2C44744015&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210602&iu_parts=5508%2Chld%2Cros-articles%2Clong-top&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&cookie_enabled=1&bc=31&abxe=1&lmt=1622630730&dt=1622630730863&dlt=1622630730429&idt=409&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=24&adks=3963560996&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbahighlife.com%2F2021%2Fjune%2Fwhich-holiday-location-best-suits-you%2F%3FDM1_mktgCat%3DEmail%26DM1_MktgSubCat%3D2%26DM1_Campaign%3DPR-19232SOLVE00619%26DM1_Chksm%3D101908147060%26DM1_SRC%3D%26DM1_Channel%3DEmail%26utm_source%3DeD%26utm_medium%3DEmail%26utm_campaign%3DEmail%26utm_term%3DSOLVE00619%26utm_content%3DPR-19232%26propositionid%3DSOLHE01541&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x298&msz=970x250&ga_vid=1363992231.1622630731&ga_sid=1622630731&ga_hid=327299579&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6f2bbfb7115dd16c4e26f9e219b655a660c674f4c3ddb1850c5522841f2f3acc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bahighlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:45:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8088
x-xss-protection
0
google-lineitem-id
5703210615
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138347985171
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bahighlife.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://bahighlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
css2
fonts.googleapis.com/ Frame ECCB 		3 KB
755 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins&family=Roboto&display=swap
Requested by
Host: embed.ex.co
URL: https://embed.ex.co/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e22b61fe5cefdae0821b9463171456dffa8705ad1993d2064f79d156832277ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 02 Jun 2021 09:38:03 GMT
server
ESF
date
Wed, 02 Jun 2021 10:45:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Jun 2021 10:45:30 GMT
events
prd-collector-platform.ex.co/main/ Frame ECCB 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-platform.ex.co/main/events
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.219.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-219-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://app.ex.co
date
Wed, 02 Jun 2021 10:45:31 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
analytics.js
www.google-analytics.com/ Frame ECCB 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: bahighlife.com
URL: https://bahighlife.com/2021/june/which-holiday-location-best-suits-you/?DM1_mktgCat=Email&DM1_MktgSubCat=2&DM1_Campaign=PR-19232SOLVE00619&DM1_Chksm=101908147060&DM1_SRC=&DM1_Channel=Email&utm_source=eD&utm_medium=Email&utm_campaign=Email&utm_term=SOLVE00619&utm_content=PR-19232&propositionid=SOLHE01541
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5647
date
Wed, 02 Jun 2021 09:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 02 Jun 2021 11:11:23 GMT
story-viewer.js
pb-story.ex.co/production/1de4213d518c76a2c53fb91ebaccb2327ffe5e9d-2021-05-30-09-25-36/ Frame ECCB 		639 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pb-story.ex.co/production/1de4213d518c76a2c53fb91ebaccb2327ffe5e9d-2021-05-30-09-25-36/story-viewer.js
Requested by
Host: embed.ex.co
URL: https://embed.ex.co/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a0fc484d85341883e9d99cdaeb270493f3e19000547ac67573b6791c1f121d95

Request headers

Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:45:30 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
146466
last-modified
Sun, 30 May 2021 09:25:37 GMT
server
AmazonS3
etag
"1f93d52be0c99ea90cac682381b8055b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 09 Jun 2021 10:45:30 GMT
pixel-sdk.min.js
cdn.ex.co/content/monetization/pixel-sdk/production/cf3ecc7e6125d7bf47bb3f9244d2e491bd03dcf3/ Frame ECCB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/content/monetization/pixel-sdk/production/cf3ecc7e6125d7bf47bb3f9244d2e491bd03dcf3/pixel-sdk.min.js
Requested by
Host: embed.ex.co
URL: https://embed.ex.co/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b20467618c120dfd9bdce32b8332271e6e5ada13bfad4c8a4e5390c1021a601e

Request headers

Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:45:31 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
2945
last-modified
Mon, 01 Feb 2021 11:00:31 GMT
server
AmazonS3
etag
"9088978c990261c45966bd44478d5c03"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 09 Jun 2021 10:45:31 GMT
container.html
9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C12D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bahighlife.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bahighlife.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 02 Jun 2021 10:45:30 GMT
expires
Thu, 02 Jun 2022 10:45:30 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bahighlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:45:31 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622028727180027"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Wed, 02 Jun 2021 10:45:31 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3996b99ed80dcbd9fc0892a5b2014209afd10ad1b2ece6348e59953fb489291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bahighlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 10:45:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8176
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bahighlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:45:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 02 Jun 2021 10:45:31 GMT
/
pixel.ex.co/v1/playbuzz-network/ Frame ECCB 		2 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.ex.co/v1/playbuzz-network/
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/content/monetization/pixel-sdk/production/cf3ecc7e6125d7bf47bb3f9244d2e491bd03dcf3/pixel-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:45:31 GMT
via
1.1 varnish
age
100
x-cache
HIT
content-length
2
x-served-by
cache-cdg20771-CDG
server
nginx
x-timer
S1622630731.256796,VS0,VE0
etag
W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
1
xdomain_cookie.html
embed.ex.co/ Frame 12EB 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://embed.ex.co/xdomain_cookie.html
Requested by
Host: pb-story.ex.co
URL: https://pb-story.ex.co/production/1de4213d518c76a2c53fb91ebaccb2327ffe5e9d-2021-05-30-09-25-36/story-viewer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8d3274b0867001332e86f553a5f77f89e0b20f4c5dba0c10033a52e46689b0c3

Request headers

:method
GET
:authority
embed.ex.co
:scheme
https
:path
/xdomain_cookie.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://app.ex.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://app.ex.co/

Response headers

content-type
text/html; charset=UTF-8
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, X-PB-Referer
access-control-allow-methods
GET, POST, PUT, DELETE
access-control-max-age
600
cache-control
public, max-age=0
last-modified
Thu, 20 May 2021 14:37:13 GMT
etag
W/"a87-1798a3581a8"
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
date
Wed, 02 Jun 2021 10:45:31 GMT
age
3400
x-served-by
cache-bwi5149-BWI, cache-cdg20725-CDG
x-cache
HIT, HIT
x-cache-hits
4, 1
x-timer
S1622630731.341016,VS0,VE1
vary
Accept-Encoding
content-length
1224
quiz-viewer.js
pb-story.ex.co/quiz/production/a708316baea89da48dd7e22ad2bf2dc68f5290f0-2021-05-25-11-12-07/ Frame ECCB 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pb-story.ex.co/quiz/production/a708316baea89da48dd7e22ad2bf2dc68f5290f0-2021-05-25-11-12-07/quiz-viewer.js
Requested by
Host: pb-story.ex.co
URL: https://pb-story.ex.co/production/1de4213d518c76a2c53fb91ebaccb2327ffe5e9d-2021-05-30-09-25-36/story-viewer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
55266c4a3d18d47c18d6774f22b45a46a3a0002c1376580722ebfc4101027a89

Request headers

Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:45:31 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
20282
last-modified
Tue, 25 May 2021 11:12:08 GMT
server
AmazonS3
etag
"530f2cc2ae015ac2ae4d339fb18d5902"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 09 Jun 2021 10:45:31 GMT
quiz-viewer-svg.js
pb-story.ex.co/quiz/production/a708316baea89da48dd7e22ad2bf2dc68f5290f0-2021-05-25-11-12-07/ Frame ECCB 		962 B
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pb-story.ex.co/quiz/production/a708316baea89da48dd7e22ad2bf2dc68f5290f0-2021-05-25-11-12-07/quiz-viewer-svg.js
Requested by
Host: pb-story.ex.co
URL: https://pb-story.ex.co/production/1de4213d518c76a2c53fb91ebaccb2327ffe5e9d-2021-05-30-09-25-36/story-viewer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6cfa0cecea43e22db2bfb3bc5e4a5b3655ae858485c90defea3d2c36da3b17c2

Request headers

Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:45:31 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
613
last-modified
Tue, 25 May 2021 11:12:08 GMT
server
AmazonS3
etag
"ba66cd3c19382182c3dba504895b4fd8"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 09 Jun 2021 10:45:31 GMT
call-to-action-viewer.js
pb-story.ex.co/call-to-action/production/8c1b882f591820995bd0cdb4b5c583807e60da44-2021-03-15-10-43-33/ Frame ECCB 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pb-story.ex.co/call-to-action/production/8c1b882f591820995bd0cdb4b5c583807e60da44-2021-03-15-10-43-33/call-to-action-viewer.js
Requested by
Host: pb-story.ex.co
URL: https://pb-story.ex.co/production/1de4213d518c76a2c53fb91ebaccb2327ffe5e9d-2021-05-30-09-25-36/story-viewer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
48c4f4956a2c6bdf47f0c0380d2ab97a32ee7a76f7ea8ebabd7b22d5dbf6e4fb

Request headers

Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:45:31 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
4425
last-modified
Mon, 15 Mar 2021 10:43:34 GMT
server
AmazonS3
etag
"366dcbd3d757405e9df9f58765601896"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 09 Jun 2021 10:45:31 GMT
6e823961-f586-46f6-b667-c263f3989b32
pixel.ex.co/v1/item/ Frame ECCB 		1 KB
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.ex.co/v1/item/6e823961-f586-46f6-b667-c263f3989b32
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/content/monetization/pixel-sdk/production/cf3ecc7e6125d7bf47bb3f9244d2e491bd03dcf3/pixel-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4ea471cc6d2642d2f29b0a2b44723838c431c02919aafec809bc50a3022ed0fa

Request headers

Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:45:31 GMT
content-encoding
gzip
age
3020
x-cache
HIT
access-control-max-age
600
content-length
458
x-served-by
cache-cdg20771-CDG
access-control-allow-origin
*
server
nginx
x-timer
S1622630731.340591,VS0,VE0
etag
W/"5c6-O3zrPZgNio3Vn+SHXFpF671qpQI"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/json; charset=utf-8
via
1.1 varnish
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
3
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/ Frame C12D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/abg_lite_fy2019.js
Requested by
Host: 9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com
URL: https://9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57a32821aa342bff22571bea1158676b4665fc8de5cb468a043be716e40edee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7025
x-xss-protection
0
server
cafe
etag
13581262519725736155
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 10:41:49 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame C12D 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com
URL: https://9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50150
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jun 2022 20:49:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C12D 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com
URL: https://9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:45:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Wed, 02 Jun 2021 10:45:31 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame BE55 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bahighlife.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bahighlife.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 02 Jun 2021 10:09:48 GMT
expires
Thu, 02 Jun 2022 10:09:48 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2143
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 19CF 		783 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ebe4f223da21cbfbd78ec0956f28024f6b97f84809adb52456a8e1ef547689ee
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XPnMg/Yt4IUgR2+eUuvMEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bahighlife.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bahighlife.com/

Response headers

expires
Wed, 02 Jun 2021 10:45:31 GMT
date
Wed, 02 Jun 2021 10:45:31 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-XPnMg/Yt4IUgR2+eUuvMEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
roa2plw0io9zhct7wzey.png
img.ex.co/image/upload/ar_1.5,c_crop/q_auto:good,f_auto,fl_lossy,w_640,c_limit,dpr_1/v1621593105/ Frame ECCB 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ex.co/image/upload/ar_1.5,c_crop/q_auto:good,f_auto,fl_lossy,w_640,c_limit,dpr_1/v1621593105/roa2plw0io9zhct7wzey.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
841d631cdf049d2e2d299f210efab42b078927198a34f9d23352aadfdfb1739e

Request headers

Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:45:31 GMT
x-amz-meta-cld-surrogate-reporting
width=640,height=427
x-amz-meta-cld-transformation-id
6722081182672204138
x-amz-meta-cld-version
1621593105
x-amz-meta-cld-surrogate-key
338206813655455067858979726454435995366 323655697964091601255122968022604638506
content-disposition
inline; filename="roa2plw0io9zhct7wzey.webp"
x-amz-request-id
2EN2CRS28FBH4C9N
x-amz-id-2
IKfah3P7z2pNmQtGiwWAWrHfBFhWRrUIba8QsBx0jSAuv/kCbIZIabbpZ1NrfiKyIxF893p/1bU=
accept-ranges
bytes
last-modified
Fri, 21 May 2021 14:58:00 GMT
server
AmazonS3
etag
"12f6c76df6bca1d13024f8e883a6d460"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31534807
content-length
45038
expires
Thu, 02 Jun 2022 10:25:38 GMT
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame C12D 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com
URL: https://9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com
Referer
https://9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 08:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9813
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Jun 2021 08:01:58 GMT
index.html
s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/ Frame 0EC5 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a45accafd1101a365487782886aadd80840ddeb120ef17c303b4116dddc8043
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2768
date
Tue, 01 Jun 2021 12:57:44 GMT
expires
Wed, 02 Jun 2021 12:57:44 GMT
last-modified
Thu, 29 Apr 2021 13:04:34 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=86400
age
78467
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame C12D 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiXjxOAWFPdvS3CqyqjRJrd21jpyo36qk87-k1i_kwmgizptJVM-bMjQDGt3qd6rwGbG6si1pm5mGp-68vVPJ3geuO1Kei4TwYAJ96XnWYdamye8pP1WZqHUzhDp2mzM1c62vSI3Q58lZjtqLks4oAwOgx14w6G8KXItwEballudE2ANJlJzUtN6jh8mhwFnGQmmOLPsINOPkaPcvfRc3Kr1J809BGV9RBKypRTWVQzBZPojTQDAynDfW9qFToX8puGTbd3XQGk_ZOA0xt85Pu5IWLr3KJUtD59Xk6nO4f-vHnj__TKg&sig=Cg0ArKJSzBA0lKtmAgwQEAE&urlfix=1&adurl=
Requested by
Host: 9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com
URL: https://9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 10:45:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
pagead2.googlesyndication.com/bg/ Frame BE55 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 08:32:44 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
7967
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5712
x-xss-protection
0
expires
Thu, 02 Jun 2022 08:32:44 GMT
loading.gif
s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/images/ Frame 0EC5 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/images/loading.gif
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
128da85d5e2e8b158d2cbaee868dfac48b870f4ea84c5a5d4ce96ef6032755c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 12:57:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Apr 2021 13:04:35 GMT
server
sffe
age
78466
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4531
x-xss-protection
0
expires
Wed, 02 Jun 2021 12:57:45 GMT
amexLogo.svg
s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/images/ Frame 0EC5 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/images/amexLogo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
308853fc7e714a7fa837410a9dc520bfacab7d43e580e29ecf400243f6f5fbab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 12:57:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78466
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1432
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 13:04:35 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 02 Jun 2021 12:57:45 GMT
aviosLogo.png
s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/images/ Frame 0EC5 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/images/aviosLogo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f8205fbde1233f8ec20f3e8e365ec63b5b9f15aa7bbcc59f2b6bb4181696494
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 05:42:05 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Apr 2021 13:04:35 GMT
server
sffe
age
18206
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5250
x-xss-protection
0
expires
Thu, 03 Jun 2021 05:42:05 GMT
baLogo_x2.png
s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/images/ Frame 0EC5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/images/baLogo_x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee446e899f23c1c21372a01ea501532cbb374056e947db1183c5a79fcfb3c4d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 12:57:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Apr 2021 13:04:35 GMT
server
sffe
age
78466
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2564
x-xss-protection
0
expires
Wed, 02 Jun 2021 12:57:45 GMT
img_01.jpg
s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/images/ Frame 0EC5 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/images/img_01.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a29e6defd3f5a185e0a12e6d16dd6b10f466027130f3a546727d05fc53b1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 12:57:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Apr 2021 13:04:35 GMT
server
sffe
age
78466
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
172121
x-xss-protection
0
expires
Wed, 02 Jun 2021 12:57:45 GMT
card_x2.png
s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/images/ Frame 0EC5 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/images/card_x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
432c8a349ae21884702ed47160c49491363bb6021426de8f8a53c32e89a5d383
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 12:57:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Apr 2021 13:04:35 GMT
server
sffe
age
78466
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35193
x-xss-protection
0
expires
Wed, 02 Jun 2021 12:57:45 GMT
replay.svg
s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/images/ Frame 0EC5 		585 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/images/replay.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f633e731be39aa8f63b44a301940174424a1f54adab3d50f2f14158ca1c4c79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 05:42:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18206
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
407
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 13:04:35 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 03 Jun 2021 05:42:05 GMT
styles.css
s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/css/ Frame 0EC5 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/css/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2522729e323ca98d07249f73080a8d72a942f30c20ec8fa5167abd96077a57d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 05:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18206
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1835
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 13:04:34 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 03 Jun 2021 05:42:06 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C12D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPbTFx6HSDKKQPJcXXuVhU9Pg07_2aiTcwLybhGua431V-2crZUiUK_7Je5uukjVfsjrRbqmzfgahs-0BkvVO2pYXeZN_vxJFK8nTSbcc5wr8Glpf__IenhKrLZ7LFsIl-faUmoO6m4YF8VVfumpiv8LzKWFU0CtlrcV-MwIq9ME9nNp2SQ4IvoYDV1VrR5ZP8HsnYPneWsWHrucfF4YEguT7AV-gAv1T5R58Mv12JE46ZGUmIvW5ciyn7-foDoNMDQHglg3JBxX1owXdNX6yvcuOvZDsOHldX7BjOQwAt6Jl9jVH_iPBH&sig=Cg0ArKJSzFI7m_rLJxnaEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 10:45:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 02 Jun 2021 10:45:32 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0EC5 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jun 2021 10:45:32 GMT
main.js
s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/js/ Frame 0EC5 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/js/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44443aaee6bb0a82201283676cab6948e99f0f6bb763e6563742b66ac6e07f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 05:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18206
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2104
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 13:04:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 03 Jun 2021 05:42:06 GMT
MyliusModern.woff
s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/fonts/ Frame 0EC5 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/fonts/MyliusModern.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/css/styles.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1ac368e0e9e45826b312abf1acfac674f86a9e6101fbef24404d2e18cf0a3e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 12:57:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Apr 2021 13:04:35 GMT
server
sffe
age
78467
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19340
x-xss-protection
0
expires
Wed, 02 Jun 2021 12:57:45 GMT
myliusmodern-bold.woff
s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/fonts/ Frame 0EC5 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/fonts/myliusmodern-bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/css/styles.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4c7525c01c489de9abf572955a21bf934f3a1ae5709c7225192fd88b83dfea5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 05:42:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Apr 2021 13:04:35 GMT
server
sffe
age
18206
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24700
x-xss-protection
0
expires
Thu, 03 Jun 2021 05:42:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=3142604448601224&bg=!sbKlsvbNAAaMan2LjGo7ACkAdvg8WqnebdaT9xcsad58uY9ED47URv9swXxPSsVY-7J-pmkPdPBRnAIAAAGUUgAAAA5oAQcKAJqeIZ3AUTn7PqKs4fJ6wvin23TqsP6o89PTCkSvSDm7Z-g6FGRG36XNGoBs6W_Os3cKr1sDL4liDjPPMZpzR6iyS1oHqqNr4SdcyizGDNm5CPiNXyFRSPFfxm_WjIQnUu8vmc96zy7Rya3ZxPPvIYhrgfAnywoIbjrau0dS6D9MPxnJaY0WqoLM629eeD10szQvUan8tUUeSGTPmQJD2X1vY-D9kvf5KcgCF53q84vGxTWfKB_Yv42Hd4OKfbTRqQzdcIwHBxVlCEpjZSzOs0snPuyFlM_mzoI_2E3CoQB_376IUOg5SVLwBl9xk_OK9O-2PTILOqwseO3-Fanlj_JOSuHmdqDng3bQb-Fg1U2JIFaMQbP3cEBlMt_493xOIzGdd9RlyYJ5YYhX_IKcMYUvizz7KrTm6unInM42xZyOENVagWIF8ZtVNOPs4xpj8Lw4lT-1gzokcok2schA_1AVEw6lAOWuRePkIDxsPxbiaK9ocWi6-uCUt4gDMRZyhbVRixV7nDybFFsuZqlCYL5lJgQXy7KIYwZp5ubxbRZCgQNe7a7yEStuPqBF-02sUwBRvm-iYimo1jw5HApyV-mZZ56nVRvUYJRmcZVUaGGQDtVS40crHkpBewZB4HI3SAl9LWr0s0Mp1d5mLl4F4q2p0I6ch11OtQOdjWTrLDbXWJ0Vxv-RC-aIZ0Lvnv7v2ekNQsOs_XIsErYg9EvKaE4XimbUOlRfzfhZ5-6p8i3l7h8B2LyNoF5yM1lOOBqfjL8dn-RgbhWd78uUMr7hvhRyvYVg9JFiZUkgWD0GTayEHoqYKPfYw8tWPbu1m0rrrCpc4kLLfIF1Fl7fJh9Gmc9QZJagVqaIY-icVfuayWsvum6YG4tNtus_K4wLqUELJYgXnOl07u_KRpNpJi6dBEgByO6vKItKUALobRO6eN9hzoihyjzLOkSzdO4g6sC_yajOtid2xRnSj8erm-Q-yBJS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bahighlife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 10:45:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
prd-collector-platform.ex.co/main/ Frame ECCB 		0
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prd-collector-platform.ex.co/main/events
Requested by
Host: pb-story.ex.co
URL: https://pb-story.ex.co/production/1de4213d518c76a2c53fb91ebaccb2327ffe5e9d-2021-05-30-09-25-36/story-viewer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.219.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-219-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://app.ex.co
date
Wed, 02 Jun 2021 10:45:32 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
activeview
pagead2.googlesyndication.com/pcs/ Frame C12D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaiOTEX4KZ3FFoTdkcjlToe5cNUP_LRT6E0EAPvtYYvJt_NeTRtsT1dgeddHyFP6Aff6RKEnaTgltrHo5jrgn4EYmkFad1sBJtowoWVYs&sig=Cg0ArKJSzCvRcTv1NslGEAE&id=lidar2&mcvt=1004&p=24,315,274,1285&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=3963560996&rs=4&met=ie&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622630731039&dlt=171&rpt=808&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 10:45:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ojab7sv1sprxdzvtgqcf.jpg
img.ex.co/image/upload/ar_1.5,c_crop/q_auto:good,f_auto,fl_lossy,w_640,c_limit,dpr_1/v1622022603/ Frame ECCB 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ex.co/image/upload/ar_1.5,c_crop/q_auto:good,f_auto,fl_lossy,w_640,c_limit,dpr_1/v1622022603/ojab7sv1sprxdzvtgqcf.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b223b72f795de3fd0e0d9e95f9d91b0fa0508047805636c79933094a91d69739

Request headers

Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
531871826
etag
"2f8126b9fced16c188130775c804f2fd"
x-amz-meta-cld-surrogate-reporting
width=640,height=427
x-amz-meta-cld-transformation-id
6722081182483447814
x-amz-meta-cld-version
1622022603
x-amz-meta-cld-surrogate-key
300183064872049334828956641930570126869 344567556895406985252998369881376874600
content-disposition
inline; filename="ojab7sv1sprxdzvtgqcf.webp"
x-amz-request-id
3CZHV4PJ3RJ0Q4GK
x-amz-id-2
5nrbdA4q+ibPKzEKQ+MvaVyV61eqM0U6xVnYQ9qn4/1cOrwfQTyZKP1O3MpPqOaF5U1L9rHPbxA=
accept-ranges
bytes
last-modified
Wed, 26 May 2021 11:19:36 GMT
server
AmazonS3
date
Wed, 02 Jun 2021 10:45:33 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31534840
content-length
49858
expires
Thu, 02 Jun 2022 10:26:13 GMT
lyb7hk8cvjptynequ0er.png
img.ex.co/image/upload/ar_1,c_crop/q_auto:good,f_auto,fl_lossy,w_640,c_limit,dpr_1/v1622021173/ Frame ECCB 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ex.co/image/upload/ar_1,c_crop/q_auto:good,f_auto,fl_lossy,w_640,c_limit,dpr_1/v1622021173/lyb7hk8cvjptynequ0er.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
479884e2c0eb40a16c1324856efd1b6939c54a238b5acebd283c0ff3f4502dea

Request headers

Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:45:33 GMT
x-amz-meta-cld-surrogate-reporting
width=640,height=640
x-amz-meta-cld-transformation-id
6722080663882934182
x-amz-meta-cld-version
1622021173
x-amz-meta-cld-surrogate-key
498969007249023018400384475788781033949 485352891698548873174278789325459871119
content-disposition
inline; filename="lyb7hk8cvjptynequ0er.webp"
x-amz-request-id
74DZENG1VXTG1435
x-amz-id-2
3XOMrU4QP6gYC81N1nhTmS8ZES4ns4IGB9gk7OGU0wue8Mtb28bFlnHguJPBF7GWZfZq3aZvcr0=
accept-ranges
bytes
last-modified
Wed, 26 May 2021 11:19:37 GMT
server
AmazonS3
etag
"41bb5dd782b17b7ccce43a0e25a4eca8"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31534836
content-length
42626
expires
Thu, 02 Jun 2022 10:26:09 GMT
jkv6zjoqd4p4a7zoymoe.jpg
img.ex.co/image/upload/ar_1,c_crop/q_auto:good,f_auto,fl_lossy,w_640,c_limit,dpr_1/v1622021356/ Frame ECCB 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ex.co/image/upload/ar_1,c_crop/q_auto:good,f_auto,fl_lossy,w_640,c_limit,dpr_1/v1622021356/jkv6zjoqd4p4a7zoymoe.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5863ee43d690af6a3db12a7bb3cae37a93c40179c9c691dd8e963588fb6f8d65

Request headers

Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
889473622
etag
"705bce77e3fa96bd00877bdbd5972f82"
x-amz-meta-cld-surrogate-reporting
width=640,height=640
x-amz-meta-cld-transformation-id
6722080662641415883
x-amz-meta-cld-version
1622021356
x-amz-meta-cld-surrogate-key
300721046635303524333976758928454501688 298731079390627002801917452941897854134
content-disposition
inline; filename="jkv6zjoqd4p4a7zoymoe.webp"
x-amz-request-id
3CZQFGN0QH8DM4CH
x-amz-id-2
/D1qDuSffu1tA6F88n7woNILvRV2hFxnfMr4YekIoSdXboEJxwqQ8ioqXmXANAydAi7uYaxx8DU=
accept-ranges
bytes
last-modified
Wed, 26 May 2021 11:19:36 GMT
server
AmazonS3
date
Wed, 02 Jun 2021 10:45:33 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31534851
content-length
16182
expires
Thu, 02 Jun 2022 10:26:24 GMT
a2ka1asjcsiflrll0hno.jpg
img.ex.co/image/upload/ar_1,c_crop/q_auto:good,f_auto,fl_lossy,w_640,c_limit,dpr_1/v1622021446/ Frame ECCB 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ex.co/image/upload/ar_1,c_crop/q_auto:good,f_auto,fl_lossy,w_640,c_limit,dpr_1/v1622021446/a2ka1asjcsiflrll0hno.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
45423ae30f101e2cab36f9c36b3c91996ac3d13b2a1ad27e04075f85dd65bd02

Request headers

Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
aj-robbie-BuQ1RZckYW4-unsplash
etag
"48371c9a01189ae4d28be270b556682e"
x-amz-meta-cld-surrogate-reporting
width=640,height=640
x-amz-meta-cld-transformation-id
6722080662641415883
x-amz-meta-cld-version
1622021446
x-amz-meta-cld-surrogate-key
489642042681485604590099827988642664477 298731079390627002801917452941897854134
content-disposition
inline; filename="a2ka1asjcsiflrll0hno.webp"
x-amz-request-id
3CZRERHB424JHNES
x-amz-id-2
I7Gqt8OSS9u1XzwSu2QcHPayj0xBon3AR+D4p3oW93ittIf9QK8g7ETYjke6fYe/VQvfD3wniU4=
accept-ranges
bytes
last-modified
Wed, 26 May 2021 11:19:36 GMT
server
AmazonS3
date
Wed, 02 Jun 2021 10:45:33 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31534846
content-length
52822
expires
Thu, 02 Jun 2022 10:26:19 GMT
eexahxrdhbmlmgdj4wq8.jpg
img.ex.co/image/upload/ar_1,c_crop/q_auto:good,f_auto,fl_lossy,w_640,c_limit,dpr_1/v1622022379/ Frame ECCB 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ex.co/image/upload/ar_1,c_crop/q_auto:good,f_auto,fl_lossy,w_640,c_limit,dpr_1/v1622022379/eexahxrdhbmlmgdj4wq8.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5220eee375f16e373da87a0ee3e0255a85e9b00f2c4783d02ae6e75a0e395788

Request headers

Referer
https://app.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
samuel-regan-asante-3BcNKoySAq0-unsplash
etag
"aa889f5e93632f924162d620f1710a5e"
x-amz-meta-cld-surrogate-reporting
width=640,height=640
x-amz-meta-cld-transformation-id
6722080662641415883
x-amz-meta-cld-version
1622022379
x-amz-meta-cld-surrogate-key
328122082634102388963393080725890689859 298731079390627002801917452941897854134
x-amz-request-id
74DPV9CH5QHF4DH9
x-amz-id-2
Mq7hn5Xbc/NfB3/PURr4C5msuV3OXP0L3freYPH5b4c2pdnIm8VXkGGUL+BGmnT85jlJNMhjMlw=
accept-ranges
bytes
last-modified
Wed, 26 May 2021 11:19:37 GMT
server
AmazonS3
date
Wed, 02 Jun 2021 10:45:33 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, private, max-age=31534863
content-length
116666
expires
Thu, 02 Jun 2022 10:26:36 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| GoogleAnalyticsObject function| ga object| googletag object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| gaDevIds object| ggeac object| google_js_reporting_queue object| webpackJsonpba-high-life function| applyFocusVisiblePolyfill function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| topMapping object| midMapping object| midadMapping object| artMapping object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_image_requests

4 Cookies

Domain/Path Name / Value
.bahighlife.com/ Name: __gads
Value: ID=03b7acbcc28f6c41:T=1622630730:S=ALNI_MYk7iSuLg-qlTMkmCM8NrJqfCP5lA
.bahighlife.com/ Name: _gat
Value: 1
.bahighlife.com/ Name: _gid
Value: GA1.2.1057238567.1622630731
.bahighlife.com/ Name: _ga
Value: GA1.2.1363992231.1622630731

20 Console Messages

Source Level URL
Text
console-api log URL: https://bahighlife.com/js/720114109/main.js(Line 1)
Message:
Registered: [object ServiceWorkerRegistration]
console-api warning URL: https://pb-story.ex.co/production/1de4213d518c76a2c53fb91ebaccb2327ffe5e9d-2021-05-30-09-25-36/story-viewer.js(Line 59)
Message:
[1.11s] [Advertisement]: PlaybuzzAd is missing, this is probably caused by an ad-blocker
console-api warning URL: https://pb-story.ex.co/production/1de4213d518c76a2c53fb91ebaccb2327ffe5e9d-2021-05-30-09-25-36/story-viewer.js(Line 59)
Message:
[1.11s] [Advertisement]: PlaybuzzAd is missing, this is probably caused by an ad-blocker
console-api warning URL: https://pb-story.ex.co/production/1de4213d518c76a2c53fb91ebaccb2327ffe5e9d-2021-05-30-09-25-36/story-viewer.js(Line 59)
Message:
[1.11s] [Advertisement]: PlaybuzzAd is missing, this is probably caused by an ad-blocker
console-api warning URL: https://pb-story.ex.co/production/1de4213d518c76a2c53fb91ebaccb2327ffe5e9d-2021-05-30-09-25-36/story-viewer.js(Line 59)
Message:
[1.13s] [Advertisement]: PlaybuzzAd is missing, this is probably caused by an ad-blocker
console-api warning URL: https://pb-story.ex.co/production/1de4213d518c76a2c53fb91ebaccb2327ffe5e9d-2021-05-30-09-25-36/story-viewer.js(Line 59)
Message:
[1.13s] [Advertisement]: PlaybuzzAd is missing, this is probably caused by an ad-blocker
console-api warning URL: https://pb-story.ex.co/production/1de4213d518c76a2c53fb91ebaccb2327ffe5e9d-2021-05-30-09-25-36/story-viewer.js(Line 59)
Message:
[1.13s] [Advertisement]: PlaybuzzAd is missing, this is probably caused by an ad-blocker
console-api warning URL: https://pb-story.ex.co/production/1de4213d518c76a2c53fb91ebaccb2327ffe5e9d-2021-05-30-09-25-36/story-viewer.js(Line 59)
Message:
[1.14s] [Advertisement]: PlaybuzzAd is missing, this is probably caused by an ad-blocker
console-api warning URL: https://pb-story.ex.co/production/1de4213d518c76a2c53fb91ebaccb2327ffe5e9d-2021-05-30-09-25-36/story-viewer.js(Line 59)
Message:
[1.14s] [Advertisement]: PlaybuzzAd is missing, this is probably caused by an ad-blocker
console-api warning URL: https://pb-story.ex.co/production/1de4213d518c76a2c53fb91ebaccb2327ffe5e9d-2021-05-30-09-25-36/story-viewer.js(Line 59)
Message:
[1.14s] [Advertisement]: PlaybuzzAd is missing, this is probably caused by an ad-blocker
console-api log URL: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html(Line 179)
Message:
CSS LOADED
console-api warning URL: https://pb-story.ex.co/production/1de4213d518c76a2c53fb91ebaccb2327ffe5e9d-2021-05-30-09-25-36/story-viewer.js(Line 59)
Message:
[1.61s] [Advertisement]: PlaybuzzAd is missing, this is probably caused by an ad-blocker
console-api debug URL: https://pb-story.ex.co/production/1de4213d518c76a2c53fb91ebaccb2327ffe5e9d-2021-05-30-09-25-36/story-viewer.js(Line 59)
Message:
TimeCounter: already started
console-api log URL: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html(Line 213)
Message:
JS LOADED (https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js)
console-api log URL: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/index.html(Line 213)
Message:
JS LOADED (js/main.js)
console-api log URL: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/js/main.js(Line 40)
Message:
start ad
console-api log URL: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/js/main.js(Line 68)
Message:
Creative.play
console-api log URL: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/js/main.js(Line 209)
Message:
0.4
console-api log URL: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/js/main.js(Line 209)
Message:
0.4
console-api log URL: https://s0.2mdn.net/dfp/272694/16842294/1619701474834/970x250_grocery/js/main.js(Line 209)
Message:
0.4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9a1cd39becbe15ab4a06a911d11a64f0.safeframe.googlesyndication.com
adservice.google.com
adservice.google.fr
app.ex.co
bahighlife.com
cdn.ex.co
embed.ex.co
fonts.googleapis.com
img.ex.co
pagead2.googlesyndication.com
pb-story.ex.co
pixel.ex.co
polyfill.io
prd-collector-platform.ex.co
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
142.250.181.226
151.101.194.137
2.16.186.146
2606:4700::6810:7eaf
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:802::200a
2a00:1450:4001:803::2001
2a00:1450:4001:803::2006
2a00:1450:4001:809::2001
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:400c:c08::9b
2a04:4e42::621
3.208.219.24
78.136.60.42
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
11a802f7044a2a8f23c08eac04dfe027032be9b43d115699d04ec707aeedd4f0
128da85d5e2e8b158d2cbaee868dfac48b870f4ea84c5a5d4ce96ef6032755c8
1a45accafd1101a365487782886aadd80840ddeb120ef17c303b4116dddc8043
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
2522729e323ca98d07249f73080a8d72a942f30c20ec8fa5167abd96077a57d9
2aea6de371df6e244a43d30d19f09c1c51596bb58436967049e24d2437069a18
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
308853fc7e714a7fa837410a9dc520bfacab7d43e580e29ecf400243f6f5fbab
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3ab10ef1dafda07fde7a45aa4538f721abe9c34967dc7ba7d7a5f41e9ee92a5c
3bcc60eba3866e8f9d2880b1150f7644410fbca17c14c2af105396ce06456b59
432c8a349ae21884702ed47160c49491363bb6021426de8f8a53c32e89a5d383
44443aaee6bb0a82201283676cab6948e99f0f6bb763e6563742b66ac6e07f12
45423ae30f101e2cab36f9c36b3c91996ac3d13b2a1ad27e04075f85dd65bd02
479884e2c0eb40a16c1324856efd1b6939c54a238b5acebd283c0ff3f4502dea
481c441a78260407e70b189866ac1267070996ce0e699cd3f753db1650d39d8f
48c4f4956a2c6bdf47f0c0380d2ab97a32ee7a76f7ea8ebabd7b22d5dbf6e4fb
4e636b34f1291c2d9c4f48000be72082befc05f71955b506e11d966bcf5c8472
4ea471cc6d2642d2f29b0a2b44723838c431c02919aafec809bc50a3022ed0fa
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f8205fbde1233f8ec20f3e8e365ec63b5b9f15aa7bbcc59f2b6bb4181696494
5220eee375f16e373da87a0ee3e0255a85e9b00f2c4783d02ae6e75a0e395788
55266c4a3d18d47c18d6774f22b45a46a3a0002c1376580722ebfc4101027a89
57a32821aa342bff22571bea1158676b4665fc8de5cb468a043be716e40edee6
5863ee43d690af6a3db12a7bb3cae37a93c40179c9c691dd8e963588fb6f8d65
5f633e731be39aa8f63b44a301940174424a1f54adab3d50f2f14158ca1c4c79
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6abe5b4a45660d2e1c1a6f439d996d8a69a7a1a472be169c3121ade517b7ab05
6cfa0cecea43e22db2bfb3bc5e4a5b3655ae858485c90defea3d2c36da3b17c2
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6f2bbfb7115dd16c4e26f9e219b655a660c674f4c3ddb1850c5522841f2f3acc
72c3f77b433afa75a1b87848e9c8c4566f98dbd16ec219589696bd943c0b345a
766e715663047135bb6cd3af25cc68ab2352aa765e561d54d55e16bc95b2a602
77f0c1c2df2e3368c138aeceb0f2375533a547c0153c5c041e8fb8327b78a28f
7a29e6defd3f5a185e0a12e6d16dd6b10f466027130f3a546727d05fc53b1120
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
841d631cdf049d2e2d299f210efab42b078927198a34f9d23352aadfdfb1739e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a8193adcab4bd033a2320a67a61c3bbc96b247f0d5496f7ff86153a29049eae
8d3274b0867001332e86f553a5f77f89e0b20f4c5dba0c10033a52e46689b0c3
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
90c1d945e4531ff909f26332b1d0c41ac50150c7f29742e689cd7ce25dd09445
93f0b084014ee73cfd4b13ceb982d2dc87277d4e9fc97057e4b28480db014c87
a0fc484d85341883e9d99cdaeb270493f3e19000547ac67573b6791c1f121d95
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ad75857db09951f390660f90aa509b7cf8877a5a266a5d76d6509e1d6ef9a151
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b20467618c120dfd9bdce32b8332271e6e5ada13bfad4c8a4e5390c1021a601e
b223b72f795de3fd0e0d9e95f9d91b0fa0508047805636c79933094a91d69739
be145f66cf172cb01c5637be6c7f62c28873b78d2e41f6c4c98247355f829e03
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
c2254a087d0b6d55cd365b37a84a960b84b5cc896a61e359f72a54893fac7966
c5460bd74926641b3f399c35793acbe5c864029d848390a5ae4859bc6db08baa
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c75be43e16395447b536a5446e18982c9a1a93b2e3c5833c69bf6b9c13686537
c8fe255a9b8a642674d5141db5197be807181a2bcf81ee73bec30c2494da3bb7
d1ac368e0e9e45826b312abf1acfac674f86a9e6101fbef24404d2e18cf0a3e1
d4c7525c01c489de9abf572955a21bf934f3a1ae5709c7225192fd88b83dfea5
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
e22b61fe5cefdae0821b9463171456dffa8705ad1993d2064f79d156832277ee
e3996b99ed80dcbd9fc0892a5b2014209afd10ad1b2ece6348e59953fb489291
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69c1a96e930d97194c94c282692d598a28be9f8a42477f4e6f32855df5c5893
ebe4f223da21cbfbd78ec0956f28024f6b97f84809adb52456a8e1ef547689ee
ee446e899f23c1c21372a01ea501532cbb374056e947db1183c5a79fcfb3c4d2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0012b6395d041561daf2e79ca7ac163de1236ced15bc7a92462567dfd883e4e
f3adb7da5cfd8d1e85116d53fae99c4ce2d28e2d1f598ae7985d1a6e8a0c1ad1
f8536cb50ddc349a30efc638c8d2284f0704ca3b0561a04d3bd82b699ca8d00e
fd69e58b0334ee241c5c22bfd77fb4aeccac75cc0faf60f287e55d45b27b9480